Do you sometimes feel unsafe when paying with your credit card on the internet? Or when entering your pin in a store?
Then N. C. Payment is for you.
Of course, you have the three-or four-digit card security code (CSC) on the back of your credit card.
If you can quote that, you are supposed to be in actual possession of the card.
Unfortunately, this code doesn’t change. How can you be sure that it isn’t copied by someone, e.g. a salesperson who looks at the back of your card, during unsecure communication or at a not-so-honest website?
You can’t.
With a temporary CSC, however, you don’t need to worry.
It will change as times go by.
An app on your phone or other device will provide the temporary CSC.
You just enter the temporary CSC instead of the original one on your card when requested.
Nobody will benefit from stealing that temporary CSC.
Typically, this would require a fairly complex encryption solution, with exchange of keys, etc.
In our patented technique, we use what is known as a MINIMAL PERFECT HASH.
(which ensures that each original CSC at any given time corresponds to exactly one temporary CSC).
This eliminates the need for encryption keys.
Instead of trying to de-hash the temporary CSC in order to verify it
– which is virtually impossible – the receiver hashes a csc value in the same way and with the same parameters as your app just did.
If the result then is the same as your temporary CSC, everything is fine.
Your transaction is approved.
If it is the card issuer, they will have your real CSC stored and use that in the hash function.
Very simple!
If it is another party, e.g. a secondary bank that does not have access to the CSC lists of the card issuer, they will try with each possible CSC: 001, 002, etc.
Very soon they will have found a CSC for which the resulting hash corresponds to your temporary CSC.
Then that CSC – not your temporary one - will be relayed to the card issuer for verification.
Done!
In fact, it is not necessary to know!
A card issuer could e.g. first compare a transmitted CSC value to the real one.
If not correct, then use the hash procedure with the transmitted CSC value as a temporary one.
The problems are about the similar for the PIN as for the CSC, especially for a physical card.
Somebody could e.g. look over your shoulder as you punch in the PIN in a store.
Then, the card is stolen and can be used.
Unfortunately, the PIN normally stays the same, like the CSC. Sooner or later somebody will see it.
And if that person takes advantage of it, in many countries you will be held responsible.
Email: info@ncpab.se
Fill in your name, e-mail and your message, and then send the form and we will contact you shortly.
