Arcot today announced a new EMV authentication solution for cardholders to authenticate "Card Not Present" transactions using their mobile phones.
This new solution -- ArcotOTP -- lowers the cost of providing EMV authentication and increases the convenience for cardholders on the go.
ArcotOTP can be used by the hundreds of millions of EMV cardholders and allows them to use their mobile phones to secure e-banking, e-commerce, telephone orders or a whole host of other transactions where the customer is not face-to-face with the bank or merchant. The new ArcotOTP mobile application, combined with the Chip Authentication Program (CAP) solution from MasterCard, increases security, reduces the risk of fraud and makes it easy for cardholders to shop or bank online no matter where they are in the world.
The ArcotOTP mobile solution extends the range of devices available for MasterCard CAP authentication and provides customers with the ability to authenticate with an application that runs on their mobile phones. Because ArcotOTP is compliant with MasterCard CAP, it can be used in conjunction with other EMV authentication devices. For instance, a consumer may authenticate with a personal card reader at home but use the mobile ArcotOTP while on the go.
Now that an EMV authentication solution is available on a mobile phone, cardholders do not have to carry an extra hardware device to authenticate their e-banking or e-commerce transactions. With this latest solution from Arcot, the mobile phone can be used in place of the card reader to generate the single-use password, making it convenient for commuting or traveling.
The Chip Authentication Program (CAP) solution from MasterCard allows cardholders to authenticate themselves using their existing EMV banking cards and a personal card reader or the ArcotOTP mobile application issued by their banks. The reader or ArcotOTP application generates a single-use password that can be used for "Card Not Present" transactions. Unlike a standard authentication token or paper-based system, CAP allows part of the transaction data to be included in generneration of the password - resulting in a unique signature for each cardholder transaction which is a major leap forward in the prevention of man-in-the-middle attacks, a growing problem in e-banking and e-commerce.
"Arcot's goal is to provide solutions that make it easy for businesses and consumers to reduce fraud. Our latest offering, ArcotOTP, is a breakthrough in convenience. Cardholders can now use their mobile phones with MasterCard CAP to protect themselves when shopping or banking online. Financial institutions can deploy this protection to more customers without having to issue cumbersome card readers that can be lost or broken resulting in additional cost," said Ram Varadarajan, President and CEO of Arcot Systems, Inc. "Arcot has a long history of partnering with MasterCard to provide increased security in 'Card Not Present' transactions."
With its patented "cryptographic camouflage"
key-concealment technology, Arcot has created a way to provide protection for "Card Not Present" transactions on the mobile phone while remaining fully compatible with the existing EMV infrastructure.
"Innovative partners such as Arcot play a key role in achieving MasterCard's vision of secure, convenient commerce and banking available on PCs and mobile phones," said Art Kranzley, chief emerging technology officer, Advanced Technology, MasterCard Worldwide. "The ArcotOTP mobile authentication application allows us to expand the choices available to our customers for protecting online financial transactions from internet theft and fraud. This application also increases the value that EMV brings to merchants, financial institutions and consumers worldwide."
ArcotOTP is available immediately and works on the world's leading mobile platforms including Apple iPhone, BlackBerry RIM, Google Android and Windows Mobile. The ArcotOTP solution also works on most Nokia phones, and with most feature phones by Samsung, LG, Motorola and Sony Ericsson that are equipped with Java, MIDP 2.0 and CLDC 1.1.