It’s important to recognize that perpetrators of payments fraud are constantly looking for ways to exploit systems and processes. Fraudsters will gravitate towards areas of the commercial payments system where they see strong growth and/or perceive greater vulnerability. We regularly monitor business news and our systems for potential fraud and security threats and respond to them with regular launches of new and updated security features.
In 2018, we will be introducing:
PNC was one of the first U.S. issuers to convert its commercial card portfolio to EMV® chip card functionality. The widespread use of this chip has led to a significant decline in card-present fraud around the world, but card-not-present (CNP) transactions remain vulnerable. A key protection—the three-digit CVV code found on the back of cards—is often used to verify the legitimacy of a CNP transaction; however, through data breaches, fraudsters have been able to obtain card numbers, expiration dates and CVV codes.
To mitigate the risk of CNP fraud, PNC will begin offering card plastics with a dynamic CVV2 code for commercial cards. The CVV2 code appearing in the LCD window will be refreshed at regular intervals. Now, even if a fraudster has the card number, expiration date and CVV code, they cannot perform a fraudulent online transaction, as long as the merchant passes the CVV value during authorization, because the CVV code—no longer a static number—will have changed by the time the fraudster attempts the transaction.
Sample Dynamic CVV2 Card
The notion of a card with dynamically changing CVV2 appeals to consumers. According to a 2016 study by Oberthur Technologies, 80% of consumers would be more likely to use a dynamic CVV2 card vs. a static CVV card for online shopping. We anticipate that the benefits of dynamic CVV2 will also resonate with commercial cardholders. Reducing the inconvenience resulting from fraud events—declined transactions, disputes and reissued cards—will improve the experience for both cardholders and Program Administrators.
PNC is introducing expanded alert options, including an enhancement to our existing outbound text alert feature, which allows clients to receive a text alert to their mobile device when fraud is suspected. In Q4, PNC will be introducing two-way real-time fraud text alerts for our commercial card clients. This new functionality allows clients to respond to the PNC Cardholder Customer Service team via text to confirm that the transaction is legitimate or verify that it is fraudulent, as soon as it is detected. The client will simply respond to the text message with a numerical response verifying if the transaction is fraudulent or legitimate. Through two-way text alerts, clients should experience fewer declines of legitimate transactions.
In addition to two-way fraud alerts, PNC is launching the following series of alerts for our commercial card clients:
PNC will also introduce an account ownership authentication service later this year. This service will validate consumer or business identities—and that the account is open, active and in good standing—before initiating a transaction. Account verification reduces the opportunity for misdirected payments, limits exceptions, and reduces the potential for returned payments. This type of service is particularly valuable for businesses—such as brokerage houses, insurance firms, retirement fund managers, and healthcare providers—that hold funds for individuals or other businesses and need to protect their customers from account takeover attempts.
PNC clients will be able to use Account Verification Services when setting up a recurring payment or requesting an account number change, as well as when performing one-off large-ticket transactions.
A national shared account database provides account verification. PNC clients will be able to access the service through a secure website or batch file, or via an integrated connection between their payment system and the authorization service.
The National Economic provides insight into national and regional trends.
 “Oberthur Technologies Consumer Research Shows 80% Want Dynamic Security Code Protection to Fight Online Fraud,” Business Wire, March 17, 2016
This Payments Solution News was prepared for general information purposes and is not intended as legal, tax or accounting advice or as recommendations to engage in any specific transaction, and does not purport to be comprehensive. Under no circumstances should any information contained in this newsletter be used or considered as an offer or commitment, or a solicitation of an offer or commitment, to participate in any particular transaction or strategy. Any reliance upon any such information is solely and exclusively at your own risk. Please consult your own counsel, accountant or other advisor regarding your specific situation. Neither PNC Bank nor any other subsidiary of The PNC Financial Services Group, Inc. (“PNC”) will be responsible for any consequences of reliance upon any opinion or statement contained here, or any omission.
PNC and PINACLE® are registered marks of The PNC Financial Services Group, Inc. All other trademarks are the property of their respective owners.
EMV is a registered trademark in the U.S. and other countries, and is an unregistered trademark in other countries, owned by EMVCo.
RTP® is a registered trademark of The Clearing House Payments Company LLC.
Visa and Visa IntelliLink® are registered trademarks of Visa International Service Association and used under license.
Mastercard is a registered trademark of Mastercard International Incorporated.
Android, Android Pay, and the Android Logo are trademarks of Google Inc.
Apple Pay® is a registered trademark of Apple Inc.
Samsung, Samsung Pay, Galaxy S (and other device names) and Samsung Knox are trademarks or registered trademarks of Samsung Electronics Co., Ltd. Other company and product names mentioned may be trademarks of their respective owners. Samsung Pay is available on select Samsung devices.
Zelle® is a registered trademark of Early Warning Services, LLC.
BillerIQ is a trademark of Transactis, Inc.
HighRadius is a trademark and brand of High Radius Corporation.
PNC does not charge a fee for the Mobile Banking service. However, a supported mobile device is needed to use Mobile Banking. Also, your wireless carrier may charge you for data usage. Check with your wireless carrier for details regarding your specific wireless plan and any data usage or text messaging charges that may apply.
Bank deposit, treasury management and lending products and services are provided by PNC Bank, National Association, a wholly owned subsidiary of PNC and Member FDIC.
Lending and leasing products and services, including card services and merchant services, as well as certain other banking products and services, require credit approval.
Read a summary of privacy rights for California residents which outlines the types of information we collect, and how and why we use that information.