EMV and Card Not Present FraudThe US migration and conversion to EMV has been very successful at reducing counterfeit fraud. As a result, fraudsters have focused attention on e-commerce and card not present (CNP) transactions. Typically, a merchant or retailer requires only an account number, name, expiration date and a card’s CVV number. The three-digit code on the back of credit cards – the CVV – helps ensure that the individual making a transaction is indeed the cardholder. However, fraudsters have found ways to gain access to CVV numbers via phishing attacks, key loggers and other tricks that steal the information directly from a cardholder. To combat such fraud, card manufacturers have created dynamic, or changing, CVV codes. By constantly changing the code, it becomes impossible for someone to know the number without holding the physical card.
Dynamic CVV Challenges in Penetrating MarketsThe use of a dynamic CVV can only happen by adding a ‘display’ to the card that shows the changing value. Adding this technology to a plastic card has several key challenges. One challenge for card makers to penetrate the market with dynamic CVV stems from the price of creating a battery-powered card, which increases issuer card costs by 200-400 percent. When first introduced, battery life wasn’t long enough to reach a card’s expiration date, and readability of the code was problematic. Today, those issues have been widely resolved:
- The battery recharges at the point-of-sale (POS).
- The battery doesn’t drain when the card is not in use.
- CVV code numbers have been enlarged for easy readership.