Payment Dispute Standards and Compliance Council

Menu
  1. Home
  2. Financial Institutions

Blog

Improving Security for Dispute Resolution Platforms with OTPs

Financial Institutions, Industry Regulations

Protecting sensitive data from fraudsters is essential for the payment industry, and the One-Time Password (OTP) is a fantastic tool to help with this.

Major card firms, including Mastercard, Visa, and Discover, are utilising OTPs to provide an additional security measure. By protecting sensitive data from thieves, this aids financial institutions in securely gaining access to dispute resolution platforms.

What is an OTP?

A One-Time Password (OTP) is a temporary code sent to a user to log into dispute resolution platforms such as Visa Online and Mastercard Connect. This code can be sent to the user’s preferred channel, which is confirmed when setting up. Depending on the card scheme preference, the options available could be via email, SMS, voice calls, or mobile apps like Google Authenticator. 

As we all know, regular passwords created by users stay the same until they are changed. OTPs are different, as they automatically change every time and expire after one use. If a cybercriminal manages to intercept an OTP, they won’t be able to use it again, which will reduce the risk of unauthorised access.

Many financial institutions are already familiar with OTPs since Visa and Discover have been using them for dispute platforms for a while now. Recently, Mastercard has started using OTPs too.

Mastercard Connect’s Shift from RSA Tokens to OTPs

Mastercard Connect users have been using RSA tokens for security, but that’s changing. Until recently, a physical device like a key fob (hardware token) or an app on your phone or computer (software token) was used. The user would enter a PIN or password along with the code from the token to log in. Now, Mastercard is switching things up.

Choosing between OTPs and other token systems depends on what an organisation needs for security and what users prefer. OTPs are simple and user-friendly, so Mastercard is replacing RSA tokens with OTPs. This switch saves money on distributing physical tokens and makes things easier for users.

Meeting Global Security Standards

Regulatory bodies around the world want stronger security methods to protect users’ data and transactions. For example, the Reserve Bank of India and other authorities require multi-factor authentication to improve security. By using OTPs, organisations can meet these requirements and show they’re committed to protecting customer information. Following these rules helps avoid legal trouble and builds trust with customers.

Adoption by Major Card Companies

Big card companies like Mastercard, Visa, and Discover widely use OTPs because they’re effective and reliable. These companies use OTPs to provide a safe and easy authentication method for users.

The support of OTPs by these big companies highlights their importance in keeping financial transactions and sensitive data safe. Financial institutions and card companies are taking big steps to protect their customers and stay ahead of cyber threats.