Mastercard, Visa to implement new cybersecurity measures and biometrics
Credit card companies Mastercard and Visa are both implementing new cybersecurity measures to ensure that hacked credit card data will be less valuable to hackers.
MasterCard said it will invest an additional $20 million in cyber-security measures in 2015, including biometric authorization for mobile apps, and early warning alerts on potential threat vectors, according to a report by Finextra.
This spring, the company will launch a new initiative designed to lower the risk of fraud or cyberattacks before issuers and processors might notice the threat.
Dubbed Safety Net, the initiative will provide “an independent layer of security on top of the tools and policies of financial institutions, by monitoring and blocking specific transactions based on selected criteria”.
Using algorithms, the application is able to score and monitor different channels, geographies, and business sectors, intervening only in high risk cases to block fraudulent activity.
MasterCard is also working with First Tech Federal Credit Union on a pilot program that will use a combination of facial and voice recognition, as well as fingerprint matching, to authenticate consumers’ identity.
The program has had a 98% success rate for internal pilot trials of a biometric verification system combining both voice and facial recognition, said Mastercard.
Meanwhile, Visa announced at the White House Cybersecurity Summit it will introduce the “tokenization” of credit card numbers for online transactions, according to a report by Politico.
Visa will update its online payment service, Visa Checkout, with the tokenization technology by this spring.
The measure will replace the real 16-digit payment card number with a substitute number dubbed as a “token,” in which Visa’s transaction analytics will be able to detect subsequent use of a stolen token and prevent a fraudulent payment.
Visa is working toward a larger goal of replacing the card data stored by e-commerce retailers with tokens whose use will be limited to a particular merchant.
The measure will then prevent thieves who steal tokenized credit card data from one merchant site from being able to use it to make a purchase on another merchant site.
The company is currently in talks with large online merchants to make back-end tokenization updates to stored credit card information, which will be announced some time later this year.