MasterCard has launched a solution to harness the mobile phone as a form factor for its chip authentication program (CAP). The initiative focuses on enabling consumers to authenticate their banking and online transactions through their own mobile phone. It focuses on solutions that allow cardholders to authenticate themselves using their existing EMV banking card and a personal card reader.
It offers two types of solutions, the SMS-CAP solution works on any mobile phone. In this version, the CAP password is sent to the cardholder inside an SMS. The cardholder is then able to use this password to authenticate their online purchase or mobile banking activity.
The second version runs on Smartphones or JAVA compatible phones. It consists of an application that runs on the mobile phone and prompts the cardholder to key in a PIN. The phone then displays a CAP password. The consumer experience in this version is very similar to authentication using a card reader.
Additionally the solution allows part of the transaction to be included in the generation of a password. This means that banks can enable cardholders to create a unique signature for a transaction. Such developments represent considerable armor against “phishing” and ‘man in the middle’ attacks, a growing menace in e-banking and e-commerce.
Art Kranzley, chief emerging technology officer of advanced technology at MasterCard Worldwide, said: “The simplicity of this approach may be evident but the innovative proposition and the suite of solutions that we have now in place with our partners provides a sophisticated and unrivalled offering to our bank customers.”