Successfully reported this slideshow.
Introducing Dynamic Data in Payment Transactions without Changing the Existing Infrastructure<br />RSA Conference<br />Feb...
Data Breach Epidemic<br />
The Problem: Large and Costly<br /><ul><li>January 2009
Heartland Payment Systems
Over 100M accounts compromised
Too costly to issue new cards</li></li></ul><li>Interesting Data Points<br /><ul><li>86% of cards stopped being used withi...
Fraudsters do not stick to one particular industry in 71% of the cases*
Every transaction is relying on static data
Fraud attacks are getting more and more sophisticated
Fraud not limited to ecommerce but also very real at ATMs and POSs</li></ul>* Ethoca Report on Fraud – Feb 2011<br />
True cost of Payment Fraud<br />The negative effects of fraud involve all participants in the card value chain.  <br />In ...
Market Update – Fraud in the UK<br />£ millions<br />Market closest in Europe to the US market<br />Payment cards are now ...
Market Update – Fraud in the US<br />In the US, decrease of fraud in 2009 due essentially to card reissuance (Heartland da...
Who is QSecure?<br /><ul><li>Silicon Valley startup VC funded in 2005 ($32M raised)
Broad patent portfolio on the technology and business applications
Pilot test programs in development with major issuers
Focusing on reducing fraud for the financial industry on Card Present and Card Not Present Fraud</li></li></ul><li>The Ide...
Without changing existing infrastructure
Without changing customer behavior
That can scale
Upcoming SlideShare
Loading in …5
×

