Nearly six months into the coronavirus pandemic it’s well known, and broadly reported, that the payments industry is dealing with exploding card-not-present (CNP) fraud, the proverbial elephant in the room.
From consumers who made their first-ever online purchase, to people for whom e-commerce is virtually their only form of shopping, e-commerce has skyrocketed since the virus took hold, and isn’t expected to slow even after brick-and-mortar shopping fully reopens.
Not only is the percentage of CNP transitions going up, nearly doubling during COVID-19, but the amount of fraud per dollar of CNP transactions is also dramatically increasing, and combined CNP fraud is through the roof. While chip technology is working to reduce card present fraud, today CNP has moved beyond what anyone finds tolerable.
As the gatekeepers of solutions that benefit cardholders, it’s our responsibility to get the best solutions available into cardholders’ hands. Technology called dynamic CVV2 (dCVV2), which has been in development for several years now, is ready for prime time. Initial trials are underway, and early results indicate that dCVV2 prevents the majority of CNP fraud. Because it’s a card-issuer solution implemented on the card network, banks and credit unions can sign up easily, with no integration required. Merchants continue to request the CVV2, and the dCVV2 is entered by the cardholder at checkout.
Dynamic CVV2 includes both card and smartphone app-based solutions. Card solutions replace the static CVV2 on the back of the card with a small LCD that displays the dCVV2, which changes periodically.
A software app-based dCVV2 solution replaces the static CVV2 printed on the card with a dynamic dCVV2 that is delivered to a user’s smartphone, configurable from every 1-18 hours. App-based dCVV2 is more scalable, as it can be used with already-issued cards, eliminating the need for an expensive new card with a battery and LCD.
Just last month, the Secure Technology Alliance, a not-for-profit cross-industry association whose goal is to stimulate the understanding, adoption and widespread application of secure cards solutions, released a white paper identifying dynamic security codes as the most promising weapon against e-commerce CNP fraud. The white paper’s conclusion: “Cards that incorporate dynamic security codes are an effective solution to combat CNP fraud, regardless of the technology used to implement the codes. Dynamic data is by definition more secure than static data, and when it is layered with other security solutions, such as EMV 3DS or SRC, fraud mitigation is greatly improved."
“The gold standard in security is to use a layered approach. Dynamic security code cards are an easy layer that any issuer can incorporate into their security strategy,” the report goes on to say.
There’s never been a better time, nor better technology available, to make cardholders safe from CNP fraud.
