Beyond EMV, Industry Giants Look to Upgrade Security Measures to Improve Protection for Shoppers and Merchants
Coming this spring to a store near you – better protection from fraud and theft. At least that’s what Visa and MasterCard are hoping to accomplish with two new programs.
In her story on consumerist.com, Kate Cox describes the technology each company is planning to introduce. The following has been excerpted from Cox’s piece and edited to fit our format. You may find the full article by clicking on this link.
MasterCard’s two-pronged approach
One element is a program called MasterCard Safety Net. The company claims … that Safety Net “provides an independent layer of security on top of the tools and policies of financial institutions, by monitoring and blocking specific transactions based on selected criteria.”
The company promises, “Safety Net is designed to intervene only in extreme cases to block fraudulent activity.”
The other half of MasterCard’s strategy is biometrics. The company is pairing with First Tech Federal Credit Union to work on a pilot program that will allow customers to use unique identifiers — including face, fingerprint, and voice matching — to authenticate and verify transactions.
EMV transition going well
MasterCard reports that the transition is “well underway”, with half of all cards and just under half (47%) of all point-of-sale terminals projected to be chip-enabled by the end of 2015.
Visa takes a different approach that works like Apple Pay
Where MasterCard is focusing on making the customer prove a charge is authorized, Visa is working on scrambling information that might be stolen, so [that thieves can’t use it.].
[Called] the Visa Token Service, [it] works in basically the same way Apple Pay does (in fact, it’s part of Apple Pay): instead of transmitting your 16-digit card number, expiration date, and security code, Visa instead shares a unique number — your token — with the merchant getting paid.
If someone intercepts the transmission or the system and manages to yank that token, all they have is a string of numbers. It’s not a thing that can be cloned onto a new payment card or used in any meaningful way.
What’s new about it is that Visa is trying to expand the Token Service out of just mobile payments, and into traditional online retailers as well. When your credit card is stored on the site of a merchant you regularly shop with, that’s a weakness: anyone who breaches that database has…everything they need to commit fraud on your card. But if the merchant stores a random token in your account information, instead of your credit card number, that data once again becomes meaningless to thieves even while it remains convenient to consumers.
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.