QSecure Presentation at RSA 2011

1,126 views

Published on

Published in: Economy & Finance, Business
  • Be the first to comment

  • Be the first to like this

QSecure Presentation at RSA 2011

  1. 1. Introducing Dynamic Data in Payment Transactions without Changing the Existing Infrastructure<br />RSA Conference<br />February 2011<br />San Francisco<br />Daniel Chatelain, Vice President<br />Operations & Strategic Alliances<br />Website: www.qsecure.com<br />
  2. 2. Data Breach Epidemic<br />
  3. 3. The Problem: Large and Costly<br /><ul><li>January 2009
  4. 4. Heartland Payment Systems
  5. 5. Over 100M accounts compromised
  6. 6. Too costly to issue new cards</li></li></ul><li>Interesting Data Points<br /><ul><li>86% of cards stopped being used within 24 hours after 1st use*
  7. 7. Fraudsters do not stick to one particular industry in 71% of the cases*
  8. 8. Every transaction is relying on static data
  9. 9. Fraud attacks are getting more and more sophisticated
  10. 10. Fraud not limited to ecommerce but also very real at ATMs and POSs</li></ul>* Ethoca Report on Fraud – Feb 2011<br />
  11. 11. True cost of Payment Fraud<br />The negative effects of fraud involve all participants in the card value chain. <br />In general, only the issuer’s fraud losses are widely tracked and shared<br />Note: opportunity costs include lost revenues due to fraud at time of card application and of increasing compliance costs driven by fraud regulations and laws <br />
  12. 12. Market Update – Fraud in the UK<br />£ millions<br />Market closest in Europe to the US market<br />Payment cards are now 100% EMV since 2004<br />UK fraud rate was 9 basis points for 2009 compared to 18 bp in 2001. Counterfeit represents 18% and is down 52% from 2008 <br />At a high level, numbers demonstrate that EMV deployment starts bearing fruit<br />Source: APACS in the UK<br />
  13. 13. Market Update – Fraud in the US<br />In the US, decrease of fraud in 2009 due essentially to card reissuance (Heartland data breach)<br />In the US, increase of fraud in the first half of 2010<br />In the US, hack of merchant payment network to get magstripe data information<br />ATM skimming with camera to capture PIN getting slick with technology improvement (less frequent but high impact)<br />BasisPoints<br />Source: MasterCard Global Risk Conference 2010<br />
  14. 14. Who is QSecure?<br /><ul><li>Silicon Valley startup VC funded in 2005 ($32M raised)
  15. 15. Broad patent portfolio on the technology and business applications
  16. 16. Pilot test programs in development with major issuers
  17. 17. Focusing on reducing fraud for the financial industry on Card Present and Card Not Present Fraud</li></li></ul><li>The Ideal Solution<br /><ul><li>Prevents Fraud
  18. 18. Without changing existing infrastructure
  19. 19. Without changing customer behavior
  20. 20. That can scale
  21. 21. And remains affordable</li></li></ul><li>The Resulting Card Products – What you see<br /><ul><li>The Display-Only Card
  22. 22. Secure On-Line Payment Card
  23. 23. Dynamic CVV2
  24. 24. Dynamic 3D Secure Code
  25. 25. Dynamic Home Banking Code (OTP)
  26. 26. Additional Secure Card Code (OTP)
  27. 27. Event based or time based
  28. 28. The SmartStripe-Only Card
  29. 29. Secure Card-Present Payment Card
  30. 30. Dynamic MagStripe
  31. 31. The Combo Card
  32. 32. Secure Card-Present and On-Line Card</li></li></ul><li>The SmartStripe Solution – What you don’t see<br /><ul><li>Convenient, compatible and secure credit cards with SmartStripe technology
  33. 33. Dynamic cryptography on the magstripe makes each transaction unique
  34. 34. No impact on existing acceptance infrastructure
  35. 35. Backend platform authenticates unique number on the magstripe
  36. 36. Integrates into existing issuer processes
  37. 37. No change to other transaction network processes</li></li></ul><li>Why QSecure Works for Issuers?<br /><ul><li>Only the card is upgraded, with issuer in full control
  38. 38. Each card and transaction is unique (no keys stored in card)
  39. 39. Card information stored by merchants, acquirers or service bureaus can not be used fraudulently (including PIN data)
  40. 40. Quickly identify fraud sources, no need to block and reissue cards
  41. 41. Increase market share through greater cardholder trust
  42. 42. Card are EMV compatible</li></li></ul><li>Why QSecure Works for Others?<br /><ul><li>Cardholders
  43. 43. No change in cardholder behavior
  44. 44. Card data is safe
  45. 45. It is like getting a new card for each transaction
  46. 46. Merchants
  47. 47. No need to change existing acceptance infrastructure
  48. 48. Fraud stopped in real time before goods or services are lost
  49. 49. Limits their financial exposure
  50. 50. No negative impact on business
  51. 51. Enhances PCI DSS compliance efforts</li></li></ul><li>One Secure Card for One Application or Many<br />QSecure<br />Authorization<br />Server<br />Payment<br />Authorization Server<br />Banking <br />Host<br />POS<br />Internet<br />Customer<br />Service<br />ATM<br />MOTO<br />3D <br />Secure<br />Online <br />Banking<br />Card Present<br />Interaction<br />Card Not Present<br />Interaction<br />Other Bank Channels<br />
  52. 52. QSecure<br />Authorization<br />Server<br />Payment<br />Authorization Server<br />Banking <br />Host<br />MOTO<br />3D <br />Secure<br />POS<br />Customer<br />Service<br />ATM<br />Online <br />Banking<br />QCS<br />Card Present<br />Transactions<br />Perso<br />Bureau<br />Card Not Present<br />Transactions<br />Other Banking Channels<br />Internet<br />One Secure Card for One Application or Many<br />
  53. 53. The Display Only Card<br /><ul><li>Up to 6 Digit Display on the back of the card
  54. 54. Unique cryptogram provided each time the button is pressed (CVQ) – data good for only one transaction or a period of time
  55. 55. Thin, flexible battery embedded in card with up to 3 year life</li></li></ul><li>The Display Only Card<br /><ul><li>Key Benefits
  56. 56. Prevents Card Not Present transactions fraud
  57. 57. eCommerce and MOTO with Dynamic CVV2
  58. 58. 3D Secure if 3D Secure used by issuer
  59. 59. No change to the existing merchant checkout process
  60. 60. Dynamic data associated with each transaction
  61. 61. Can be used as an OTP Authentication Token as well
  62. 62. For Home Banking Interaction (event based or time based)
  63. 63. For IVR/Customer Service Interaction</li></li></ul><li>Our Value Proposition<br /><ul><li>Passed security requirements from CartesBancaires and Visa Europe to issue Display cards in Europe
  64. 64. Independent of card manufacturing and personalization bureau for cost effectiveness
  65. 65. A full solution compatible with existing issuance systems
  66. 66. An expertise to enable card issuers in their implementation
  67. 67. We are in PRODUCTION already with our display products
  68. 68. A pilot program in the box to get started easily</li></li></ul><li>Summary<br /><ul><li>Largest threat to financial transaction network is static data payment transactions
  69. 69. QSecure’s SmartStripe technology solves the problem with no change to acceptance infrastructure
  70. 70. Solution in production today with display cards and in late stage of development with the SmartStripe
  71. 71. QSecure platform offers complete solution from front end card to backend authorization
  72. 72. We have pilot programs “in a box” available if interested</li></li></ul><li>Thank You<br />We look forward to doing business with you<br />Daniel Chatelain, Vice President<br />Operations & Strategic Alliances<br />Email: daniel@qsecure.com<br />Website: www.qsecure.com<br />

×