What is dynamic code verification and how can it secure online payments?

Enterprise
Financial services

Written by Xavier Larduinat
Type Insight
Published 04 June 2024

In the digital age, financial institutions must strike an uncompromisable balance… securing online payments, without compromising user experience.

Fraudsters are continually developing new methods to steal cardholder credentials and break through security systems – a prime example of which is Card Not Present (CNP) fraud. 

In the UK alone, £200 million was lost due to CNP fraud in the first half of 2022 – and accounted for 45% of all financial fraud losses.

To help combat CNP fraud, new security measures were introduced. One example being 3D Secure (3DS) – an authentication method that reduces fraud and increases security for online card transactions. In Europe, 3DS has been efficient in mitigating CNP fraud which has shifted to out of scope or SCA exempted use cases.

It’s under this backdrop that Dynamic Code Verification (DCV) has emerged as a solution that can help to reduce up to 32% of this fraud, secure online payments and provide peace of mind for both cardholder and issuer.

What is Dynamic Code Verification?

When making an online payment, merchants require input of the traditionally static three-digit CVV (CVV2) printed on the back of the payment card – it’s part of the legacy payment flow we all know and use. But due to its static nature, if compromised, this code can be reused for fraudulent transactions.

That’s where DCV comes in. With DCV the code is visible on the mobile banking application and changes over time or usage, making it significantly more secure. If a compromised, outdated code is used, the transaction is immediately identified and declined. This transient nature of the verification code makes fraudulent online purchases and card skimming ineffective, offering an extra layer of security for transactions.

When combined with 3DS or as standalone, when 3DS is not applicable for the merchant, DCVV is a powerful way to mitigate fraud, avoid dispute costs, and handle fraud investigations efficiently. Financial institutions can save costs and maintain reliability and efficiency in the eyes of consumers.

A Modern Card Issuing Platform

While the benefits of DCV are clear, two potential roadblocks could hinder its deployment: user experience and engineering challenges.

Issuers need a card platform that augments its ecosystem with minimum effort, leveraging the existing authorisation rails, to avail modern payment card services rapidly.

Not only that, but developers need access to unified APIs, providing seamless integration and wide portfolio of services to build a modern card UX. All of this is provided in the Thales D1 platform.

A Step Towards Secure and Simplified Payments

By adopting Thales D1’s Dynamic Code Verification, banks can significantly reduce the costs associated with fraud and enhance the security of their payment systems by enabling rapid access to modern payment card services.

The Thales D1 modern card issuing platform provides a modular, cloud-based approach with a comprehensive API catalogue and developer portal. This enables banks to enhance their card issuers’ ecosystem by connecting to their systems without spending time on custom integrations.