Mastercard enables CVC-less payments for tokenised cards in India


Mastercard has enabled CVC-less online transactions for its Indian debit and credit cardholders that have tokenised their cards on merchant platforms

Mastercard has enabled CVC-less online transactions for its Indian debit and credit cardholders that have tokenised their cards on merchant platforms. According to the official press release, the new capability was introduced as part of an effort to reduce the checkout time and to make virtual transactions frictionless and secure.

As per the tokenisation guidelines put forward by the Reserve Bank of India, merchants that adopt tokenised payments only have to collect Cardholder Verification Codes (CVCs) once. More precisely, this happens when tokenising the card. The tokenisation process itself adds an extra safety level of protection to the capabilities extended by Mastercard, as the issuing bank also performs account identification and verification during token provisioning.

Starting from the second transaction made with the card, the cardholder will solely have to select their tokenised card from the checkout page, confirm the the one-time password (OTP), and complete the transaction without introducing the CVC. Ecommerce players like Cashfree Payments and Zomato have reportedly already adopted CVC-less payments. As indicated in the official statement, eliminating the need to check CVCs brings about a series of benefits for merchants, including higher authorisation rates, reduced checkout abandonment, as well as an improved customer payment experience.

Even more to this point, when commenting on the new release, an official from Cashfree Payments expressed their excitement regarding the introduction of CVC-free payments, which are expected to decrease friction for cardholders and align the company’s payment experience with other popular methods such as UPI Intent. What do Mastercard’s token-based transactions leverage? To ensure the safety and security of payments, Mastercard’s token-based transactions purportedly leverage three factors: enhanced security features, authenticated user identity checks, and domain controls. Firstly, because token-based transactions involve a token expiry and a dynamic cryptogram, they are reportedly more secure and provide additional safeguarding against fraud.

Secondly, the system also includes authenticated user identity checks. More precisely, given that payments are made using a OTP or an Additional Factor Authentication (AFA), only authorised users can complete the transactions. Finally, token-based transactions are domain controlled, as the ability to seek a cryptogram is only available to the token requestor, thus ensuring that the transaction environment is secure and controlled.

Mastercard’s recent releases Earlier in 2023, Mastercard introduced a series of capabilities that similarly come to address a series of pain points for its customers. For instance, the company launched the Mastercard Receivables Manager, a new automated solution addressed to its US customer base. Via this offering, suppliers are no longer required to manually input and record virtual card information to reconcile the volume of digital payments they receive.

Similarly, Mastercard started using AI-backed tools in a bid to fight real-time payment scams through its ‘Consumer Fraud Risk’ product. .


Aug 04, 2023 15:46
Original link