Protecting both the merchant and the shopper has always been one of the big concerns in payment transactions. Attempts at theft and fraud have taken many forms over the decades, from actual physical counterfeiting of cash to forging fake checks. When the “plastic” and “digital” eras of payment came along with credit cards and then online payments, it seemed like maybe we were looking at a safer world of shopping for both the buyer and seller.
To some degree, it’s true that things have become harder for some scammers and fraud artists to cheat merchants and shoppers of their money. The much more technical nature of electronic transactions makes it more difficult for anyone without a good grounding in technology to be an effective criminal. But, for those few still take the time to develop an expertise in exploiting these systems, when they do finally gain access, the results can be disastrous.
Identity theft, for example, is one of the worst things that can happen to both a shopper and a shop. When someone’s passwords and credit card numbers are taken over, this can lead to a “slash and burn” campaign of buying many things at online outlets. Merchants, of course, can’t tell the difference between a legitimate credit card purchase by the legal owner of the card, and a fraudulent purchase. When the proper companies have been notified, credit card access revoked and online purchases reversed, everyone suffers in the ensuing fallout.
One of the ways to fight this is with increased levels of confirming the identity of purchasers, and two factor authentication is one of the most recent, effective ways to handle this. So what is it, and how does it work?
Usually when it comes to making a purchase, the old way of buying a product or service is “one factor” authentication. In this case, all that’s really important is that the method of paying is recognized and legitimate. Cash is checked to be sure it’s not counterfeit, and credit card numbers are verified as real and recognized by a credit card company. Assuming that initial verification goes through, a sale goes through.
Of course, with credit card processing and other situations, a credit card number can be “stolen” and used by someone other than the actual credit card owner, since the physical card itself is not required for an online purchase.
Two factor authentication negates this by adding an additional factor. In most cases, once a purchase is made, an additional step is required. The most popular mechanic is sending a text/SMS message to a phone with a string of numbers that are required to be inputted. If that string of numbers can be given, then the sale goes through. This prevents many identity thieves from making purchases since they usually do not have access to the phone that is receiving these messages with the required second code.
While it’s true that this adds an extra step that may slow a purchase down, it is also tremendously effective in not just preventing identity theft, but notifying a person that it may have occurred thanks to the phone notification when a transaction occurs.
Posted in credit card processing on Oct 25, 2016