Nytro Posted November 17, 2014 Report Share Posted November 17, 2014 [h=1]Visa, MasterCard Removing Passwords from 3D Secure[/h]by Brian Donohue November 17, 2014 , 1:17 pm Payment giants Visa and MasterCard announced plans to eliminate the need for password authentication in the companies’ respective “Verified by Visa” and “SecureCode” payment platforms which are designed to add an additional layer of security to online transactions. In a press release, MasterCard announced that ultimate goal of an upgraded 3D Secure system, set to replace the current system next year, will rely on “richer cardholder data” in order to limit password interruptions in the payment process. In the event that an authentication challenge is required, MasterCard says it plans to replace static, memorized passwords with one-time passwords and fingerprint biometrics. MasterCard is also sponsoring commercial tests to design facial and voice recognition applications for use as authenticators in the future as well as a wristband that authenticates via cardiac rhythm.Threatpost reached out to MasterCard for clarification on what the company means by “richer cardholder data” but did not hear back by the time of publication. 3D Secure is a card-not-present payment protocol developed Visa and adopted by a number of other payment card companies. It was designed to curb the growing problem of fraudulent purchases being made online. When a Verified by Visa or SecureCode user enters her card information to an online merchant, the merchant then sends that payment data to Visa or MasterCard. The payment company replies with an iframe that presents the user with an additional password-based authentication form. If the customer enters the correct password, the merchant receives an authorization code to proceed with the transaction. However, the 3D Secure protocol has been criticized for requiring users to remember yet another complicated password as well as for its user interface, which has been mistaken for a phishing scheme. “All of us want a payment experience that is safe as well as simple, not one or the other,” said Ajay Bhalla, president of enterprise security solutions at MasterCard. “We want to identify people for who they are, not what they remember. We have too many passwords to remember and this creates extra problems for consumers and businesses.”Sursa: Visa, MasterCard Remove Passwords from 3D Secure | Threatpost | The first stop for security news Quote Link to comment Share on other sites More sharing options...
Sveratus Posted November 17, 2014 Report Share Posted November 17, 2014 foarte fain atunci sa faca ei cat de securizat pot... ei Quote Link to comment Share on other sites More sharing options...
