Dynamic Security Code Cards: A Primer
Publication Date: July 2020
With the widespread implementation of EMV in the U.S., fraudsters have shifted their focus to card-not-present (CNP) fraud, highlighting static card security codes as a critical weakness. This white paper provides a primer on cards with dynamic security code features as a layered defense to this CNP vulnerability. The resource discusses the benefits of dynamic security codes for issuers, merchants and cardholders, and the implementation impact on payments stakeholders.
For many online transactions, merchants require the user to enter the security code printed on the card to validate that the card is in the possession of the cardholder. These static security codes, if stolen, present a vulnerability that can lead to CNP fraud and a loss of revenue for merchants and issuers. Cards with a dynamic security code present a possible defense against CNP fraud by having a display and generating a frequently changing code. This hinders the ability of a fraudster using a duplicate card or stolen card data.
The consequences and associated costs of CNP fraud present a world of issues for everyone from the customer to the merchant to the issuer. Security experts recommend layered approaches to security, and a changing security code will create a barrier for people using stolen credentials. This resource provides education on how a dynamic security code card can help prevent fraudsters from stealing all information necessary to complete an online transaction.
This white paper:
- Introduces the impact of CNP fraud on merchants and issuers
- Provides a high-level description of a dynamic security code card solution (card and server/service) to educate stakeholders on functionality and benefits
- Outlines the benefits of dynamic security code cards for issuers, merchants and cardholders
- Outlines manufacturing, personalization and implementation considerations
- Describes real world deployed use cases
About this White Paper
This white paper was developed by the Secure Technology Alliance Payments Council to provide a primer on dynamic security code cards. Council members involved in the development of this white paper included: ABCorp; Ellipse; IDEMIA; Infineon Technologies; MULTOS International; Thales; Visa; Worldpay.