How Verient Combines Security And Customization in Cards

Verient Inc. is the startup behind SafeDebit, NYCE Payments Network LLC's effort to allow consumers to use their NYCE cards on the Internet (Digital Transactions News, July 2), but the company's ambitions go well beyond enabling debit-based e-commerce. By the end of the year, it expects to have between 3,000 and 6,000 financial institutions enabled on a platform that will let banks offer cardholders customized cards suiting a theoretically endless array of consumer-chosen purposes and secured from the prying eyes of hackers, keyloggers, and skimmers. Nor are the company's plans confined to the virtual world. For physical-world transactions, Verient is pursuing a deal to allow for the instant-issuance of these cards to get them into consumers' hands in a matter of minutes rather than days or weeks. Company executives tell Digital Transactions News an announcement will be forthcoming next week. The key to Verient's platform is the financial institution's online-banking site. To maximize its reach, Verient is seeking to make deals with the processors that provide banks with the systems for online banking. It has already integrated its platform with Metavante Corp., NYCE's parent company, and is in talks with a number of others whom it can't name, Rajesh Shakkarwar, a former Sun Microsystems technologist who founded the 11-person San Jose, Calif-based company in 2006, tells Digital Transactions News. Verient has also been granted its first patent, has nine others pending, and has prepared another five to be filed, Shakkarwar says. With Verient's platform, a bank could allow a cardholder to create any number of so-called shadow accounts stemming from an actual credit or debit card account. One shadow account, for example, might be given to a son at college and carry restrictions on its credit limit and the time of day it can be used. Another might be given to an employee and be restricted to certain stores or lines of merchandise. Still another might be a personal travel card restricted to use in certain countries. Each shadow account carries a so-called pseudo account number and card verification value, and can be designated for either one-time or multiple-time use. Since cardholders use only the pseudo numbers at the point of sale or online, the actual account number never crosses the merchant's system. Cardholders authenticate themselves when creating the shadow accounts by logging in to their banks' online-banking programs. The same authentication takes place for online transactions, as with NYCE's SafeDebit program. On all transactions, the platform acts as a sort of intercept processor, matching pseudo numbers with actual account data before passing transactions on to the relevant payments network. Text messages or e-mails are sent to the main account holder each time a transaction has either successfully been authorized or has failed. “The identity theft problem goes away,” says Shakkarwar, while banks, processors, and the networks are required to make few changes in their existing infrastructure. Integration time, he says, is about two weeks. But the card?or fob or tag–customization capability could be just as powerful, say some observers, as the potential to reduce fraud. Steve Mott, principal of BetterBuyDesign, a payments consultancy in Stamford, Conn., argues the Verient system could arm smaller banks to combat inroads made by larger banks with larger marketing budgets. “If you're a small financial institution and you don't have this [capability] in your business plan for next year, you deserve what happens to you,” he says. The addition of instant issuance, he notes, makes the platform even more potent. Key to all the parameters consumers can place on shadow accounts is the wealth of data transaction messages carry with them, including time stamps, zip codes, and the like. These transaction fields are nothing new, but the exploitation of them is, Shakkarwar says. “The [International Standards Organization] message format has a ton of data nobody ever looked at before,” he notes, because until recently standardized cards for everybody worked reasonably well. Now, with fraud on the rise and consumers demanding customization, that's no longer the case, Shakkarwar argues. “This is very old technology that worked for a time, but it's a static [account] number,” he says. “A lot of people are going to hack into it.” Shakkarwar won't reveal Verient's pricing, but says it is transaction based and can be negotiated as either a flat or volume-sensitive fee.