MasterCard to authenticate online transactions by phone
- — 17 November, 2009 07:41
In the face of mounting threats from hackers, MasterCard will use mobile phones to improve security for online transactions, the company said on Monday.
The added layer of security comes from a one-time password that the user is asked to enter when approving a transaction. The password is either sent via an SMS (Short Message Service) or created by an application that runs on a smartphone or a phone that supports Java.
The goal is to improve users' protection against phishing and man in the middle attacks, which are growing problems in the e-banking and e-commerce world, according to MasterCard.
There is no fool-proof way to protect against these attacks, but the fact that the new passwords can be used only once limits the potential damage they could inflict, according to Jan Lundequist, senior business leader and head of chip product management at MasterCard.
The first services to use the improved security will become available during the first half of next year, Lundequist said.
MasterCard isn't building these systems itself, but will work with a number of partners. It has so far signed deals with three vendors, but isn't ready to name them, according to Lundequist.
The use of mobile phones for payments and other related services is slowly gaining ground all over the world. On Monday, MasterCard also announced the Mobile Payments Gateway.
It will, for example, let users pay, send and receive money and keep track of activities via alerts on the their mobile phone, according to MasterCard said.
Services based on the new platform will first be offered in Brazil, where the card company is working with Itaú Unibanco, Redecard and mobile network operator Vivo -- which has 48 million customers, MasterCard said.