Virtual Credit Cards

2 Oct 2019

  • The global eCommerce market is worth A$2.8 trillion in 2019 and is expected to grow by 25% by 2021. Australian online business will see a 15.1% growth in revenue by end of 2019, with the number of online shoppers reaching 20.3 million;

  • A virtual credit card is a temporary and randomly generated 16-digit card number that is linked to an actual credit card account. The card can only be used for online transactions;

  • In March 2019, the Apple Card was introduced in the US. The card is built into the Apple Wallet app on iPhone.

 

Point of View

 

Digital payments allow organisations to incorporate speed and convenience into their customer experiences. One in five global transactions are now digital, with card-not-present commerce growing at over six times the rate of in-store sales. The global card-not-present market is worth A$2.8 trillion in 2019 and is expected to grow by 25% by 2021. In Australia, card-not-present sales are also increasing. In 2018, Australians spent a total of A$28.6 billion on online shopping, with transactions representing 22% of all card transactions. It is predicted that Australian online business will see a 15.1% growth in revenue by end of 2019, with the number of online shoppers reaching 20.3 million.

 

While card-not-present transactional volume has increased, so too has the level of fraud in this channel. According to new figures from Juniper Research, it is expected that global card-not-present fraud will grow at a rate of 14% through to 2023. Retailers globally stand to lose around $130 billion in digital card-not-present fraud between 2018-2023. In Australia, card-not-present fraud continues to be the most prevalent type of card fraud. Statistics for the 12 months to Dec 18 show that CNP fraud accounts for 85% of all fraud on Australian issued cards.

 

The increase in digital transactions and exchange of data requires organisations to have stringent data security practices. Data breaches can have catastrophic results, leading to reputational damage and the potential financial penalties. In 2017, the Equifax data breach affected 147 million people. The breach resulted in hackers stealing peoples’ credit card and other personal information stored on the company’s servers. The company agreed to a global settlement of up to US$425 million to assist those affected by the data breach. In 2018, fraudsters created a spoofed copy of the British Airways website, capturing the details of about 500,000 customers. The stolen information included credit card details such as card numbers, expiry dates and the CVV codes. BA is facing a record fine of $329 million for this data breach. In Australia, Kathmandu suffered a data breach in March 2019 when an unidentified third party gained unauthorised access to its online platform. The breach resulted in the personal information and payment details of consumers entered at checkout being captured.

 

 

Implications

 

The design of a card is inherently flawed for an online environment, as the data is open. Payment credentials can be reused across many different merchants without appropriate authentication. Virtual cards can provide a convenient and secure alternative for purchasing online.

 

A virtual credit card is a temporary and randomly generated 16-digit card number that is linked to one’s actual card account. It allows consumers to pay for purchases online without exposing their actual credit card Primary Account Number (PAN). When making payments online, virtual credit cards provide online retailers with dynamic information each time by creating a new token for every purchase (i.e. card number and CVV). This ensures that each time an online payment is made using a virtual credit card, the card details provided is different.

 

 

There are two different types of virtual credit cards available to consumers:

  • Single use cards can be purchased with a pre-determined spending limit and expiry date. This means the consumer can only use the card for the amount available and within the time period specified.

  • Single merchant cards can be purchased for payment to a specific online retailer. These are ‘locked’ to a retailer to prevent the card from being used elsewhere if there has been a data breach.

 

Virtual Card Initiatives

 

ANZ, CBA and Westpac currently offer virtual credit cards to their business customers. These cards allow employees to purchase on behalf of their organisation without being issued an individual plastic card.

 

DiviPay has partnered with Xero to launch a corporate virtual credit card for small businesses to make accounting easier. This digital card will enable business owners to allocate specific amounts to employees for agreed purchases. The card will be controlled by a set of spending rules and is designed to put an end to expense reports, reimbursements and card sharing.

 

The card schemes have also launched their own versions of the virtual credit cards, although these are not currently available in Australia:

 

 

In March 2019, Apple announced Apple Card, a credit card that is currently only available in the United States. The product was developed in collaboration with Goldman Sachs and Mastercard. Apple promotes the value proposition of the card being “simple, transparent and private”. The physically issued card is positioned as a back-up for where ApplePay is not accepted. The physical card is a laser‑etched titanium card, that does not have a printed PAN. By tapping the card to a iPhone, the card is provisioned into the Apple wallet. The digital card can then be used for online and in-store transactions where ApplePay is accepted. Every Apple Card transaction requires biometric authentication (Face ID or Touch ID) for payment authorisation.

 

Consumers can also use the Apple Card at online retailers where Apple Pay is not accepted. For these transactions, consumers can use the unique 16-digit virtual card number that is created and stored in the iPhone’s Secure Element. A one-time virtual confirmation code (CVV) is also generated to authorise each online transaction. The virtual card number can be manually re-generated at any time to use for separate online transactions at different merchants.

 

The growing digital environment is calling for changes in the design and requirements of how cards function. There is a greater need for a simplified and frictionless end user experience, whilst ensuring security is not compromised. With online card fraud and data breaches on the rise, virtual cards can give consumers greater peace of mind when making online purchases. The thought of having your credit card details compromised will make many appreciate the extra measure of protection that virtual credit cards can provide.

 

The opinions and views expressed in this publication are those of the authors exclusively and do not purport to reflect the opinions, views or official policy position of AusPayNet or its members. This publication is also subject to the AusPayNet Terms of Use and Privacy Policy available on the AusPayNet website.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Please reload

Consumer
Centric
Technology and Innovation
Policy and 
Regulation
ARCHIVES
Please reload

Disclaimer

The opinions and views expressed in this publication are those of the authors exclusively and do not purport to reflect the opinions, views or official policy position of AusPayNet or its members. This publication is also subject to the AusPayNet Terms of Use and Privacy Policy available on the AusPayNet website.

 

Copyright © 2017 AusPayNet. All rights reserved.  

Read full Terms of Use

Privacy Statement