Interesting to see that Visa (opens in new tab) and MasterCard (opens in new tab), as well as developing an online PIN system in the shape of Verified by Visa (opens in new tab) and MasterCard SecureCode (opens in new tab), are also working on a two-factor authentication system (opens in new tab)for online users.
According to APACs (opens in new tab), whilst face-to-face card fraud has fallen now the retail industry is moving to Chip & Pin (opens in new tab) security, online and telephone card fraud - defined as cardholder not present fraud - is now on the increase.
Now it seems that Visa is quietly testing out a two-factor authentication (opens in new tab)system for cardholders, using a keyring-sized device into which the user's card slides.
Will cardholders use such a device? Maybe, but I could point out that most cardholders already have a two-factor-capable authorisation device in their possession. It's called a mobile phone.
Most mobile phones, even the most basic jobbie, are now capable of using the mobile Internet, something that allow their users to download a small applet to interactively verify who they are, independently of their desktop Internet connection.
For users without mobile Internet access on their GSM handset, users could use text messaging to verify the transaction.
And using a mobile for online transaction security shouldn't be expensive, as the networks already have the capability of reverse billing on text messages. Developing the same system (opens in new tab)for GPRS or mobile data sessions shouldn't take that much brainpower, should it?
Hats off to Visa and MasterCard, though, for developing online anti-fraud systems. Anybody would think that cardholder not present fraud is costing them money.
It is? Oh, I see...