Today MasterCard announced that it has approved personal card readers and authentication servers from four vendors for MasterCard Advanced Authentication for Chip- a new EMV authentication solution that leverages the hundreds of millions of EMV cards already in the wallets of cardholders.
This means that banks looking to manage the growing threat of online fraud can today deploy this best-of-breed two-factor authentication solution by working with leading providers to the payments industry: DSSS, Gemalto, Logos and Thales.
The Advanced Authentication for Chip is the latest evolution of the Chip Authentication Program (CAP) solution that allows cardholders to authenticate themselves using their existing EMV banking card and a personal card reader issued by their bank. The reader generates single-use password that can be used for e-banking transactions, e-commerce, telephone authentication or a whole host of other uses where the customer is not face-to-face with the bank or merchant: these transactions are known as Card Not Present.
With a MasterCard-commissioned survey showing that 84% of UK and Benelux cardholders think that their bank should have responsibility for online banking security, it is important for the reputation of banks for them to deploy effective and simple security systems. As Advanced Authentication for Chip replicates the same simple process that cardholders are accustomed to from chip-enabled retail environments, it makes remote authentication easy for them to understand, and easy for them to use.
Unlike a standard authentication token or paper-based system, Advanced Authentication for chip allows part of the transaction data to be included in generation of the password - this means that banks can get cardholders to create a unique signature for the transaction and is a major leap forward in the prevention of man-in-the-middle attacks, a huge problem in e-banking and e-commerce.
Art Kranzley, Chief Emerging Technology Officer at MasterCard, said, "Our solutions are only as strong as the support they receive from the vendor community. Advanced Authentication for Chip offers tangible benefits to issuers, cardholders and merchants. Vendor solution components are approved by MasterCard to ensure highh standards and global interoperability."
"Several million online customers have already been using Gemalto's complete CAP solution for authentication and transaction signature, including server and readers," added Cédric Collomb, senior vice president, Identity and Access Management at Gemalto. "Now, our Advanced Authentication for Chip solution will allow more online banking customers to use standardized chip-based authentication across the world."
Franck Greverie, vice president, managing director for the information security activities of Thales concludes "Our support for Advanced Authentication for Chip demonstrates our continued commitment to working with MasterCard so that our customers are able to make online and Card Not Present transactions safer for EMV cardholders, and dramatically reduce fraud."