Visa plans program to protect online by adding password protection

posted onAugust 30, 2001
by hitbsecnews

Sometimes, simple is better. After years of promoting high-tech anti-fraud measures like smart cards and neural networks, a decidedly low-tech feature is coming to credit cards that might go a long way toward protecting your private information.

Visa announced Monday it?s moving forward with plans to add old-fashioned password protection to credit card purchases made online. The question is: Are consumers worried enough about theft of their data that they?ll be willing to take the extra step?

IF VISA HAS its way, by Christmas, many online checkout procedures will be interrupted by a request for a bank-issued credit card password. No password, no purchase ? less fraud. That?s the idea, anyway.

The problem with most current online transactions is there?s no way for a merchant to know who?s behind the keyboard when a credit card number is typed into a Web page. In the real world, at least there?s a person, a piece of plastic and a signature that all attest to who?s spending the money. The system?s hardly perfect, but those passing glances by store clerks at receipt signatures cut down on rudimentary fraud schemes.

For years, financial institutions and credit card companies have promoted a variety of anti-fraud measures designed to simulate some of those real-world assurances in the online world ? software that would somehow prove that the consumer spending the money is the actual card holder.

For example, there are still plans to slowly upgrade the millions of credit cards around the world into ?smart cards.? Equipped with a tiny computer chip, these otherwise familiar-looking pieces of plastic have a certificate that must be read by a computer and verified before a purchase can be made. That means the account number and the plastic can?t be separated, and a stolen database of thousands of smart card numbers would be almost useless.

NOT READY FOR PRIME TIME

But currently, smart cards are relatively useless because virtually no consumers have smart card readers. The required infrastructure and consumer behavior challenges to a smart card system are enormous ? hence the past 10 years of press releases with few results.

Earlier this year, Visa U.S.A. announced a much simpler plan for limiting the usefulness of stolen credit card numbers. Dubbed ?Verified by Visa,? the program would allow consumers to add password protection to their credit card accounts.

?It?s a step in the right direction,? said e-commerce analyst Avivah Litan of Gartner Group. ?It?s the industry giving up on more sophisticated solutions because the market is consumer-driven and consumers don?t want do deal with complicated (security features).?

Consumers who implement the program would find they can?t spend money with their credit cards at a Web site until they enter a password. It?s akin to the signature consumers are accustomed to providing at real-world stores, or to the PIN that protects bank cards

Click here to continue reading this article at MS NBC

Source

Tags

Networking

You May Also Like

Other Articles In This Section

Recent News

Tuesday, July 9th

China's APT40 gang is ready to attack vulns within hours or days of public release
AI-Powered Super Soldiers Are More Than Just a Pipe Dream
The president ordered a board to probe a massive Russian cyberattack. It never did.
Massive car dealer ransom attack is mostly over after 2 weeks of work-arounds

Wednesday, July 3rd

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux
Two of the German military’s new spy satellites appear to have failed in orbit

Friday, June 28th

Indonesian Airports, Data Centres Hit By Worst Cyberattack in Years
Cisco Talos warns of wider security implications following Snowflake breach

Thursday, June 27th

I Wore Meta Ray-Bans in Montreal to Test Their AI Translation Skills. It Did Not Go Well
Researchers upend AI status quo by eliminating matrix multiplication in LLMs
YouTube tries convincing record labels to license music for AI song generator
Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk
Julian Assange to plead guilty but is going home after long extradition fight

Thursday, June 13th

Hackers show off jailbroken checkm8-vulnerable iPad and Apple TV running iPadOS 18 & tvOS 18 respectively
One of the major sellers of detailed driver behavioral data is shutting down
Turkish student creates custom AI device for cheating university exam, gets arrested

Wednesday, June 12th

Chinese-Made Biometric Access System Has 24 Vulnerabilities
Apple and OpenAI currently have the most misunderstood partnership in tech
Adobe to update vague AI terms after users threaten to cancel subscriptions
China state hackers infected 20,000 Fortinet VPNs

Tuesday, June 11th

Russia Is Targeting Germany With Fake Information as Europe Votes
Apple announces macOS 15 Sequoia with window tiling, iPhone mirroring, and more
Apple integrates ChatGPT into Siri, iOS, and macOS
British police to scan 480,000 Formula 1 fans’ faces at Silverstone
Hackers steal “significant volume” of data from hundreds of Snowflake customers

Friday, June 7th

7,000 LockBit decryption keys now in the hands of the FBI, offering victims hope
FCC pushes ISPs to fix security flaws in Internet routing
Can a technology called RAG keep AI models from making stuff up?
How to Lead an Army of Digital Sleuths in the Age of AI

Thursday, June 6th

Mystery object waits nearly an hour between radio bursts
Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Lab
Ex-Microsoft security expert torches Windows' new 'Recall' feature
The Age of the Drone Police Is Here

Wednesday, June 5th

Ukrainian Systems Hit by Cobalt Strike Via a Malicious Excel File
TikTok Hack Targets ‘High-Profile’ Users via DMs