15 December 2017
Alexander Peschkoff

Beyond TEDIPAY

Alexander Peschkoff - TEDIPAY

119Posts 545,668Views 625Comments
Innovation in Financial Services

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

Chip-n-PIN online - is there a business case for it...

18 July 2013  |  3066 views  |  2

Secure Electrans are on a mission to combat e-comm fraud. The concept is simple - give consumers a free PIN pad for home use, so that every e-comm transaction can be done with the same level of security as in a physical store, and participating merchants can benefit from "a dramatically reduced fee."

The difference between "cardholder not present" and "chip & PIN" rates is less than 0.5%, so I wouldn't call that "dramatic". Also, I am surprised that card schemes would class transactions where card details are entered manually - via a conventional PC - as "chip & PIN"... If card details are sent from HomePay securely over the Internet (some pictures do show HomePay with USB connector), why cannot the same - low-cost, I guess - device be used in physical stores?

Also, why would consumers bother with HomePay? If there is a fraud, I can simply call my bank, tell them so and get a full refund. If merchants have to offer a discount or other incentive to make consumers use HomePay, doesn't that defeat the object of cost reduction?

Last but not least, if I were a fraudster, what would stop me from sending out thousands of similar (but bugged) terminals to consumers to collect their card and PIN details?..

 

TagsSecurityMobile & online

Comments: (4)

A Finextra member
A Finextra member | 22 July, 2013, 13:53

Chip & Pin for online => OBePs!

 

why bothering with new devices while you have an already secure two factor autentication method, issued by a trusted source (your bank!) that is hard to beat?

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Alexander Peschkoff
Alexander Peschkoff - TEDIPAY - London | 22 July, 2013, 14:03

Gemalto (one of the top suppliers of such devices) could have extended the use of bank dongles to e-comm, but I don't think they can do that without the banks' consent - which would take years to get... (Not to mention the cost of signing up e-merchants who only recently went through 3D integration...)

Companies such as Accertify address online fraud in a much more efficient way.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 23 July, 2013, 11:55

Let me try to help with a few additional contributions.

To most online merchants a difference of 0.5% is dramatic. The online world is cut-throat and comparison technology has brought margins way down. To a merchant making a slim net profit this change can make all the difference between business and no business.

Of course the benefits to the merchant go well beyond the 'rate' and include all of the reductions Chip&PIN brings to fraud processing and of course chargeback protection. A real win for the merchant from the simple addition of the Chip&PIN acceptance mark on their check-out page and redirect to HomePay.

The assumption about manual entry of details via PC is wrong. HomePay works using standard Chip&PIN from the home with a small certified device - just the same as in a physical shop or at an ATM. Just put in your card, confirm with your PIN and done, end-to-end cryptography, fully EMV / PCI-PTS compliant. The acquirer, schemes and issuer see a standard Chip&PIN transaction.

Simple for the merchant, simple & familiar to the consumer and runs over the existing global Chip&PIN infrastructure deployed by the banks and payment schemes.

EMV has embedded cryptography that HomePay extends with additional protection between the device and HomePay host. The issuer sees the EMV transaction and the card generated cryptogram - take a look at the EMVCo site for a quick tutorial and specifications.

The HomePay device can be used in the home, on the move or in small retail outlets.

Why bother? Just ask anyone subjected to online fraud or account takeover. I expect you will find the reversal of transactions only a small part of the long term pain.

Why bother? Because once I have a HomePay I can make and take transactions, top up my smart utility meter, top-up my mobile/pay-as-you-go card/accounts etc whenever I want - with the same EMV cryptographic protection.

Why bother? Because once I have a HomePay I can authenticate (1) my card and (2) myself to any remote service such as sign-on to my bank, my gaming provider (KYC regulations), central or local government services and more.

Why bother? No wallets / passwords / secret phases / places / dates / pets etc. - all I need is the same card and PIN that I use every day. Simple, safe and secure.

Last but not least - each HomePay is cryptographically authenticated before any of the above starts. See the recent ground-breaking announcement of passing Common Criteria Certification - first in its category.

Now do you want one.....?

Chris Jarman

chris.jarman@electrans.com

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Alexander Peschkoff
Alexander Peschkoff - TEDIPAY - London | 23 July, 2013, 14:45

I agree with you, Chris. The benefits and reasons are all there. Compelling, valid, real. Yet... http://www.finextra.com/Community/FullBlog.aspx?blogid=7955

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Latest posts from Alexander

Second bite of Apple

24 September 2017  |  3862 views  |  0 comments | recomends Recommends 0 TagsPaymentsInnovationGroupFintech innovation and startups

Loyalty is a four-letter word

06 May 2017  |  5885 views  |  1 comments | recomends Recommends 1 TagsRetail bankingStart upsGroupFintech innovation and startups

Before they move us, we move them

14 April 2017  |  6091 views  |  2 comments | recomends Recommends 0 TagsMobile & onlineInnovationGroupFuturistic Banking

Tap-n-PIN mystery

23 February 2017  |  4428 views  |  3 comments | recomends Recommends 0 TagsCardsPaymentsGroupFintech innovation and startups

Alexander's profile

job title CEO
location London
member since 2012
Summary profile See full profile »
I am the co-founder and CEO of TEDIPAY, the company that is bringing to the market a game-changing platform for secure mobile transactions.

Alexander's expertise

Member since 2012
115 posts625 comments
What Alexander reads

Who's commenting on Alexander's posts

Paul Love
Ketharaman Swaminathan
Anthony Pickup
Alex Lithgow Smith