The team behind swIDch has created a Dynamic One-Time Authentication Code algorithm that enables payment companies to generate Dynamic PANs (Primary Account Number) in a networkless environment, without the need for any additional infrastructure. This algorithm aims to solve the problems of CNP fraud where details of a debit or credit card are stolen via online payments that are vulnerable to attacks such as phishing, where a legitimate-looking payment gateway actually funnels valuable card numbers into an attacker’s database.
The essence of the swIDch algorithm is to combine three pieces of information: a public ID, a secret ID, and the time. The public ID is not encrypted, while the secret ID uses a strong conventional encryption system. The encrypted and unencrypted elements are combined with time to form a single number, that can be split into a card number, a card expiry date, and a Card Verification Code, or CVC. The numbers will not clash because the public ID is fixed and the time is the same for everyone. The encrypted, secret ID is used to check that a unique user is the one who says they are.
Banks, financial institutions and other issuers are not required to build their own, heavy dynamic infrastructure and they can save money on expensive installation costs and eliminate network traffic load. By creating a unique code from a networkless device, service providers will be protected from the attacks of hackers. Moreover, swIDch can be used in various industries and the technology can be applied to all security areas including payments, authentication, and IoT.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now