Monday, November 04, 2019

Security of credit card transactions

I pose this question for our security and tech experts to give their views.

The credit card now has a CVV, but it is printed on the card. A thief could use the credit card and the CVV. So, as a security the bank send a SMS and the owner has to enter the PIN to authenticate the transaction.

I have built an app to generate a OTP that the bank can use, instead of SMS. The OTP changes every minute.

An alternative is for the bank to ask the owner to enter a 6 digit PIN. This PIN does not change and does not need a mobile app to generate.If a fixed PIN is used, the POS device will ask the customer to enter the fixed PIN for authentication.
For e-commerce, the website will ask the customer to enter the fixed PIN (using SSL) for authentication.

Is the fixed PIN as good as a OTP that changes every minute, from the security angle?

1 comment:

hiren patil said...

It's a great blog about security thanks for sharing the blog to know more about online banking.
Fast mobile banking

Blog Archive