Quote:
Originally Posted by rowan
The future for online purchases is probably some sort of embedded "human" two factor authentication, used for Card Not Present transactions. For example, pressing a button that shows a code number on a display. All contained within the card. The code number is a cryptographic signature that proves you have physical possession of the card.
Only problem is that something like this will take years to be fully implemented, which means that the legacy system will be around for a long time to come.
|
A much simpler system would be to text a 6 digit confirmation code to the cardholder's mobile, which is then entered into the page where the purchase is being made. Far from foolproof, it would cut online fraud rates down to about 10% of what they are currently.