In cyberspace, nobody can see your credit card. No wonder fraud is running rampant.


"The big issue is 'card not present' fraud in ecommerce, where the chip and pin security is not available. It is at an all time high," says Jeremy King, international director of PCI Security Standards Council, the body set up by the card industry to establish common standards and best practice.
Security standards for data transfer are good, King says. The weaknesses are data storage, with many high profile instances of millions of names, addresses and card details being stolen by hackers from corporate databases, and our own weakness or laziness as users. "The most popular password is still 123456," says King with a sigh.

Better authentication could combat both these problems by ensuring that everyone who presents a credit card online is reliably connected to their account, and a number of technologies are emerging that could provide all or part of the answer.

"It's quite exciting and we are seeing a raft of options coming on. MasterCard has just announced a system where users could identify themselves by taking a selfie, and I heard recently of a system where instead of taking a fingerprint you could take a finger vein because that was more unique. HSBC has just announced they will be using voice recognition," he says. "Everyone is trying to move away from the dreaded password."
Whichever authentication technology is adopted, it must be easy to use on mobile devices or the dropout rate at the checkout will only increase, King says.