Wednesday, 15 April 2020

SWIDCH: WHY NUMBERLESS CARDS ARE NOT ENOUGH TO TACKLE PAYMENT FRAUD





A UK cybersecurity startup, swIDch, announced an alternative technology to overcome the limitations of numberless cards by using its Dynamic Virtual PAN (primary account number) technology, thereby creating a new security environment in the payment process. This patented technology is a complete API-driven, CNP security solution that replaces static with dynamic PANs as well as eliminating access points for hackers. (Graphic: Business Wire)

LONDON, April 14 (Bernama-BUSINESS WIRE) --
A UK cybersecurity startup, swIDch, announced an alternative technology to overcome the limitations of numberless cards by using dynamic PANs (primary account number), thereby creating a new security environment in the payment process.

Eliminating numbers on payment cards increases security if customers lose their card. However, hackers can exploit weaknesses through online payments.

Numberless cards appear to be a new trend in finance combined with a substantial growth of e-wallet services. Apple’s credit card, GrabPay in Asia and a few European Fintechs plan to launch the product with similar benefits. The purpose of numberless cards is to increase security. It reduces the risk of personal information loss when the card falls into the wrong hands. However, when it comes to online payments, customers’ credentials are still at risk of being targeted for CNP (Card Not Present) fraud. This is because the customer’s card information is static.

For online payments, customers are often required to input their card information. For those with numberless cards, they can view their card number in the issuer’s App. In this procedure, the static PANs can be exposed to hackers and the cardholders become victims of CNP fraud. Another consequence of using static PANs is BIN (Bank Identification Number) attacks letting cybercriminals know BIN numbers and systematically generate potential valid card numbers.

To prevent CNP fraud, e-wallet providers adopt tokenization technology to substitute sensitive data for mobile payment. However, only 35% of online merchants have integrated this technology, leaving the remaining vulnerable to CNP fraud.

http://mrem.bernama.com/viewsm.php?idm=37150

No comments:

Post a Comment