25 September 2017
visit www.avoka.com

BPCE pilots dynamic CVV code for online shopping

20 May 2015  |  10157 views  |  12 OT mini-screen card

Banque Populaire and Caisse d’Epargne are to pilot a payment card that replaces the three-figure CVV code on the rear of the card with a small screen display that automatically changes periodically.

The French banking group plans to put the first cards into the hands of 1000 customers from this September.

The bank says the technology, developed by Oberthur, will improve security for consumers purchasing online and entails no changes to the usual check-out procedure at the merchant side.

Nicolas Chatillon, head of development - payments, strategic marketing and studies - at BPCE Group, says: "The Banque Populaire and Caisse d'Épargne networks will be the first banks in the world to give their customers the opportunity to experiment with this new payment card technology to make their online purchases even more secure. This initiative is an integral part of the BPCE Group’s commitment to payment solutions and its determination to step up the battle against fraud."
KeywordsE-COMMERCE

Comments: (12)

A Finextra member
A Finextra member | 20 May, 2015, 11:01

Laudable initiative from Banque Populaire and Caisse D'Epagne ! Credit to Oberthur for developing the technology. But it is unclear how the actual validation is proposed to be done (replacing the 3-digit CVV, as earlier).

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 20 May, 2015, 11:24

I cant see how this will stop fraud on Cards. Yes it will work if the card has been subject to "phishing" but if someone steals your physical card then they have the credentials anyway.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Riten Gohil
Riten Gohil - Sphonic - London | 20 May, 2015, 11:54

Interesting development though the first use of display cards with Dynamic CVV was with ICC-Cal in Israel. At the time it was an exciting innovation (circa 2008) however the costs were prohibitive - given all the players in the card manufacturing eco-system. However with Oberthur buying Nagra ID, and recently investing in component manufacturing in China there is scope to industrialise this beyond 'cool pilots' if the costs can be viable.

The other aspect is the interplay of authentication with Dynamic CVV, and then 3D Secure if appropriate - in France this is certainly the case. Double-authentication can be cumbersome to the consumer.

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 20 May, 2015, 12:04

Carl raises a valid point about card theft. That compromises the Dynamic CVV feature. 

Couble authentication will probably be a step in the right direction, though cumbersome to the customer/payee. Will request Riten to share details about the ICC-Cal innovation. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Riten Gohil
Riten Gohil - Sphonic - London | 20 May, 2015, 12:16

@shoumit I was trying to dig this information out about CAL - it solved the issue Carl raises about card theft - as it had a keypad for you to enter a PIN. Don't underestimate the issue of customer authentication friction, it can be a bigger risk to business than fraud itself. Security measures are clearly critical to the eco-system but they need to be balanced with the fact that genuine consumers needs to be able to transact effectively in the fast moving digital payments world.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 20 May, 2015, 12:22

A solution to the dynamic CVV would be to couple it with a 2 Channel Authentication system. When the card is used in an online transaction have it "Ping" your phones Banking App (or something else linked to the card) then you either enter a pin to verify the transaction or decline the transaction on the phone! 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 20 May, 2015, 12:25

Thanks for your inputs, @riten and @carl.

1 thumb up! 1 thumb up! (Log in to thumb up)
Riten Gohil
Riten Gohil - Sphonic - London | 20 May, 2015, 12:37

Carl - I think you are on the right track but the answer in that regard is - why do you need an electronic card? The mobile has the capbility to do all of the above (and more) today without navigating through a complex manufacturing process.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 20 May, 2015, 12:40

Agree Riten, This solution can be impleminted now without the need for the complex manufacturing process. That was my argunment at the start, the card should be made irrelevent in the online space!

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Matt Scott
Matt Scott - RenovITe Technologies Inc - London | 20 May, 2015, 13:42

They would have been better off enhancing their mobile application to secure Customer Not Present transactions by using 2FA - this implementation just adds to the cost of issuance, and has already been observed, does not prevent fraud if the card is lost/stolen.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 21 May, 2015, 06:31

Generally everything enhancing the customers protection against fraud is more than welcomed. But if the targeted market is the online one then I agree with Riten and think the job could be done without a card. A smartphone plus 2FA is OK.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 21 May, 2015, 09:57

@RitenG + 1: "Don't underestimate the issue of customer authentication friction, it can be a bigger risk to business than fraud itself."  

For over 2 years now, CNP transactions in India have been requiring 2FA via (static) VbV password or (dynamic) Mobile OTP. This improves security and virtually eliminates the potential for fraud. Alongside that, it causes a lot of authentication friction and failed transactions. Personally, I've largely given up on card use online because of the friction and gone back to cash. 

Why I Went From Card To COD

Yes, cash, even for ecommerce. Even flights can be bought on Cash on Delivery in India. Even UBER has started piloting cash in India last week.

Actual loss of revenue due to authentication friction is so high that some startups have shifted out of India to escape the 2FA regulation. Unexposed to the diametrically opposite views expressed by many on Finextra, some of these startup founders have even gone on record saying the US payment system - no chip, no CVV, no VbV - is 10 years ahead of the Indian one!

For a more impersonal and objective coverage of the impact of 2FA / Mobile OTP, see my other blog post:

Mobile OTP: Cyanide Or Caffeine For Online Payments?

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

MasterCard and CIBC join $70m Dynamics funding round

MasterCard and CIBC join $70m Dynamics funding round

08 December 2014  |  7302 views  |  0 comments | 6 tweets | 5 linkedin
French bank preps Twitter-based P2P payments service

French bank preps Twitter-based P2P payments service

15 September 2014  |  12857 views  |  7 comments | 36 tweets | 15 linkedin
MasterCard and Absa launch dual debit-credit card with built-in display

MasterCard and Absa launch dual debit-credit card with built-in display

28 November 2012  |  11878 views  |  1 comments | 5 tweets | 7 linkedin
Re-programmable card start-up Dynamics bags £35 million funding

Re-programmable card start-up Dynamics bags £35 million funding

29 June 2011  |  5723 views  |  0 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.capgemini.comvisit www.ncr.comvisit www.sibos.com

Top topics

Most viewed Most shared
HSBC switches on selfie payments in ChinaHSBC switches on selfie payments in China
13680 views comments | 29 tweets | 44 linkedin
AXA launches blockchain to cover late flight compensationAXA launches blockchain to cover late flig...
10431 views comments | 14 tweets | 30 linkedin
Apple P2P payments service nears launchApple P2P payments service nears launch
8693 views comments | 19 tweets | 27 linkedin
SBI Ripple Asia advances on South KoreaSBI Ripple Asia advances on South Korea
8644 views comments | 16 tweets | 1 linkedin
ISO 20022: The common language of choiceISO 20022: The common language of choice
8418 views comments | 1 tweets | 2 linkedin

Featured job

Competitive
London, UK (or flexible)

Find your next job