PNC Bank Pilot Tests Cards with Dynamic Security Codes
When U.S. banks and retailers began rolling out EMV chip cards to replace the old standard of magnetic strip swipes, the hope was that the move would reduce fraud. However, while the tokenized transactions that EMV chip payments offer has been said to reduce “card-present” counterfeit fraud, the same cannot be said for purchases made online as card numbers are still entered manually. Now one sizeable bank is testing an upgraded EMV card that also features dynamic security codes.
According to Ars Technica, Pittsburgh-based PNC Bank is currently conducting a pilot program to test Card Verification Value (CVV) that change after a certain period of time. This is accomplished via a timer located in the card as well as a digital display called an “e-ink screen.” Just as cardholders currently look to the back of their cards to find the three or four-digit CVV, these displays are placed in about the same area of the card, although the number shown will change.
Speaking to the Pittsburgh Post-Gazette, PNC executive vice president and treasury management unit head of product management Christopher Ward addressed the reasons why the bank turned to dynamic CVV. He said, “We’re constantly looking for ways to reduce fraud It’s harder for [crooks] to make counterfeit cards now because of chips … so fraud has moved to the card-not-present space.” Ward also noted that the bank is evaluating a certain refresh interval as part of the pilot program but declined to say what that was.
Currently PNC’s test program is set to last for 90 days, after which Ward says the bank is looking to expand the offering to more of its corporate cards. However it’s unclear when the technology might roll out to the majority of cardholders. Likely holding back that expansion is the cost associated with manufacturing the upgraded cards. The Post-Gazette suggests that, while a typical EMV card might cost $2 to $4 to produce, a card equipped with dynamic CVV can cost $15. On top of that, the battery required to power the device might last four years with a longer refresh interval but shortening that refresh window would mean cards need to be replaced even sooner.
Of course PNC aren’t the only ones looking to stomp out online credit card fraud. For example the website Privacy.com allows users to create single-use and/or merchant specific card numbers to help protect their actual card data when shopping online. Moreover Ars Technica notes that Idemia, which is distributing the dynamic CVV cards for PNC, first announced the technology back in 2016. While it’s too early to say whether this approach will prove to be a practical solution to the growing fraud problem, it once again shows how FinTech ideas can not only come in many forms but can also help established institutions evolve for the better.