22 Dec Strengthen the security of your cards when shopping online
Avoid pitfalls with online purchases by taking advantage of the security features available for today’s bank cards.
Today, most cards issued by banking institutions offer some built-in protection mechanisms that allow their holders to strengthen their security. It’s simple to activate some really effective measures to avoid cyber scams. |
Integrated protection measures
3D-Secure is a form of online payment, developed by Mastercard and Visa, which allows for more secure purchasing. 3D-Secure authenticates the buyer as the legitimate cardholder. The process consists of redirecting the user to the bank’s secure page (with a URL preceded by https://, where the data is encrypted) where the buyer is asked for their card number, date of expiry date and CVV code. Then, to complete the transaction, the interface will require the buyer to enter another piece of information that is on file with the institution. This is called two-factor authentication (“2FA”), alternatively:
- A numerical code, which the bank will have sent to the buyer’s mobile phone via an SMS message
- A code from a contact card – previously provided by the bank to its customer
- The bank card PIN
- The validation of the transaction through the bank’s application
Beyond the CVV: other protections available to user
The CVV (acronym for Card Verification Value) is a 3 or 4-digit code printed on the back of bank cards that serves as a protection measure when making online purchases. The CVV is usually used, together with the card number and expiration date, to confirm that the person carrying out the transaction is the legitimate card holder. Originally designed to provide an extra layer of security when shopping online, the CVV numbers do not, unfortunately, offer enough protection these days. The Payment Services Directive, known by the abbreviation PSD2, is the European Directive that regulates payment services – including card payments, transfers, direct debits – within the framework of the European Union. Bear in mind that PSD2 does not apply to online purchases made through sites outside of the EU. It entered into force on September 14, 2019. Its objectives are to:
- Promote transparency, competition and innovation among various payment services in the financial sector
- Promote the development and use of innovative online and mobile payment systems, such as open banking.
- Make cross-border European payment services more secure
- Protect consumers when they pay online
- Switch function: allows for the temporary deactivation the card (and for its reactivation it only when it is to be used to make a payment).
- Charge notification function: the cardholder can set up payment notices through the banking application so that they will be alerted when a charge is made.
- Dynamic CVV code: unlike the traditional CVV, this code is not printed on the physical card, but is generated anew from the bank’s application for each transaction. Knowing the data printed on the actual card is not enough to use the card successfully.