Credit card security relies on the physical security of the plastic card as well as the privacy of the credit card number. Therefore, whenever a person other than the card owner has access to the card or its number, security is potentially compromised. Merchants often accept credit card numbers without additional verification for mail order purchases. They however record the delivery address as a security measure to minimise fradulent purchases. Some merchants will accept a credit card number for in-store purchases, whereupon access to the number allows easy fraud, but many require the card itself to be present, and require a signature. Thus, a stolen card can be cancelled, and if this is done quickly, no fraud can take place in this way. For internet purchases, there is sometimes the same level of security as for mail order (number only) hence requiring only that the fraudster take care about collecting the goods, but often there are additional measures. The main one is to require a security PIN with the card, which requires that the thief have access to the card, as well as the PIN.
An additional feature to secure the credit card transaction and prohibit the use of a lost credit card is the MobiClear solution. Each transaction is authenticated through a call to the user mobile phone. The transaction is released once the transaction has been confirmed by the cardholder pushing his/her pincode during the call.
The PCI DSS is the security standard issued by The PCI SSC (Payment Card Industry Security Standards Council). This data security standard is used by acquiring banks to impose cardholder data security measures upon their merchants.
0 comments
Post a Comment