Executive Brief 005
Author: Simon Hewitt, CEIO, OtherPay Pty Ltd
Addressing purchase fraud with a unified solution
Card-Not-Present (CNP) fraud has emerged as the dominant fraud vector in modern financial transactions, exploiting the vulnerabilities of traditional card-based payment systems.
Listen to this article • 6:30 min
The exposure of card details online and the persistence of outdated security methods, such as static card numbers, contribute to this growing problem.
While many in the financial industry acknowledge the urgency of addressing CNP fraud, the solutions implemented thus far fail to tackle the broader issue: the lack of a unified approach that secures both online and in-store transactions.
The Inadequacy of Current Solutions
For over five decades, the industry has relied on a payment card and 4-digit static PIN system for transactions completed in person. However, this approach has failed to evolve alongside the technological advancements that shape modern commerce.
Retaining a 53-year-old solution in terms of card and PIN for physical purchases demonstrates a failure to consider how a single solution could alleviate fraud both in-store and online.
Attempts to mitigate CNP fraud by tokenizing or encrypting card details in digital environments only provide temporary relief, as fraudsters continuously adapt.
A truly effective solution must eliminate the reliance on exposed card details altogether and ensure that every transaction – whether in-store or online – requires both the physical card and the legitimate cardholder’s presence and authentication.
Bridging the Gap:
A Unified Shopping Experience.
The widely recognized use of one-time-PINs (OTPs) to protect digital transactions has proven essential in mitigating the risks associated with static codes.
However, this level of protection hasn’t been extended to in-store transactions or ATMs, largely due to the reliance on existing technologies that are considered resistant to change.
But what if that mindset shifted?
Introducing dynamic PINs at Point-of-Sale (POS) and ATMs would make infinite sense.
Just like OTPs protect online transactions, dynamic PINs could offer a more secure, adaptable solution to safeguard in-person and ATM transactions.
This approach would ensure that both digital and physical shopping experiences benefitted from the same level of protection, creating a seamless, unified security solution.
The OtherPay Advantage: A Holistic Fraud Prevention Model
OtherPay introduces a paradigm shift in payment security by ensuring that no transaction can occur without both the physical card and the legitimate cardholder being present. That applies to both in person and online.
By removing card details from cards so that such details are no longer exposed, OtherPay eliminates the primary vulnerability exploited in CNP fraud. This approach
offers several key benefits:
1. Eliminating Data Exposure:
2. Fraudster Deterrence:
3. Elimination of CNP Transactions:
OtherPay removes the concept of a CNP transaction altogether, ensuring that all purchases require both the card and the legitimate cardholder.
4. Cost-Effective Implementation:
5. Consumer Confidence and Convenience:
1. Unified Security Across Channels:
Instead of treating in-store and online fraud as separate challenges, OtherPay provides a single, robust solution that secures all transactions uniformly.
2. Enhanced Security:
Dynamic codes are time-sensitive and change for every transaction, making them much harder to intercept or replicate than static PINs or security codes, reducing the risk of fraud from phishing, card skimming or PIN theft.
3. Mitigated Impact of Data Breaches:
Even if card data is stolen, dynamic codes ensure that compromised card details alone are not enough for fraudsters to perform unauthorized transactions, as the codes are no longer static.
4. Increased Customer Trust:
5. Exceeding Compliance with Security Standards:
OtherPay’s dynamic codes exceed the latest security standards – like EMV and 3D Secure (3DS) – because the user generated codes contain embedded credentials needed to authenticate the user. OtherPay does not rely on the return of an OTP that would have been sent to the user and therefore at risk of being intercepted.
6. Reduced Card Cloning Risk:
Since the PIN is always changing and is unique for each transaction, it prevents fraudsters from successfully cloning cards and using them for unauthorized transactions.
7. Future-Proofing Against Emerging Threats:
As fraud techniques continue to evolve, dynamic codes adapt by providing a more resilient solution that can withstand new threats and vulnerabilities.
8. Global Interoperability:
Dynamic code based systems can work across various regions and payment networks, making them a versatile security tool that improves transaction security on a global scale.
These benefits significantly improve the security and reliability of card-based transactions, making dynamic authentication codes a valuable addition to any payment system.
Finally, with a patented default position of ‘inactive,’ the theft of any card would be ineffective. Without the companion OtherPay app and authentication of the legitimate user, the card could not be activated for use.
Conclusion
Retaining outdated security measures for physical purchases while attempting to patch digital vulnerabilities has proven ineffective in reducing fraud.
The financial industry must embrace a solution that addresses fraud at its root – ensuring that every transaction requires the physical presence of both the card and its rightful owner.
OtherPay represents this next-generation approach, offering a long-term, sustainable solution that minimizes fraud risk across all payment environments.
It is time to move beyond fragmented fixes and adopt a comprehensive security model that protects consumers and businesses alike.
With OtherPay, the future of secure transactions is now here.
