Visa is trialling a code-generating credit card that could help to reduce online fraud and identity theft.
Along with Barclaycard, Visa is providing the technology to the consulting firm Deloitte, which uses an alphanumeric display and keypad built into a corporate credit card.
In combination with the user's PIN, the card generates a unique code that can be used by employees to access the company’s virtual private network and make purchases online.
A total of 500 users – including 200 Deloitte corporate cardholders and other users at Visa and Barclaycard – are trialling the technology during a three-month period from April 2009.
Deloitte has used a mobile-based remote authentication system for about a year, but if the card trial is successful the firm will continue using both methods.
“A mixed delivery is quite likely, as some people who need access to the network don’t necessarily need to use a corporate credit card,” said Deloitte financial services partner Stephen Ley.
One of the advantages of the card over a traditional authentication token or device is reduced spending, since the latter have a much higher issuance and maintenance cost, said Ley. Deloitte expects that 65 per cent in savings per user could be obtained by using the code-generating cards instead of a separate device.
“During the trial, we will be assessing the card’s features such as usability, battery life, and the way in which retailers respond to it. We have a call centre set up to support the users, but haven’t experienced any issues so far,” said Ley.
As well as supporting remote network access, the cards offer compatibility with online verification system Verified by Visa, which is designed to prevent card not present (CNP) fraud and identity theft associated with online banking, phone and other remote channels.
“Verified by Visa has helped enormously in tackling online fraud, but we have to be one step ahead of the fraudsters and this is what we are trying to do with the one-time code card,” said senior vice president for innovation at Visa Europe Sandra Alzetta.
“Ecommerce is what really matters – people love it and online sales volumes continue to grow, but we want to help ensure that growth continues in a secure fashion while giving consumers more confidence,” said Alzetta.
Other authentication methods to tackle online fraud include two-factor authentication (TFA) devices, which also give customers automatically-generated one-time passcodes, to use in conjunction with the password they already know.
While TFA works for some customers, others may find it inconvenient to carry the devices whenever they need to purchase items online, said Alzetta, so the integrated card offers customers more choice of security methods.
One-time code cards are one of the several innovation projects at Visa Europe. Such initiatives are regarded as long-term strategies as they rely on customer adoption.
However, the firm is hopeful that the technology will take off in the corporate and banking sector. Visa has ongoing trials with a number of banking institutions across Israel and Europe – including MBNA in the UK – involving 8,000 customers.
The cards are more costly to produce than ordinary cards as they have a PIN pad, battery and a LED screen, but Visa expects it to decrease if they go to mass market.
With online card fraud continuing to increase – it now accounts for over half of all credit card fraud in the UK – new ways to step up security are welcomed by the industry, but with a degree of wariness.
"[The one-time code card] is a clever fraud prevention device and it will be interesting to see how customers get on with it, and whether its use becomes widespread - which will depend on factors including the robustness of the card, the cost of producing them and, of course, what kind of fraud prevention impact they have," said a spokeswoman for payments association Apacs.
reader comments