Chip Authentication Program: Difference between revisions

The '''Chip Authentication Program''' (CAP) is a [[MasterCard]] initiative and technical specification for using [[EMV]] banking [[smartcards]] for [[authentication|authenticating]] users and transactions in online and telephone banking. It was also adopted by [[Visa (company)|Visa]] as '''Dynamic Passcode Authentication''' (DPA).<ref>[http://www.visaeurope.com/aboutvisa/products/dynamicpasscode.jsp Dynamic passcode authentication] {{webarchive|url=https://web.archive.org/web/20081119231409/http://www.visaeurope.com/aboutvisa/products/dynamicpasscode.jsp |date=2008-11-19 }}, VISA Europe</ref> The CAP specification defines a handheld device (''CAP reader'') with a smartcard slot, a numeric keypad, and a display capable of displaying at least 12 characters (e.g., a [[starburst display]]). Banking customers who have been issued a CAP reader by their bank can insert their [[Chip and PIN]] ([[EMV]]) card into the CAP reader in order to participate in one of several supported [[authentication protocol]]s. CAP is a form of [[two-factor authentication]] as both a smartcard and a valid PIN must be present for a transaction to succeed. Banks hope that the system will reduce the risk of unsuspecting customers entering their details into fraudulent websites after reading so-called [[phishing]] emails.<ref>{{Cite web|last=Leyden|first=John|title=Barclays deploys PINsentry to fight fraud|url=https://www.theregister.co.ukcom/2007/04/18/pinsentry/|access-date=2021-04-30|website=www.theregister.com|language=en}}</ref>

There exists<ref>[http{{Cite web|title=Application|url=https://sites.uclouvain.be/EMV-CAP/Application/ EMV|access-CAP Python implementation]date=2021-04-30|website=sites.uclouvain.be}}</ref> a software implementation written in Python supporting Mode 1, Mode 2 and Mode 2 with TDS to be used for educational purposes only.