PinPay Fraud Prevention Features

Document Sample
PinPay Fraud Prevention Features Powered By Docstoc
					                     PinPay Fraud Prevention Features
                 PinPay Fraud Prevention and Transaction Security

Fraud Prevention

The PinPay Network fraud prevention design and operation exceeds features currently
on existing card-swipe ATM/POS terminals:

First - PinPay defeats electronic skimming of magnetic stripe information by not using
the PIN off-set found on Track #2 (a “Transaction Unique” PIN Off-set is used).

Second - PinPay defeats electronic capture of PIN numbers, “phishing attacks,” and
magnetic stripe skinning attacks by requiring cardholder authentication data which is not
commonly available information, and data not provided on Tracks #1 or #2 of the card.

Third - PinPay defeats electronic hacker attacks against the SoftCard holder’s computer
system and the communications network through utilization of a highly secure PIN entry
client application program and a special secure communications network which avoids
the use of vulnerable software and infrastructure components, by employing ACAP
Security's proprietary Triad Tunnel Secure (TTS) service for the transfer of all
confidential and sensitive transactional and financial data.

Transaction Security

Some of the transaction security design features include:

Timeout on PIN access attempts
Restriction on the number of PIN access attempts
Unique transaction issued PIN off-set
Point and Click PIN entry (Eliminates keystroke monitoring PIN pickup)
Visual key-pad deception procedures (Deterrent to “shoulder surfing”)
Pre-PIN entry value encryption codes (Encryption occurs BEFORE entry of PIN)
Constant and frequent re-keying of the encryption codes
Use of TTS technology for data transfers
Multiple cardholder authentication questions (Counters skimming of card data)
Power interrupts secure data destruction
Internet dropped or interrupts secure data destruction
Attempted penetration attack detection and response
Avoids use of vulnerable web and Internet browsers for secure data transfers

Cardholder Authentication and Transaction Authentication

Because the PinPay Network only accepts the SoftCard as the payment card for all
PinPay services, and thereby operates as a closed payment and money transfer system,
many high security features are implemented to authenticate both the SoftCard holders,
and the transactions. These security capabilities are not available to the open payment
systems used for credit card payments. Furthermore, PinPay’s Internet PIN-Debit
payment offers more assurance of the authenticity of the SoftCard holder, and the
authentication of the PIN-Debit transaction, than is present in a card swiped payment

In addition to the superior security existing with the PinPay Network service, PinPay
offers a merchant the option for enhancing security with customized authentication.

Some of the options utilized, and available to be utilized for merchant customized
authentication, include:

SoftCard Number.
Purchase transaction code-
       Links the transaction to the Merchant’s shopping cart purchase data.
PIN entry transaction off-set-
       The PIN entry values are secure and provide a transaction unique off-set.
DoB - Date of Birth Verification-
       The date of birth of the SoftCard holder.
PCA – Postal Code Address Verification-
       The Zip code or Postal code of the SoftCard holder.
PTC – Purchase Transaction Code Verification-
       A unique code issued at the time in the transaction.
Last 4 digits of SoftCard holder’s phone number.
Last 4 digits of your SoftCard holder’s government issued ID card.

Shared By: