Visa CodeSure has landed

Visa CodeSure has hit the market. These are cards with built in alpha-numeric displays that allow one-time passcodes to be used in conjunction with a PIN to secure online transactions:

http://www.visaeurope.com/en/newsroom/news/articles/2010/visa_codesure_gets_green_light.aspx

The first challenge must be replacing the 1.4bn Visa cards already out there, the second being – will it really work and how long will it take someone to break it?

I think this is a great innovative step and it will integrate with sites that support Verified by Visa (VbV) without any additional effort on behalf of the merchant.

As these only work with VbV I’m sure this will spark some interest, as although merchants are ‘supposed’ to be using VbV, many of them don’t, as find it cumbersome and it loses them sales.

If we’re all going to be forced down the route of implementing VbV in order to support the chargeback-free zone of new One Time Passcode (OTP) cards, this changes the fraud landscape completely.

I’ve always said (and I suppose it’s pretty obvious) that the more secure banks and issuers make things, the more likely criminals will go after individuals as targets.

In a world where everyone has chip and PIN (so cards can’t be cloned) and now CodeSure (so even skimmed Track 2 data can’t be used to make an eCommerce transaction), criminals are just going to resort to good old fashion extortion techniques and start seeing individuals as walking bags of £10,000, £20,000 or whatever ridiculously high credit limit the banks given you.

So.. erm.. thanks guys. Whilst we might have an incredibly secure system to protect Merchants, Banks and Issuers, up go personal hijackings and this scares me….