Thursday, April 2, 2009

Two-factor authentication comes to Main Street

Security can be a wonderful thing and if it is well thought out and it does not have to be onerous.

I have seen an increase in the number of merchants who are asking me for my billing zip code when using my American Express card. Walmart has been doing it for years. Many gas stations have started and last night, Walgreens asked me for the first time.

This is a great example of intelligent two-factor authentication. The transaction relies on “something I have,” the credit card, and “something I know,” the billing zip code. Something that is easy for me to remember.

This is much more effective than a signature because the credit card processor can easily validate my zip code as compared with analyzing handwriting. If security involves a cycle of:

  • Prevention
  • Detection
  • Reaction

the use of the Zip Code raises the ability of the bank and merchant to prevent and detect a fraudulent transaction.

Several years ago someone stole my credit card and spent about $300 before I noticed the next morning that the card was gone. Had the thief been asked my zip code, he never would have been able to order that $50 meal at McDonald’s. Let’s hope that more merchants follow this protocol and we see a drop in credit card theft, saving all of us money in the long run.

No comments:

Post a Comment