Chip Authentication Program: Difference between revisions

Content deleted Content added
 
(4 intermediate revisions by 4 users not shown)
Line 1:
{{Short description|Aspect of banking security}}
[[image:Barclays pinsentry.jpg|thumb|right|250px|A Gemalto EZIO CAP device with Barclays PINsentry styling]]
The '''Chip Authentication Program''' '''(CAP)''' is a [[MasterCard]] initiative and technical specification for using [[EMV]] banking [[smartcards]] for [[authentication|authenticating]] users and transactions in online and telephone banking. It was also adopted by [[Visa (company)|Visa]] as '''Dynamic Passcode Authentication''' (DPA).<ref>[http://www.visaeurope.com/aboutvisa/products/dynamicpasscode.jsp Dynamic passcode authentication] {{webarchive|url=https://web.archive.org/web/20081119231409/http://www.visaeurope.com/aboutvisa/products/dynamicpasscode.jsp |date=2008-11-19 }}, VISA Europe</ref> The CAP specification defines a handheld device (''CAP reader'') with a smartcard slot, a numeric keypad, and a display capable of displaying at least 12 characters (e.g., a [[starburst display]]). Banking customers who have been issued a CAP reader by their bank can insert their [[Chip and PIN]] ([[EMV]]) card into the CAP reader in order to participate in one of several supported [[authentication protocol]]s. CAP is a form of [[two-factor authentication]] as both a smartcard and a valid PIN must be present for a transaction to succeed. Banks hope that the system will reduce the risk of unsuspecting customers entering their details into fraudulent websites after reading so-called [[phishing]] emails.<ref>{{Cite web|last=Leyden|first=John|title=Barclays deploys PINsentry to fight fraud|url=https://www.theregister.com/2007/04/18/pinsentry/|access-date=2021-04-30|website=www.theregister.com|language=en}}</ref>
 
==Operating principle==
Line 54 ⟶ 55:
The device is equipped with an optional USB port, those two operations can be used without connecting the cable on a computer.
 
It was the most used method to pay online, usingoffering a verification method similar to PIN in POS. MoreSince recentlythe wide acceptation of smartphones, the banks offer an alternative using ana local application on the phone, using a QR-Code to scan, or using the popular {{Interlanguage link|Itsme|fr|Itsme}} app.
 
The device is also compatible with the [[Belgian identity card|Belgian eID card]] to access govermentgovernment services like tax declaration, medical insurance information, unemployement, etc. Those services are also generally available using Itsme.
 
===Sweden===
Line 64 ⟶ 65:
[[Image:nationwide-CAP-reader.jpg|right|thumb|A Nationwide CAP Device with a 20p coin to scale]]
[[Image:Natwest--CAP-reader.jpg|right|thumb|A Natwest CAP Device with a 10p coin to scale]]
[[File:Barclays Pinsentry 5920.jpg|right|thumb|Barclays Pinsentry 5920]]
*The [[UK Payments Administration]] defined a CAP subset for use by UK banks. It is currently used by:
**[[Barclays Bank]]