MasterCard Display Card: the future of credit cards?
Credit cards are widely used throughout the world to make purchases, and while they are more in use in some countries than in others, they are a widely accepted paying option in most parts of the world. Credit card fraud thrives, not only because cards are accepted nearly everywhere, but also because they are not well protected. Most of the time, all you need is the credit card number, the expiration date and the security code, all of which are displayed on the card itself.
Some credit card companies, such as MasterCard, have created additional verification services to add a second layer of authentication to the card. Mastercard Securecode for instance provides credit card owners with a password that they need to enter when they make purchases on sites that support SecureCode. You probably noticed that those methods require the merchants to integrate the feature on their sites, and while some have done so, leaving criminals with enough options to use stolen cards to make online purchases.
MasterCard Display Card is a new technology by MasterCard that adds an LCD and numeric keypad to the credit card. The idea behind the card is to give MasterCard owners an option to generate one-time authentication codes for online banking and purchases, and in a second - future - step options to display the account status or the transaction history.
The credit card functionality remains untouched, and the main benefit of the current implementation is that credit card owners do not need an additional device to create secure codes for online banking or transactions. Transactions include making credit card payments at shops supporting MasterCard Securecode, as buyers now have to enter the password and a one-time code generated on their card to verify the transaction. While this does not eliminate credit card theft, it may have an impact on the credit card black market as the card is now needed as well to make purchases.
Not all merchants have implemented Securecode so that there is still a loophole to make payments without the code.
MasterCard is not the first credit card company that introduces such a feature on its credit cards. Vista in 2010 launched CodeSure cards that offer a similar feature set. The card offers the same functionality, the generation of one-time codes for online banking, transactions and other services that require verification.
Advertisement
My son – a network engineer – worked briefly for a UK bank a few years ago. He was shocked at the lackadaisical attitudes to security, and at the kind of banking and credit card data that he, as new employee with few safeguards, could access (in practice if not in theory.) He talked daily with high-salaried ‘security experts’ he wouldn’t have trusted with his home PC – their jobs secured not by expertise but by family connections and paper qualifications. And the further up the management he went, the worse attitudes got.
To be fair, there are – apparently – a lot of very well qualified and committed IT people inside the banking system. But they’re simply not listened to by top management with an eye for nothing but their own obscene salaries and bonuses. Absolute security isn’t required at customer level – all that is required is that the losses are hidden or at least not visited on top management. In fact – in my son’s opinion – a huge amount of banking and credit card fraud originates INSIDE the banking system, not outside. A major problem being overseas call centres with staff on such low salaries that bribery doesn’t even need to be expensive.
In some cases – my son is convinced – security is being compromised, not so much by bank employees becoming criminal, but by people seeking bank employment specifically for criminal reasons. All the new card technology in the world isn’t going to offset an institutional lack of care within the banking system.
Something needs to be done!
I have had to replace one Visa card and three American Express cards over the last 3 years because the numbers somehow got stolen. This is really annoying because I then have to go to (remember?) all the places where I have automatic renewal/payments set up and change the card info there. I complained heavily to American Express 4 weeks ago when I needed to get yet another new number but they don’t really give a crap.
I also don’t see the purpose of that security number (3 numbers on Visa/MC & 4 numbers on Amexco cards) since we have to give that number to most people/companies when you are trying to use the card!
I would like to see some kind of single use number. The above implementation looks like an interesting idea.