by Hamish Barwick

MasterCard Australia outlines card security roadmap

Mar 29, 2011

International card provider, MasterCard, has outlined a five-year plan for making its Australian network more secure through the use of card security measures, such as the Europay, MasterCard and Visa (EMV) standard.

EMV is the global standard used by card providers for integrated circuit (IC) debit and credit cards used in point of sale terminals and automated teller machines (ATMS).

MasterCard Australia strategy and corporate affairs vice president, David Masters, said that by October 2011, all new and reissued MasterCard cards issued by Australian banks would need to be EMV-enabled, with all new point of sale terminals EMV-compliant by April 2012.

In April 2013, all cards and payment terminals would be upgraded to EMV and by the end of 2015, all ATMs in Australia would be EMV-enabled.

“Over the last 12 months we’ve been working with merchants and all banks to get them up to speed,” Masters said.

“Those dates are realistic and achievable knowing what we know about the issues merchants have to flip those cards over to EMV.”

Masters said the upgrade is part of its strategy against counterfeit fraud.

“Cyber crime is definitely an area of concern and that is why we have taken the view on Securecode, which is online authentication technology,” he said.

SecureCode works by securing confidential cardholder data over the internet and also provides internet security for all parties, such as online mechants and businesses, involved in a transaction.

“It is designed to deliver enhanced protection against the risk of credit and debit card account numbers being used by fraudsters in cyberspace,” Masters said.

“Online bookings and purchases made on sites that use MasterCard SecureCode are secured by the cardholders personal MasterCard SecureCode – a password known only by the cardholder, providing an extra security measure in online transactions.”

By April 2013, online merchants would be required to offer MasterCard SecureCode authentication for all transactions over $200.

“Ensuring all cards and terminals are chip-enabled means we can reinforce our already robust security for cardholders and retailers,” he said.

The EMV strategy follows news that Hewlett-Packard (HP) has targeted the prepaid debit card market, launching processing services which it has claimed are safer than existing practices.

The new processing services provide inventory management, a customer portal so that card users can track their spending, and a client portal allowing card holder transactions to be monitored.

The new services, which comply with the PCI DSS (Data Security Standard) regulations introduced in September 2010, have already snared at least one of the big four banks and negotiations are continuing with other major players in the financial sector.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU