Oberthur Technologies (OT), a world leader in digital security solutions for the mobility space, today announced that it is launching the first payment card integrating dynamic Card Verification Value/Code (dCVV/dCVC) technology from NagraID Security (NIDS) in order to secure online transactions. NIDS is the display card specialist acquired by OT last month.
EMV chip technology adoption has enabled issuers to efficiently fight “card present” (card payments in physical stores) fraud. However, as a consequence, fraud is increasingly shifting to “card-not-present” (CNP) transactions carried out mainly online. According to the ECB1, 60% of the value of total card fraud in Europe in 2012 resulted from card-not-present (CNP) payments.
To address this growing concern for issuers, e-merchants and cardholders, OT is launching the first payment card integrating dCVV/dCVC technology from NIDS. The CVV/CVC or security code is a 3 or 4-digit code usually printed on the back of a payment card, next to the signature panel. It is used as an additional security element to secure an online transaction to ensure that the cardholder is actually in possession of the card. With this innovative product, the static printed code is replaced by a mini-screen that displays a code which is automatically refreshed according to an algorithm loaded in a chip embedded in the plastic.
For the cardholder, this is fully transparent: no plug-in to install on their web browser, no button to press, the code appears at the same location on the card, the key benefit being the code’s dynamic generation and periodical refresh. The refresh timing is defined by the card issuer, for instance each hour. As a result, if stolen, the card information including this dCVV/dCVC immediately loses any value for fraudsters who usually resell stolen card data on “dark websites” to people who buy them to perform fraudulent online purchases.
For e-merchants, this new product is also fully transparent. They do not have to modify their payment page on their website adding more buttons or managing special complicated connectivities: the dCVV/dCVC entered by cardholders is seen by the payment page as a standard CVV/CVC security code in a regular online card transaction.
For issuers (or their processors), a specific server synchronized with the algorithm and refreshing rules defined in the cards will be needed, and is part of OT offering together with consulting services enabling to find the most efficient approach for a quick time-to-market.
To meet an increasing customer interest and to anticipate massive adoption, OT is ready to supply its customers with this technology which will revolutionize the payment industry. Limited samples are already available and customer pilots will start in Q4 of this year. Commercial shipments will begin in the first half of 2015.
“Our dCVV display card is an excellent and convenient shield cardholders can have to securely access e-commerce websites and fight online fraud”
said Eric Duforest, Managing Director of the Payment Business Unit at OT.
“Our customers recognize that this dCVV/dCVC technology is extremely easy to use to rapidly and drastically reduce card-not-present fraud and provide their cardholders with a safe way to access online services. Furthermore, the solution is compliant with every existing online payment infrastructure; it brings customers reassurance together with an unchanged user experience and no need for an enrolment process, guaranteeing excellence customer acceptance, and fast deployment”.
Cyril Lalo, CEO of NagraID Security, added:
“As soon as the ramp up process is finalized, we will also be offering it to our global distribution network of NIDS customers which has already expressed a strong interest. We firmly believe that this product will be a milestone in the evolution of the payments industry.”
1: European Central Bank (ECB) report on card fraud – February 2014