Products - VCpay Mobile Payments - Security

By: Bgs Smartcard  11-11-2011
Keywords: Mobile Phone, Bank Account, Virtual Cards

In order to protect a cardholder from common threats posed by the Internet and similar environments, it is necessary to secure the very process of generating Mobile Virtual Cards. Compared to an inherently insecure channel such as the Internet, a mobile phone provides more protection, control, and privacy. Before a mobile phone owner can start using VCpayTM, he/she needs to activate the application by registering with the Issuer, selecting a funding account, and choosing a PIN that will be used to protect the application. It is important to note that the PIN is created offline on the mobile phone itself, is not stored on any host server, and is only known to the user. RSA Keys are used to establish a secure channel between the VCpayTM Host Server and the VCpayTM application during the activation process and for any further data exchange.

After successful activation, the user will be in a position to generate MVCs, which are totally compliant with international payment standards, thus consisting of a virtual card number, an expiry date, and a CVV/CVC. MVC numbers are complex cryptographic certificates generated offline using algorithms and cryptography based on 3DES with strong 168-bit keys. Specific information is embedded in the encrypted MVC, preventing anyone from being able to copy, change or reproduce. No financial data or consumer bank account information is stored on the phone and no SMS, WAP or browsing session is needed to generate the MVC. These security mechanisms prevent any attempt to compromise the MVC, as no one (except the user) is aware of its creation until it is used. In addition, MVCs can only be decrypted by the VCpayTM Host Server.


Keywords: Bank Account, Mobile Phone, Virtual Cards

Other products and services from Bgs Smartcard


Products - VCpay Mobile Payments

Net1 has developed an innovative mobile phone-based payment solution that enables secure purchases with no disruption to existing merchant infrastructures and significant incentives for all stakeholders. VCpayTM enables a consumer to securely generate a one-time use Mobile Virtual Card number for a specific purchase amount on his/her mobile handset.


Products - VCpay Mobile Payments - Technology

An MVC number fully complies with the card scheme rules by keeping the format of 23 digits that are usually printed on a credit card, while using these digits for the creation of a virtual card cryptogram. The VCpayTM application combines the key advantages of two incredibly successful and pervasive products: the portability of a mobile phone and the convenience of a credit/debit card.


Products - VCpay Mobile Payments - Payment Process

After verifying the transaction amount, identifying the VCpayTM cardholder, and validating the MVC, the VCpayTM Host Server sends an authentication response back to the Issuer, who can then proceed to authorize the transaction depending on the availability of sufficient client funds.


Products - VCpay Mobile Payments - Benefits

Physical retailers can service customers on the spot by accepting payments from cell phone to cell phone in-store, thus bringing the point of sale to the decision, instead of making people queue up behind the cash register. Non-cardholders and unbanked consumers can benefit from state-of-the-art online payment technology. Mobile coupons/discounts can generate demand and increase customer loyalty.


Products - VCpay Mobile Payments - Case Study

Net1’s first distributor for VCpayTM in the United States, MetroPCS, has several million subscribers, and offers VCpayTM to its prepaid customers as an application that is preloaded on all MetroPCS Android and new Blackberry phones or can be downloaded on select existing devices.