Blog / Business Insights /

Stolen card? Blockchain to the rescue!

Stolen card? 
Blockchain to the rescue!

Olivier Maas

R&D Manager

Initially set up in 2008 to support digital payments in Bitcoin, the Blockchain presents interesting features for many other situations. Indeed, as all transactions are registered in the same ledger, it is possible to track the different owners of a product or to track events related to an item to collect its “genealogy”.

With its key assets of unquestionable authentication and accountability, this innovation will bring many benefits, such as quick settlement of transactions. Nevertheless, this technology is still young and users lack experience to identify and prevent potential risks. And if payment was among the first use case, the Blockchain can now be used in a broader scope. At Worldline, we continously investigate new use cases. Here is the application to an already existing process, the Point of Sale (POS) Terminal hotlist.

A current situation under pressure

Fraud is an everlasting issue in payments, increased by some current trends such as the development of contactless card payments and the trend to raise the limit for PIN authentication to provide a frictionless customer experience. When an NFC card is lost or stolen, thieves act very quickly, far quicker than the standard card-blocking process. And on this payment method, the fraud rate is doubled compared to contact mode.

Many card schemes still rely on the capacity of the POS terminal to control and accept transactions without going online. The existing processes of propagating the information is not designed to react so quickly: the order to block a card is initiated by the cardholder to their issuing bank. This issuing bank informs the schemes who distribute the information to the acquirers. Finally the acquirers send the information to the POS terminals.

How does Blockchain improve or change the current workflow?

As Blockchain can shorten the processing time in distributed environments, Worldline R&D wanted to investigate how this could improve fraud prevention on payment terminals.

Blockchain enables you to create a distributed Peer–to-Peer network. In our use case, the peers of this network are the POS terminals, the bank servers and the cardholder’s smartphone. In this network, the information does not have to go through centralized actors. When a card is stolen, the cardholder uses their mobile banking app to declare that their card has been stolen and asks the bank to block it, as usual.

To bring the full value of the Blockchain in this process, we have developed a mobile app which enriches the mobile banking app by automatically inserting the stolen card number directly into the Blockchain ledger.

At POS terminal level, we have implemented a customized software to enable the terminal to dialog with the Blockchain network and update its hotlists. As POS terminals are connected to the Blockchain network, they are directly and immediately informed to block the card.

What did you learn with this Proof of Concept?

We had several objectives with this Proof of Concept (PoC).

- First, in terms of technology, our objective was to get a Blockchain up and running on several hardware and software environments with specific features or stretched resources: POS terminal, smartphones. This objective has been fully achieved and we have seen that Ethereum, a decentralized Blockchain platform that runs applications, has proved to be a matching technology for this case.

- Second, in terms of fraud prevention, the PoC has proved that using Blockchain enables a very quick and efficient reaction to block fraud that cannot be achieved with the existing system.

- Last but not least, in terms of the business case, the idea of getting POS terminals run in a Peer-to-Peer network seems a bit disturbing at first. Indeed, it takes the ecosystem stakeholders out of their comfort zones. Beyond this, the cost to develop the solution, implement it in terminals and educate merchants and consumers seems very high compared to the expected fraud decrease, if only applied to hotlists management.

As we have proven that this technology is applicable in the context of face-to-face payments, it could be worth thinking, beyond the use case of card hotlists, about what benefits such technologies could bring to the current card payment ecosystem. For example, as terminals would be connected in Peer-to-Peer, we could imagine moving the full transaction process on the Blockchain. Each stakeholder would have to collect the data from the Blockchain. The process would be done in real-time, thus enabling instant payments!

We see that all stakeholders of this ecosystem would be impacted. That goes beyond the scope of this Proof of Concept and needs further investigations.