The recent data breaches at major retailers have brought greater public awareness to digital payments security, with much of that attention mistakenly going to EMV. EMV chip-and-PIN technology would not secure card-not-present payments like those involved in the data breaches. But there are solutions that exist that could help secure online card-not-present transactions. One example is single use virtual cards, a solution that is already gaining traction in commercial payments where the security it offers is attractive to corporations looking for a secure way to make digital payments.
[For More of Our Coverage of the Target Breach, Check Out: Banks and Retailers Face Off Over Target Breach and EMV]
A study by RPMG Research Corp. in 2012 found an increase in use of virtual card accounts of 16% since 2009 among 1,400 respondents that included government organizations and Fortune 500 companies. The report said that use of virtual card accounts is expected to rise from 35% to 55% by the end of this year. Single use virtual cards made up 30% of those organizations using virtual card accounts.
“The difference with single use virtual cards for commercial businesses is the security and the controls. Some have had company policies violated. With single use they can control policy adherence. You can set controls so that an employee can’t upgrade to first class on a business flight,” says David Disque, the COO of CSI Enterprises, which offers single use virtual cards to corporate users through a mobile application in partnership with MasterCard. The app generates a single use virtual card number for each transaction that a user makes.
The same security and control could also appeal to retail consumers now that cyber security and fraud is a growing issue, Disque points out. “For someone who had their card compromised in the Target breach, with a single use card, you wouldn’t be able to use that same card number again, and a fraudster who stole that number wouldn’t be able to use it to make fraudulent purchases on your account,” he explains.
And the controls that can be put in place around purchases can also give additional piece of mind to consumers, Disque notes. “I can create a virtual card with a prepaid amount for a specific use, and I could give it to my son to only use for making purchases on a gaming site he likes,” Disque shares.
MasterCard has been offering single use virtual cards along with personalized security alerts, but there are still challenges that remain for greater adoption among regular consumers, says Mark Savoye, vice president and senior business leader for MasterCard inControl. While some banks have started offering single use virtual cards for their retail clients, like Citi’s Virtual Account Number and Bank of America’s ShopSafe, there is still a serious need in making consumers more aware of the availability of these security tools, Savoye notes.
Wider adoption among issuers of such security features for their card customers would probably help spur that awareness, as would offering virtual cards through the mobile device for convenience, he adds.