Project Manhattan
advertisement
The Digital PIN ROI Operational Savings + Security November 2009 Agenda Current Market Situation Pros and Cons of PIN Issuance Methodologies Cost and Security Advantages for Moving to Digital Egg Banking Case Study SafeNet Today… protects: • the most money that moves in the world. 80% of all electronic banking transfers -- $1 Trillion a day • the most digital identities in the world. Most PKI identities for governments and F-100 companies • the most high-value software in the world. 80 Million hardware keys; more than any other vendor • the most classified information in the world. The largest deployment of government communications security PIN Issuance Market The Reality Fact: The card and payment market is growing at approximately 10% a year WW & PIN mailers costs issuers millions This means your cost is going to continue to rise. The Reality Fact: Hackers are becoming more sophisticated and identity theft makes up $45 billion of crime in U.S. The cost per fraud increased 25%- $691/incident The need to protect against fraud is more critical than ever! *source Javelin Group 2008 How Do We Stay Secure? User Authentication Cardholder verification method (CVM) Signature PIN PIN Online - verified by issuer Offline - verified by card Who Manages This? Card Issuers 730 Million EMV cards WW Role of the Card Issuer: Initialise each card Establish key pairs Personalise each card PIN SDA signature Key Pairs for DDA PIN encryption Keys for Application Cryptograms Secure Messaging … Issues with Traditional PIN Issuance Method: Issues: Paper-based PIN mailers 1) Delay in card usage 2) High cost 3) Highly insecure Susceptible to angled-light attacks Mail interception ATM PIN selection 1) ATM susceptible to manipulation Interactive voice response 1) Not easy to secure Impossible to encrypt and travels over a public network http://business.timesonline.co.uk/tol/business/money/consumer_affairs/article4259009.ece The Digital PIN Issuance Advantage Imagine a World of Secure Digital PIN Issuance Secure PIN delivery endpoint Real time delivery Provide an end-to-end encrypted transaction Separation between the cardholder identity and the PIN No risk of internal or external breach Digital PIN Issuance Advantages Profitability Customer Satisfaction Security Environmentally Responsible Reduces operational costs, increases revenue, and saves resources for banks, credit card companies, and retail programmembership card issuers. Eliminates paper PIN issuance costs an upwards of $1.50 per mailer Reduces frequency of PIN requests ultimately reducing overhead expenses By increasing the security around PIN issuance, they will actually be reducing the cost per incident of $691/incident *source Javelin Group 2008 Digital PIN Issuance Advantages Profitability Customer Satisfaction Security Environmentally Responsible Digital format is often easier to use and provides instant issuance of PIN Cardholders conveniently retrieve a PIN for a newly issued card online Enables instant PIN retrieval, card will be top of wallet. In contrast, delivery of PINs via mail takes an average of 10 days, which could be 10 purchasing days a cardholder is using a competitor’s card. No worries about the PIN mailer getting lost in the post Digital PIN Issuance Advantages Profitability Customer Satisfaction Security Environmentally Responsible Eliminates PIN-based fraud and far surpasses the security provided by paper-based PIN mailers or voice-based interactive systems Eliminates PIN based fraud because it bypasses the paper based PIN mailer system and postal delivery systems Even the most recent online systems, such as interactive voice response (IVR), cannot be secured. Digital PIN Issuance Advantages Profitability Customer Satisfaction Security Environmentally Responsible An ecologically responsible alternative to sending PINs over the mail Financial services and payment providers make up over 3% of an individual’s carbon footprint. Besides lowering operational costs, converting mailers from paper to digital will drastically help financial service providers reduce their carbon footprint, as well as promote their green image BUT HOW? New Technology: SafeNet ViewPIN+ 2008 Best Solution in Finance Profitability Customer Satisfaction Security Environmentally Responsible 2008 Best eTransaction Solution finalist Proven Revolutionizing PIN Issuance the ONLY fully automated, secure webbased PIN issuance and management solution on the market that delivers unprecedented cardholder satisfaction and costs savings by eliminating expensive, insecure and time-consuming paper based PIN delivery to cardholders. What is SafeNet ViewPIN+? A secure, web-based solution to: Issue PINs to cardholders; Remind cardholders of their PIN; Have cardholders change their PIN. From any web browser, PC-based or mobile phone based. In essence, it is a secure credential delivery mechanism. What is the Business Case? Cost Reduction Fraud Reduction Cardholder Experience Brand Evolution Typical ViewPIN+ Deployment ViewPIN+ Cardholder Experience #1 • Cardholder enters the bank web portal #2 • Cardholder logs into bank account #3 #4 • Cardholder quests PIN • Cardholder retrieves PIN ViewPIN+ Cardholder Experience #1 • Cardholder enters the bank web portal #2 • Cardholder logs into bank account #3 #4 • Cardholder quests PIN • Cardholder retrieves PIN ViewPIN+ Cardholder Experience #1 • Cardholder enters the bank web portal #2 • Cardholder logs into bank account #3 #4 • Cardholder quests PIN • Cardholder retrieves PIN ViewPIN+ Cardholder Experience #1 • Cardholder enters the bank web portal #2 • Cardholder logs into bank account #3 #4 • Cardholder quests PIN • Cardholder retrieves PIN Who can benefit? Retail & Commercial Banking Mobile Payments & GSM Wealth Management Any Organization Issuing Credentials! Large Retailers Card Issuers Cost of Paper PIN Issuance Category Size Description # of Cards in Circulation Actual Cost Lost Revenue Per Year (US $) Per Year (US $) Top 10 Card Issuers Worldwide Banks and Retailers 1,000,000 + $ 3,560,000 $ 2,394,000 Midsize Card Issuer Regional Banks and Midsize Retailers 100,0001,000,000 $ 1,780,000 $ 1,197,000 Small Card Issuer Local and Community Banks Under 100,000 $ 178,000 $ 199,000 ROI of Digital PIN Issuance Category Size Description # of Cards in Circulation 5 Year Average Net Present Value (US $) Top 10 Card Issuers Worldwide Banks and Retailers 1,000,000 + $ 18,700,000 Midsize Card Issuer Regional Banks and Midsize Retailers 100,0001,000,000 $ 7,100,000 Small Card Issuer Local and Under 100,000 Community Banks $ 571,000 Egg Case Study Egg Bank selects SafeNet Challenge The world’s largest online bank. Wanted to send PINs efficiently, securely, and in a manner to improve the overall cardholder experience Needed a way to allow cardholders to securely obtain pins over the Internet Traditional paper-based system was costly and posed risk Solution SafeNet ViewPIN+ for secure PIN issuance, which is secured by SafeNet Luna SP Hardware Security Module (HSM) Benefits Quick implementation that improved cardholder experience and provided Egg with a major competitive advantage Improved profitability by reducing postage and PIN mailer expenditures, as well as cardholders were able to use their cards for purchases quicker Secure PIN issuance solutions reduced the occurrence of credit card fraud from stolen PIN mailers “Roll out of the Chip and PIN project has proven extremely beneficial to Egg, offering us a secure alternative to PIN mailers which is both cost effective and cardholder friendly,” Egg’s Lead Security Architect Stuart Horler Thank You!
