Increasingly, fraud is following the big money online. GrowthBusiness looks at an innovation with the potential to cut credit card crime on the web.
Increasingly, fraud is following the big money online. GrowthBusiness looks at an innovation with the potential to cut credit card crime on the web.
Online shopping will mean the difference between success and failure for many growing businesses this winter. A study of two million online shoppers by IMRG, a membership community for the e-commerce industry, found that 68 per cent of respondents said that they were more likely to shop online this Christmas, with 79 per cent believing online pricing was more competitive.
The internet is increasingly where the money is and that means fraud. Authentication is the greatest obstacle to online security: ensuring that the person on the other end with the credit card is who they say they are.
‘Most cards issued in the UK have 17 different security features, including a hologram and special typeface available only to the manufacturer,’ explains Mike Davies, marketing director for VeriSign, a security company that also administers the internet’s major .com and .net lookup hubs under contract to the US government.
‘The problem is, nothing on the card changes,’ he says. ‘Even online, where the number one problem is phishing, the username and password for a card never change and that makes people vulnerable to being keylogged.’
Very Important Protection
The company has devised a credit card-sized one-time password (OTP) authentication device they call a VIP security card. A window in the card displays a different number every time the card is squeezed, drawn from an algorithm based on the card’s individual ID.
When logging on to a website or using a credit card, one of these randomly generated numbers must be entered along with a username or password. The member site (such as eBay or Paypal) confirms with a VeriSign authentication server that the number is valid, ensuring that logins or online transactions can only be made by the person actually holding the card.
While some banks, including Bank of China, give their customers a separate device which fulfills the same function, the idea of combining the credit card and the number-generating device is a new one.
‘It’s our silver bullet,’ says Davies. ‘Banks have said they will adopt it if consumers want it – they see it as a differentiator.’
The only limitation is the card’s cost – between £17 to £20, whereas the average annual cost of online fraud per consumer is somewhere in the vicinity of £4.77. ‘Over time the cost will come down,’ he predicts.