An article relating to this blog post on Finextra:
Visa introduces SMS one-time passwords for online shopping
Visa has partnered with banks in China and Taiwan to introduce an SMS-based one-time password system for cardholders to authenticate themselves when making online purchases.
:-) Getting warmer...
Using VBV is very much like locking your front door but leaving your windows open. I have said this in 2001 to a VISA security executive : "VBV or 3DSecure's weakness is that it requires ALL online merchants to participate in order for it to work".
The solution is quite simple. This really isn't brain surgery.
VISA Card Issuers should enable cardholders to deactivate their card accounts for card not present (MOTO, internet) transactions and activate the card account for each card not present transaction directly with the issuer and preferably using multi-factor
authentication (OTP). This direct link between cardholder and card issuer applies a universal security effect. The participation of the entire universe of online merchants would not be needed.
Additionally, cardholders access and control of their card accounts will give more transparency to the process and will open up the communication between cardholders and card issuers (banks). Banks can then re-use the same multifactor authentication method
for their online banking. This, in my opinion, is something that bank customers would appreciate nowadays.