Transaction authentication is a method of verifying a user’s identity for online transactions, often requiring a password and additional personal information. It is used in banking, sales, and personal data applications to prevent fraud. Additional security measures, such as transaction verification, can further protect against unauthorized access.
Transaction authentication refers to an Internet method of identifying an account user to ensure that the person is authorized for that account. This system typically requires specific information such as a password and user identification number to verify permissions. Other types of information requested could be the user’s mother’s maiden name, place of birth, or first child’s name. Additional transaction authentication information may be requested during the session because it is sometimes possible for others to access transaction information while the session is active. Some transaction authentication software can also check your information and computer habits and compare your current session with stored information.
Typical applications for transaction authentication are those involving user accounts, including bank, sales and personal data. Customers wishing to make wire transfers may be asked to provide Transaction Authentication Numbers (TANs) or to re-enter the original information used to log in at the start of the session. Some retail websites also use this process to verify that the original customer is the one making the purchase and that the sales transaction information is correct. Companies that create customer accounts containing personal information such as medical accounts or rental records typically require some form of transaction authentication to verify that the new account is legitimate.
Since a third party may be able to use sophisticated software and hijack, or steal, the transaction, some type of authorization process to verify the user’s identity is important. This is especially true with large purchases or wire transfers, money being sent to a previously unused account, or items being shipped to an address other than the account holder’s. The problem with using transaction authentication as a security method is that sometimes it is still possible for an unauthorized person to access information, leading to theft or fraud. When a third party hijacks the session, the hijacker may be able to obtain all or the original transaction authentication information from the session and use it illegally.
Some systems check a customer’s physical location and other identifying information, including a consumer’s past usage pattern and computer Internet Protocol (IP) address. Unusual results will trigger a request for additional authorization information. This is only useful in situations where the person is a repeat customer, but can be very helpful in preventing bank fraud.
A more effective way to protect the content of transactions is through the use of additional security measures such as transaction verification. This method adds a means of verifying the integrity of the transaction itself to transaction authentication. It becomes much more difficult for unauthorized users to capture information transmitted in such a system, especially when the transmitted data is encrypted by the system.
Protect your devices with Threat Protection by NordVPN
