Escolar Documentos
Profissional Documentos
Cultura Documentos
Overview Guide
enables
Dynamic passcod
Visa cards are used in all payment environments: point-of-sale (POS), via the Internet, by mail or by telephone. No other payment mechanism offers such flexibility, ease of use and convenience. Visa cards are well suited to the Internet, offering consumers the same familiarity, convenience and trust they are used to when purchasing face-to-face. Usage of Visa cards via the Internet continues to grow at a higher rate than face-to-face sales. As additional levels of security are introduced via chip and PIN, fraudsters are focussing more closely on the card-not-present (CNP) environment. It is therefore essential that consumer confidence in this environment is not eroded. To this end, Visa is working closely with its member banks to understand the implications of introducing additional levels of security. One of these areas is dynamic passcode authentication.
provides
additional
security for:
de authentication
e-banking
Telephone Order
The one-time dynamic passcode is an alternative to static passwords commonly used today in online banking or when making purchases over the Internet. Because the one-time dynamic passcode is useless in subsequent transactions, dynamic passcode authentication extends protection against online fraudsters and phishing attacks. It also leverages Visa member banks investment in chip card technology and consumers familiarity with chip and PIN. Visa card issuers with smart card programmes could implement dynamic passcode authentication on their online banking sites and Verified by Visa authentication page to further enhance fraud protection.
Potential benefits
Cardholders: A tangible security device increases confidence in remote transactions Reduces the hassle associated with forgotten or stolen passwords Merchants: The baseline infrastructure for securing online purchases through Verified by Visa means that merchants could get full benefit from dynamic passcode authentication by simply participating in the Verified by Visa programme Potentially the same solution as that for e-commerce can be used for telephone order transactions Member banks: Provides a form of strong authentication in the CNP environment Helps counter spoofing and phishing attacks that target passwords Leverages chip card investment
Reduces costs associated with forgotten passwords for online banking Could simplify the enrolment process for Verified by Visa, since cardholders would not need to register a Verified by Visa password
the specifications. This approach would offer the greatest economies of scale, an important consideration if moving to mass issuance. Visa can provide the requisite specifications and card personalisation parameters for enabling a Visa card to interact with standard readers. Visa can also provide a list of vendors who provide suitable readers. This information is available to Visa member banks upon request.
Future roadmap
The initial issuer motivation for implementing dynamic passcode authentication is most likely to be as a way to secure their current account environment from phishing and related fraud. Since it is the Visa debit product that it typically associated with current accounts, Visa debit cardholders are likely to be the first to receive dynamic passcode authentication enabled cards and associated readers. Verified by Visa transactions for increased security in the e-commerce environment would be facilitated by the fact that the underlying infrastructure has been designed to accommodate dynamic passcode authentication. Therefore, issuers are also likely to extend dynamic passcode authentication to Visa credit cards as well. In the future and using Verified by Visa as the platform, it could be possible to utilise dynamic passcode authentication in the telephone order environment. Ultimately dynamic passcode authentication may provide the consumer with a single unified payment experience. Regardless of whether they are paying in the face-to-face or CNP environments they will know that they are protected by chip and PIN technology.
Next steps
Visa can provide active support to members seeking to further understand or to rollout a dynamic passcode authentication service. For further information, please contact: Dipak Chotai Tel: +44 (0)20 7795 5039 Email: chotaid@visa.com John Griffiths Tel: +44 (0)20 7795 5281 Email: griffitj@visa.com