Rupay Cards – Authentication of online transactions via PaySecure online PIN Pad.

Well, the PIN Pad is not a physical instrument, it is a visual online i.e virtual Pin Pad.

Acculynk and National  Payments Corporation of India (NPCI) have announced an Internet PIN Debit Partnership, for Rupay Debit Cards.

Top 10 points’ of this tie-up

1. RuPay is a PIN (Personal Identification Number) - only based debit card. This means at POS Terminals, to execute a transaction a PIN is required.
   
   
2. Separate technology is required to integrate the PIN Based option for eCommerce. Towards this end, NPCI has partnered with Acculynk.
   
   
3. The same PIN number is valid for all ATM/POS/eCommerce transactions.
   
   
4. Now eCommerce Rupay Debit Card purchases will have the additional and mandatory safety of two factor authentication.
   
   
5. RuPay debit card was launched on 26th March 2012 with 4 Banks i.e State Bank of India, Bank of Baroda, Bank of India and Union Bank of India.
   
   
6. In the initial phase banks accepting RuPay Debit cards on their POS terminals are Axis Bank, Bank of Baroda, Corporation Bank and State Bank of India.
   
   
7. As on Feb 12, the number of POS Terminals the above Banks had are Axis Bank (1,98,297), Bank of Baroda (4558), Corporation Bank (14,480), State Bank of India (0).,
   
   
8. With Acculynk’s PaySecure®, online shoppers enter their PIN on a virtual PIN-pad at the merchant checkout, and only need their existing debit card and a PIN number to complete the transaction. There are no hardware devices, additional passwords, or redirection to another website for payment.
   
   
9. RuPay logo is already there on most of the ATMs in the country, and very shortly it will be visible in most POS Terminals across the nation.
   
   
10. It will take another couple of months, before you can obtain a Rupay Debit Card and start swiping it for transactions.

DIGIPASS 837, Vasco's first Acoustic Smart Card Reader

The top 4 points about Acoustic Smart Cards are : -

1. Acoustic Smart Cards are based on authentication via Sound.

2. The technology is standardized as per ISO 7816 acoustic smart cards specifications.

3. There are few authentication companies which manufacture Acoustic Smart Cards.

4. The smart-card features reader-less interface based on sound waves and an online security model based on dynamic security.

The top 11 nuggets of DIGIPASS 837 are

1. Vasco's DIGIPASS 837 is simple to use, due its innovative acoustic feature that facilitates data transfer from the computer to the reader in an instant.

2. DIGIPASS 837 has been launched at this year’s CeBIT expo in Hannover, Germany.

3. DIGIPASS 837 reader combines the benefits of one-time password and electronic signature to thwart man-in-the-middle attacks by using EMV infrastructure.

4. DIGIPASS 837 receives sonic signals from a sonic signals from a PC, smart phone or tablet that’s held in the vicinity of the reader’s speakers. Then the reader converts them into the transaction information displayed on the DIGIPASS 837 screen. Finally the end-users can verify the data on the screen before signing for the transaction.

5. This is based on the 'what-you-see-is-what-you-sign' (WYSIWYS) concept, which allows end-users to verify the data of the transaction before signing it.

6. Another user-friendly feature, is that DIGIPASS 837 can function through high levels of background noise and works with a variety of speaker types, smart phones and tablet PCs. No special software is required for functionality

7. The complete transaction cycle is completed in a matter of seconds, making it easier for easy adaptability by the end-user's

8. The acoustic e-signature device just has to be held in the vicinity of the speakers in order to complete data transaction and should not be held at a specific tilt angle as is the case with optical devices. This is important as otherwise the user will spend considerable time, trying to hold the instrument at a specific tilt, thereby increasing the frustration levels.

9. DIGIPASS 837, does not require any software or driver to be installed as the communication is established through the speakers of the end-user's PC/Smartphone/Tablet PC and the acoustic sensors of DIGIPASS 837

10. A demo can be viewed at  www.vasco.com/digipass837demo

11. The signal played to the Digipass 837, sounds like an old dial-up modem, triggering old memories for users.

--------------

ArrayShield Card - One more weapon from India for Online Security

Today morning while reading 'The Hindu' @ Safe, read about ArrayShield product, Arrayshield Card.

More about this card can be read at the company's website How it works?

In the last couple of months, my focus has been on solutions for safe online banking technologies.

ArrayShield Card has made a beginning in the new direction for 2FA (2 Factor Authentication).

The ArrayShield Card does not rely on Mobiles or RSA tokens, but on a proprietary ArrayShield translucent Card.

The Process in brief is as under :

1. Users choose a memorable pattern (sequence of cells on the array) as their secret and register the same.
2. The User on logging into a ArrayShield enabled protected site, have to overlap the Arraycard, which will display the specific values.
3. The specific values are an OTP (One-time password) which have to be entered on the login page.
4. Every time they log on, they are presented with a challenge Array of random characters, which will be displayed on their computer screen.

ArrayShield Card has been launched very recently and as the usage spreads by word of mouth, more and more websites would be interested in it.

As more and more products are introduced for Safe eBanking, the number of converts from physical banking to eBanking will increase, benefiting the Banks as well as the bank's customers.