In a bid to simplify the process of online payment through credit and debit cards, PayUBiz – the enterprise centric arm of PayU India – has launched its ‘One Tap’ technology. With integration of this new technology, online merchants will be able to offer one tap payment feature to their users.
The current online payment process through credit/debit cards requires users to enter their CVV numbers – card number and expiry dates are usually stored by the users – and wait for the text message containing the OTPs from their respective banks. The final window requires the users to enter their OTPs before the transaction is finally processed. Here, the CVV and OTP are the two layers of authentication required for the transaction, requiring multiple taps.
With this new one tap feature, PayU hopes to ease this process. While making the online payment, users simply need to choose one of their stored cards and tap the payment button. The One Tap feature does the rest. It automatically enters the CVV number as well as the OTP received via text message and finalises the payment. All it takes is one tap.
The ‘one tap technology’ is a combination of 4 different features:
- The store card feature
- No-CVV feature
- Auto OTP read and submit
- Magic Retry – In case of a network-related disruption, this feature picks up the transaction from the point where it stopped.
Nitin Gupta, Co-founder and CEO of PayU India claims that the No CVV feature is the key of this one tap technology. As per regulations, merchants and payment gateways are prohibited from storing the CVV – they can only store the card numbers and expiration dates. PayU claims to have found a way around it to access the CVV number, using its technology prowess and filed a patent for it. Nitin declined to throw more light on how the company manages to access the CVV numbers without storing the, as the patent has not yet been approved. All he said was this is the “secret ingredient” behind the one tap technology.
In terms of the security, the company claims to be Payment Card Industry Data Security Standard (PCI DSS) compliant, which is a proprietary information security standard that applies to all entities involved in payment card processing. On being asked about safety issues when a user’s phone is stolen, Nitin averred that the company is also in the process of incorporating biometric authentication, wherein the user’s fingerprint will act as the authentication tool; using his/her smartphone’s fingerprint scanner.