New online payment system protects personal data

SINGAPORE, 22 OCTOBER 2008 -- Customers can avoid sending personal data over the internet when shopping online, following the launch of a new e-commerce payment system.

Collaboration between MasterCard, Formosa Technology, FarFax and Shin Kong Commercial Bank has resulted in the Credit Card Dynamic Password Authentication and Dynamic Secured Payment System.

According to MasterCard, the system is the first of its kind in the Asia-Pacific, using the MasterCard OneSmart Chip Authentication Program (CAP) and Credit Card Personal Account Number mapping.

With the solution, customers can make online payments without having to enter personal data such as a credit card number, expiry date, cardholder name and three-digit CVC2 code, MasterCard said. The user only needs to enter the CAP token and complete payment authorisation upon confirmation of identity.

Online shopping popularity

Online shopping has attracted the interest of more Asia-Pacific consumers, reflected by a jump in electronic transactions. According to MasterCard, the Asia-Pacific online shopping market is expected to grow at a rate of 23.3 per cent annually, reaching US$168.7 billion by 2011.

Despite the growing popularity of online shopping in the region, users still cite information security as a top concern, MasterCard said.

Formosa Technology and FarFax will work with participating internet merchants to deploy the Credit Card Dynamic Password Authentication and Dynamic Secured Payment System platform.

According to MasterCard, the system improves information security by offering two-factor authentication on EMV chip technology. This means that the customer would employ something only he or she knows, such as a PIN, in tandem with something he or she has (an EMV chip card in this case).

Security system

Cardholders insert their EMV chip card into a simple handheld card reader, and enter their PIN into the device, creating a unique, one-time password, MasterCard said. The password must be entered to permit the user to conduct online banking or e-commerce transactions.

Based on EMV and CAP technologies, the password only works once and becomes invalid when the transaction is completed.

MasterCard claimed that the system gives internet users peace of mind from Trojans or hackers intercepting personal information such as account numbers and passwords. By eliminating customers' need to provide personal information to merchants, identity theft may be prevented, the company said.

For the near future, Formosa Technology is seeking to extend the system to online shopping, online auction and television shopping merchants.

Singapore firm scores mobile wallet success abroad

By WINSTON CHAI

WITH Singapore's efforts to promote payments via mobile phones slow to get off the ground, a local firm is dialling overseas to exploit the market potential of this emerging technology.

Following the success of earlier trials, Cassis International is working with a Malaysian operator on the commercial rollout of its mobile wallet initiative, according to company CEO Chua Thian Yee. This comes on the heels of a similar deployment for Korea's SK Telecom in 2007.

The homegrown tech upstart, formed in 2002 by a group of executives from the smartcard industry, plays an integral role in realising the payment promise of near field communication (NFC), the technology that is being used to allow consumers to tap and pay for purchases with their handsets.

This is because Cassis provides the solutions needed to allow financial services players to securely distribute credit-card and other payment applications over the air to NFC-enabled mobile phones. By loading the relevant applications, the phone can be used to pay for everything from train rides to burgers and movie tickets.

Cassis was roped in for all the NFC trials that were sanctioned by Visa International, and is the only Asian firm on the payment provider's international mobile payment platform consortium.

Helped by the two overseas projects, the firm is expected to maintain its revenue growth at 30 per cent in 2008, but its big break could come within the next year with more commercial rollouts around the world.

'2009 will be a big year for us,' Mr Chua told BizIT in an interview on Tuesday, without disclosing details of the deals in the pipeline.

To tackle its overseas projects, the company currently has a team of 70 staff across Malaysia, China, Korea, France, and its headquarters in Singapore.

While inter-operability and fragmentation issues dogged earlier attempts to promote mobile payments, Mr Chua is confident that the outcome will be different this time around with NFC.

Instead of loading credit-card applications into the chip of a plastic card, the data is instead sent over the cellular network to an NFC handset. There is no need to replace existing payment terminals, Mr Chua stressed.

'NFC uses a standard that has already been established. It's not about introducing new equipment but merely using another form factor (the mobile phone instead of a plastic credit card) to pay using the same transaction terminal,' Mr Chua said.

While telcos in countries such as Japan and Korea have introduced mobile payments, local operators here are just starting to dip their toes into the fledgling technology.

Singapore Telecommunications and its partners Nets and United Overseas Bank are assessing the feasibility of a new coupon redemption feature with NFC-enabled handsets.

Rival StarHub, however, has chosen to join hands with Japanese operator NTT Docomo to test out the latter's Osaifu-Ketai mobile wallet platform in Singapore.