Google Pay will soon improve its card ownership verification
Google Pay will soon be improving its card ownership verification by way of one-time passcodes and in-line tokenization, in an effort to combat fraud. This comes after Google also announced that it would be introducing virtual cards for users on desktop and Android in the coming months.
In the company’s “What’s new in Google Pay” keynote, released at this year’s Google I/O, Google’s head of product at Google Pay online, Rajiv Appana, spoke at length about some of the steps that the company is undertaking to protect users. In essence, if the risk engine assesses that there is a need to verify a payment that is being sent via Google Pay, then protections will kick in and verify that the user is who they say they are.
Of course, it’s not just about providing security, but also making it a painless experience for the user. Appana describes how the risk engine will also determine what is the most frictionless method to check if the user is who they say they are, while still maintaining a high level of security.
The first protection method that Google outlined was inline tokenization. Inline tokenization will assess whether or not the card’s owner needs to be verified before the card is used at a merchant. It asks the user to verify their details, including entering a CVC and getting a text message or email with an OTP to confirm that it’s really you.
The second method is an OTP that’s made by a small charge to your bank account. The user then logs into their bank account to retrieve the value that was charged to the bank account and enters that value as the OTP. This then confirms ownership of the bank account that’s tied to the card being used, saves that verification in your Google account, and reverses the charge that was made.
If you want to check out the keynote that explains everything Google is working on when it comes to Google Pay, you can do so below.