Two factor authentication is key
Banks are having to face up to the realities of the modern highly connected world, which now provides a vast array of opportunities for banks to interact with customers. It has meant that whether as a consumer or a business, the number of transaction channels is now extremely varied and continuing to grow, yet it is not a scenario that all banks are fully prepared for.
At the moment the maximum level of security available to consumers for e-transactions is user ID and password authentication. However, this is already seen as being inadequate for securing financial transactions. Instead, pioneering banks and credit card providers are turning to the obvious candidate for reducing CNP fraud, the EMV smart card.
The reason that the EMV smart card is not already used within consumer e-transactions is the difficulty in including the card within the transaction process. The solution for this, an unconnected reader, is not new. However, the barrier has always been around cost. In other words, is it more cost effective for the bank to accept low levels of fraud rather than the expense of rolling out millions of unconnected readers to consumers? The continuing rise of CNP fraud is beginning to tilt the argument in favour of the rollout option.
In terms of the technology behind the unconnected smart card readers, it is the introduction of a common standard that is the most important innovation. APACS, in association with MasterCard, released specification standards for unconnected smart card readers which have allowed leading manufacturers to offer products for mass consumption at a commercially viable cost.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.