Chip Authentication Program: Difference between revisions

The '''Chip Authentication Program''' (CAP) is a [[MasterCard]] and [[Visa (company)|Visa]] initiative and technical specification for using [[EMV]] banking [[smartcards]] for [[authentication|authenticating]] users and transactions in online and telephone banking. The CAP specification defines a handheld device ("CAP reader") with a smartcard slot, a decimal keypad, and a display capable of displaying at least 12 characters (e.g., [[starburst display]]). Banking customers who have been issued a CAP reader by their bank can insert their [[Chip and PIN]] ([[EMV]]) card into the CAP reader in order to participate in one of several supported [[authentication protocol]]s. CAP is a form of [[two-factor authentication]] as both a smartcard and a valid PIN must be present for a transaction to succeed. Banks hope that the system will reduce the risk of unsuspecting customers entering their details into fraudulent websites after reading ‘[[phishing]]’ emails.<ref>http://www.theregister.co.uk/2007/04/18/pinsentry/</ref>

*[[Barclays Bank]] began issuing CAP readers (which they call "PINsentry") to selected online-banking customers in the United Kingdom in 2007.<ref>{{cite web|url=http://www.barclays.co.uk/pinsentry/ | title=Barclays PINsentry}}</ref><ref>[http://www.theregister.co.uk/2006/08/09/barclays_launches_cardreaders/ Barclays to launch two-factor authentication], The Register, 2006-08-09.</ref> The 2008 version of the PINsentry device is powered by four [[LR44]] [[button cell]] batteries, which the manual claims will last from five to seven years. The first PINsentry readers used recorded audio to guide the user when using the device, whereas the devices issued in 2008 simply use on-screen instructions.