Community
:-) Getting warmer...
Using VBV is very much like locking your front door but leaving your windows open. I have said this in 2001 to a VISA security executive : "VBV or 3DSecure's weakness is that it requires ALL online merchants to participate in order for it to work".
The solution is quite simple. This really isn't brain surgery.
VISA Card Issuers should enable cardholders to deactivate their card accounts for card not present (MOTO, internet) transactions and activate the card account for each card not present transaction directly with the issuer and preferably using multi-factor authentication (OTP). This direct link between cardholder and card issuer applies a universal security effect. The participation of the entire universe of online merchants would not be needed.
Additionally, cardholders access and control of their card accounts will give more transparency to the process and will open up the communication between cardholders and card issuers (banks). Banks can then re-use the same multifactor authentication method for their online banking. This, in my opinion, is something that bank customers would appreciate nowadays.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Igor Kostyuchenok SVP of Engineering at Mbanq
14 May
Jonathan Hancock Head of Product & Innovation at The ai Corporation
13 May
Aron Alexander Founder and CEO at Runa
12 May
Taras Boyko Founder at BTG Corporate Services Provider
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.