Content deleted Content added
Gamapamani (talk | contribs) m fix template syntax |
→United Kingdom: +photo |
||
| (6 intermediate revisions by 4 users not shown) | |||
Line 1:
{{Short description|Aspect of banking security}}
[[image:Barclays pinsentry.jpg|thumb|right|250px|A Gemalto EZIO CAP device with Barclays PINsentry styling]]
The '''Chip Authentication Program''' '''(CAP)''' is a [[MasterCard]] initiative and technical specification for using [[EMV]] banking [[smartcards]] for [[authentication|authenticating]] users and transactions in online and telephone banking. It was also adopted by [[Visa (company)|Visa]] as '''Dynamic Passcode Authentication''' (DPA).<ref>[http://www.visaeurope.com/aboutvisa/products/dynamicpasscode.jsp Dynamic passcode authentication] {{webarchive|url=https://web.archive.org/web/20081119231409/http://www.visaeurope.com/aboutvisa/products/dynamicpasscode.jsp |date=2008-11-19 }}, VISA Europe</ref> The CAP specification defines a handheld device (''CAP reader'') with a smartcard slot, a numeric keypad, and a display capable of displaying at least 12 characters (e.g., a [[starburst display]]). Banking customers who have been issued a CAP reader by their bank can insert their [[Chip and PIN]] ([[EMV]]) card into the CAP reader in order to participate in one of several supported [[authentication protocol]]s. CAP is a form of [[two-factor authentication]] as both a smartcard and a valid PIN must be present for a transaction to succeed. Banks hope that the system will reduce the risk of unsuspecting customers entering their details into fraudulent websites after reading so-called [[phishing]] emails.<ref>{{Cite web|last=Leyden|first=John|title=Barclays deploys PINsentry to fight fraud|url=https://www.theregister.com/2007/04/18/pinsentry/|access-date=2021-04-30|website=www.theregister.com|language=en}}</ref>
==Operating principle==
Line 44 ⟶ 45:
==Users==
===Belgium===
[[Image:lecteur-de-carte-belfius.png|right|thumb|A [[Belfius]] card reader]]
Most majors banks of Belgium (including [[Belfius]], [[BNP Paribas Fortis]], [[ING Group|ING]], [[KBC Bank]]) provide such a card reader. It is used for two main purposes:
* Authenticating to the bank eBanking website. In order to access private information like balance checking.
* Signing a transaction. For example in eCommerce (3DS) to buy goods or service on an online merchant, or to perform a [[bank transfer]]. The merchant would ask for the bank card information, then redirect the user to the bank website where a webpage is displayed with instructions to follow to verify the transaction. Then the bank redirects the user to the merchant page with a success or a failure.
The device is equipped with an optional USB port, those two operations can be used without connecting the cable on a computer.
It was the most used method to pay online, offering a verification method similar to PIN in POS. Since the wide acceptation of smartphones, the banks offer an alternative using a local application on the phone, using a QR-Code to scan, or using the popular {{Interlanguage link|Itsme|fr|Itsme}} app.
The device is also compatible with the [[Belgian identity card|Belgian eID card]] to access government services like tax declaration, medical insurance information, unemployement, etc. Those services are also generally available using Itsme.
===Sweden===
Line 51 ⟶ 65:
[[Image:nationwide-CAP-reader.jpg|right|thumb|A Nationwide CAP Device with a 20p coin to scale]]
[[Image:Natwest--CAP-reader.jpg|right|thumb|A Natwest CAP Device with a 10p coin to scale]]
[[File:Barclays Pinsentry 5920.jpg|right|thumb|Barclays Pinsentry 5920]]
*The [[UK Payments Administration]] defined a CAP subset for use by UK banks. It is currently used by:
**[[Barclays Bank]]
| |||