CIO

Visa Australia outlines EMV, risk based authentication program

Europay, MasterCard and Visa (EMV) card security to be introduced next year, Verified by Visa (VbV) online security upgraded
Visa Australia country risk manager, Sasha Slevec.

Visa Australia country risk manager, Sasha Slevec.

International card provider, Visa, has confirmed that it will be introducing card security chip technology Europay, MasterCard and Visa (EMV) on its cards and upgrading automatic teller machines (ATMs) to be EMV capable by April 2013.

EMV is the global standard used by card providers for integrated circuit (IC) debit and credit cards used with point of sale (POS) terminals.

MasterCard Australia has also indicated that all of its cards, issued by Australian banks, and payment terminals would be upgraded to EMV by 2013. Eftpos Payments Australia will also be EMV compliant and introducing contactless card payment options that year.

Speaking at the Cyber Security Summit in Sydney, Visa Australia country risk manager, Sasha Slevec, told delegates that EMV capable ATMs would be ready by 1 April next year.

“We have some good pilots in the market under way with EMV chip enabled ATMs,” he said.

The EMV rollout is part of Visa’s long-term strategy to combat credit card fraud with upgraded chip security.

In addition, Slevec said that Visa’s online payment security system, Verified by Visa (VbV), which was first introduced in 2001, was recently upgraded to include risk based authentication.

The authentication comes into play when a Visa card holder is shopping online and the transaction is deemed high risk by the card company — expensive golf clubs, for example. The consumer is then asked to provide proof that they are the card holder. This authentication could be an online password, code or one time password sent via SMS to their phone.

However, if the transaction is deemed low risk, Visa card users will see the VbV logo advising that the user is being authenticated and will be sent back to their online purchase.

“Approximately 80 per cent of our Australian issuers have implemented or are in the process of implementing risk based authentication,” Slevec said.

“The card issuers in this country have very good fraud protection tools which have been developed over many years. These tools look for high risk transactions so it makes sense that this risk-based approach is going to find its way into the authentication space.”

Follow @CSO_Australia and sign up to the CSO Australia newsletter.