EMV chip technology adoption has enabled issuers to efficiently fight "card present" (card payments in physical stores) fraud. However, consequently, fraud is increasingly shifting to "card-not-present" (CNP) transactions carried out mainly online. According to the ECB1, 60% of the value of total card fraud in Europe in 2012 resulted from card-not-present (CNP) payments.To address this growing concern for issuers, e-merchants and cardholders, we are launching the worlds first payment card integrating a Biometric Dynamic Card Verification Value (BDCVV), a dynamic 3 or 4-digit security code displayed on a mini-screen on the payment card. The standard CVV/CVC or security code is a 3 or 4-digit code usually printed on the back of a payment card, next to the signature panel. It is used as an additional security element to secure an online transaction by verifying that the cardholder is actually in possession of the card.
With our new biometric OTP credit card, the static printed code is replaced by a mini-screen that displays a new code every time the authorised cardholders fingerprint is being recognised.
This solution provides very high security since a release of the BDCVV code only can be done by the cardholders fingerprint. It doesn't require any changes in merchant infrastructure, so Banks can immediately deploy it on their own initiative to block the growth of fraud. For the cardholder, this is fully transparent and very secure: no plug-in to install on their web browser, just swipe your finger and the code appears on the credit cards mini-screen. The key benefit is the code's dynamic generation done by the cardholders fingerprint. As a result, if stolen, the credit card itself is fully protected and cannot be abused.
The credit card information including the BDCVV/BDCVC immediately loses any value for fraudsters who usually resell stolen credit card data on "dark websites" to people who buy them to perform fraudulent online purchases.
For e-merchants, this new product is also fully transparent. They do not have to modify their payment page on their website adding more buttons or managing special complicated connectivity: the BDCVV/BDCVC entered by cardholders is seen by the payment page as a standard CVV/CVC security code in a regular online card transaction.
For issuers (or their processors), a specific server synchronised with the algorithm rules defined in the credit cards will be needed, and is part of Quardlock offerings together with consulting services enabling to find the most efficient approach for a quick time-to-market.
The solution is compliant with every existing online payment infrastructure; it brings customers reassurance together with an improved user experience on security and an easy enrolment process, guaranteeing excellent customer acceptance, and fast deployment.