Tackling online card fraud

Interesting to see that Visa and MasterCard, as well as developing an online PIN system in the shape of Verified by Visa and MasterCard SecureCode, are also working on a two-factor authentication system for online users.

According to APACs, whilst face-to-face card fraud has fallen now the retail industry is moving to Chip & Pin security, online and telephone card fraud - defined as cardholder not present fraud - is now on the increase.

Now it seems that Visa is quietly testing out a two-factor authentication system for cardholders, using a keyring-sized device into which the user's card slides.

Will cardholders use such a device? Maybe, but I could point out that most cardholders already have a two-factor-capable authorisation device in their possession. It's called a mobile phone.

Most mobile phones, even the most basic jobbie, are now capable of using the mobile Internet, something that allow their users to download a small applet to interactively verify who they are, independently of their desktop Internet connection.

For users without mobile Internet access on their GSM handset, users could use text messaging to verify the transaction.

And using a mobile for online transaction security shouldn't be expensive, as the networks already have the capability of reverse billing on text messages. Developing the same system for GPRS or mobile data sessions shouldn't take that much brainpower, should it?

Hats off to Visa and MasterCard, though, for developing online anti-fraud systems. Anybody would think that cardholder not present fraud is costing them money.

It is? Oh, I see...