BPCE pilots dynamic CVV code for online shopping

Banque Populaire and Caisse d’Epargne are to pilot a payment card that replaces the three-figure CVV code on the rear of the card with a small screen display that automatically changes periodically.

  14 12 comments

BPCE pilots dynamic CVV code for online shopping

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

The French banking group plans to put the first cards into the hands of 1000 customers from this September.

The bank says the technology, developed by Oberthur, will improve security for consumers purchasing online and entails no changes to the usual check-out procedure at the merchant side.

Nicolas Chatillon, head of development - payments, strategic marketing and studies - at BPCE Group, says: "The Banque Populaire and Caisse d'Épargne networks will be the first banks in the world to give their customers the opportunity to experiment with this new payment card technology to make their online purchases even more secure. This initiative is an integral part of the BPCE Group’s commitment to payment solutions and its determination to step up the battle against fraud."

Sponsored New Event Report – Natural Capital Finance

Comments: (12)

A Finextra member 

Laudable initiative from Banque Populaire and Caisse D'Epagne ! Credit to Oberthur for developing the technology. But it is unclear how the actual validation is proposed to be done (replacing the 3-digit CVV, as earlier).

A Finextra member 

I cant see how this will stop fraud on Cards. Yes it will work if the card has been subject to "phishing" but if someone steals your physical card then they have the credentials anyway.

Riten Gohil

Riten Gohil Director & Co-Founder at Sphonic

Interesting development though the first use of display cards with Dynamic CVV was with ICC-Cal in Israel. At the time it was an exciting innovation (circa 2008) however the costs were prohibitive - given all the players in the card manufacturing eco-system. However with Oberthur buying Nagra ID, and recently investing in component manufacturing in China there is scope to industrialise this beyond 'cool pilots' if the costs can be viable.

The other aspect is the interplay of authentication with Dynamic CVV, and then 3D Secure if appropriate - in France this is certainly the case. Double-authentication can be cumbersome to the consumer.

 

A Finextra member 

Carl raises a valid point about card theft. That compromises the Dynamic CVV feature. 

Couble authentication will probably be a step in the right direction, though cumbersome to the customer/payee. Will request Riten to share details about the ICC-Cal innovation. 

Riten Gohil

Riten Gohil Director & Co-Founder at Sphonic

@shoumit I was trying to dig this information out about CAL - it solved the issue Carl raises about card theft - as it had a keypad for you to enter a PIN. Don't underestimate the issue of customer authentication friction, it can be a bigger risk to business than fraud itself. Security measures are clearly critical to the eco-system but they need to be balanced with the fact that genuine consumers needs to be able to transact effectively in the fast moving digital payments world.

A Finextra member 

A solution to the dynamic CVV would be to couple it with a 2 Channel Authentication system. When the card is used in an online transaction have it "Ping" your phones Banking App (or something else linked to the card) then you either enter a pin to verify the transaction or decline the transaction on the phone! 

A Finextra member 

Thanks for your inputs, @riten and @carl.

Riten Gohil

Riten Gohil Director & Co-Founder at Sphonic

Carl - I think you are on the right track but the answer in that regard is - why do you need an electronic card? The mobile has the capbility to do all of the above (and more) today without navigating through a complex manufacturing process.

A Finextra member 

Agree Riten, This solution can be impleminted now without the need for the complex manufacturing process. That was my argunment at the start, the card should be made irrelevent in the online space!

A Finextra member 

They would have been better off enhancing their mobile application to secure Customer Not Present transactions by using 2FA - this implementation just adds to the cost of issuance, and has already been observed, does not prevent fraud if the card is lost/stolen.

A Finextra member 

Generally everything enhancing the customers protection against fraud is more than welcomed. But if the targeted market is the online one then I agree with Riten and think the job could be done without a card. A smartphone plus 2FA is OK.

Ketharaman Swaminathan

Ketharaman Swaminathan Founder and CEO at GTM360 Marketing Solutions

@RitenG + 1: "Don't underestimate the issue of customer authentication friction, it can be a bigger risk to business than fraud itself."  

For over 2 years now, CNP transactions in India have been requiring 2FA via (static) VbV password or (dynamic) Mobile OTP. This improves security and virtually eliminates the potential for fraud. Alongside that, it causes a lot of authentication friction and failed transactions. Personally, I've largely given up on card use online because of the friction and gone back to cash. 

Why I Went From Card To COD

Yes, cash, even for ecommerce. Even flights can be bought on Cash on Delivery in India. Even UBER has started piloting cash in India last week.

Actual loss of revenue due to authentication friction is so high that some startups have shifted out of India to escape the 2FA regulation. Unexposed to the diametrically opposite views expressed by many on Finextra, some of these startup founders have even gone on record saying the US payment system - no chip, no CVV, no VbV - is 10 years ahead of the Indian one!

For a more impersonal and objective coverage of the impact of 2FA / Mobile OTP, see my other blog post:

Mobile OTP: Cyanide Or Caffeine For Online Payments?

New Event Report – Natural Capital FinanceFinextra PromotedNew Event Report – Natural Capital Finance