Rambus secures account-to-account transactions by removing sensitive information from the transaction process

Rambus Inc. launched on Wednesday its Payment Account Tokenization solution to secure account-based transactions, such as automated clearing house (ACH) and real-time payments. The solution will enable central banks and clearing houses to replace sensitive account numbers with unique tokens and reduce the impact of fraud for transactions including direct credit, direct debit and person-to-person (P2P) payments.

Payment Account Tokenization secures card payments by replacing the valuable account credentials with a cryptographic token. This process significantly reduces the risk and impact of account-based fraud as the foundation of a safe and secure instant payments framework. When implemented by a centralized body, like a central bank, Payment Account Tokenization reduces fraud and enables key use cases like P2P, direct credit, and push payments in real-time.

The introduction of real-time payments increases risk for financial institutions, as they now have seconds instead of days to identify fraudulent transactions. By removing account numbers from the transaction process completely, tokenization can significantly reduce the risk and impact of account-based fraud and create secure real-time payments frameworks.

The Payment Account Tokenization solution consists of a number of primary features, including account-based tokenization eliminates the need to store and transmit sensitive account information, alleviating the risk of stolen credentials being used to commit transactional fraud. The system integrates with existing infrastructure and tokens route normally through the payment network. It also offers life cycle management enables banks to link, suspend, (re)activate or unlink tokenized bank account numbers; and domain controls limit token usage to a specific channel, merchant or spending limit by applying a set of parameters. Any use of the intercepted token outside of its set parameters would immediately flag as fraudulent and render the token useless.

The offering offers cryptogram protection generates application cryptograms prior to a payment and validates them during a transaction. A cryptogram is a fingerprint of the transaction, holding elements of the originator, recipient, financial institution and the transaction. A token vault is a secured repository, or database, that establishes and maintains the payment token to Sending/Receiving Account number mapping. The token vault is the only area in which the token can be mapped back to the consumer’s original card details. All token vaults comply with Payment Card Industry (PCI) specifications.

“Tokenization has already been proven successful in securing mobile payments worldwide. Our Payment Account Tokenization does the same for real-time payments, enabling account-based transactions to be processed faster and safer than ever before,” said Bret Sewell, SVP and general manager of the Rambus Security Division.

“Digital has paved the way for fast and easy payment experiences, prompting a rise in account-based transactions,” said 451 Research principal analyst, Jordan McKee. “Fraudsters have made note of this trend and are increasing their focus on account credentials given their growing disbursement across many locations, including e-commerce websites, mobile and P2P wallets, invoices and payroll. To protect customers and thwart fraudulent attacks, businesses must implement security tactics that serve to eliminate the use of sensitive credentials in the transaction flow.”

 


IoT Innovator Newsletter

Get the latest updates and industry news in your inbox! Enter your email address and name below to be the first to know.

Name