New Fraud Mitigation Tools: Biometrics and Numberless Cards

Innovative Measures are Being Tested to Fight Credit Card Fraud

As fraud continues to increase, spurred by the growth of ecommerce and mobile payments, merchants, card networks and card issuers are seeking new ways to detect and prevent it. Biometric authentication and numberless cards are among the new fraud mitigation tools being tested.

credit card fraud

Credit/debit cards with embedded fingerprint sensors that allow a fingerprint to be used instead of a signature or PIN to authenticate a transaction are now available. To use one of these cards, the cardholder touches a sensor on the card surface which scans their fingerprint and compares it with the fingerprint stored in the card. If the scan matches, the transaction is authenticated. Visa has launched a pilot of its biometric card in the US in partnership with Mountain America Credit Union; a second pilot in Europe has been launched with the Bank of Cyprus. Mastercard also offers a biometric card which is available in over 70 markets worldwide.

Facial biometrics are also being used for authentication.  Visa has partnered with Abu Dhabi Bank to introduce a biometric authentication solution for ecommerce transactions that uses fingerprint and facial biometrics.  Similarly, Mastercard, working with its partner Payface, launched a pilot of its new Biometric Checkout Program in Brazil. The program enables consumers to link facial and fingerprint biometrics to a payment card through an app.  Once enrolled in the program, to pay the bill at point of sale, a consumer only needs to smile into a camera or wave their hand over a reader.

Use of biometrics for authentication will likely continue to increase as both Visa and Mastercard are actively investing in and forming partnerships with companies that have biometric payments expertise.  This includes Mastercard’s acquisition of digital identity firm Ekata and Visa’s investment in the biometric authentication startup LoginID.  

The main difference between a traditional credit card and a numberless card is that a numberless card only has the card issuer branding and the cardholder’s name. The other information traditionally displayed on a card, such as the account number, CVV and expiration date, is securely encrypted in the EMV chip embedded in the card. Apple launched a numberless card in the US in 2019. Since then, numberless credit cards have been issued in the UK, Latin America, and Asia.

Use of a numberless credit card requires the use of a smartphone app linked to the card issuer’s network.  For an in-person transaction, the cardholder uses the app to generate a pin which is used to authenticate the transaction.  For an online transaction, the cardholder uses the app to verify identity and obtain the information needed for online shopping (e.g., account number, CVV, etc.) All transactions made with the card are tracked and managed using the connected app.  Some assert that needing to use an app to complete a transaction is cumbersome and particularly difficult for people who are not adept at using digital apps.

Ostensibly, numberless cards help prevent fraud by limiting the information a fraudster can get from looking at the physical card, but the card number does exist digitally, so the risk of fraud still exists. In fact, most credit card fraud attacks happen online, and in those cases the fraudster does not see the physical card. 
Time will tell whether numberless cards become widely popular or whether they are viewed as a novelty.
numberless card

Verisave is a third-party cost-reduction firm specializing in merchant accounts and credit card processing fees.

Verisave is not a payment processor, and is not affiliated with any processors, card brands, or banks.

Verisave has more than 20 years of experience optimizing and monitoring the credit card processing industry.

Contact Verisave