Online transactions using credit cards are susceptible to fraud. This disclosure describes techniques to provide a browser-native implementation to dynamically bind a static virtual card (SVC) with a merchant server for an authorized period. When a user provides SVC credentials to an e-commerce merchant for completing a transaction, the SVC is authenticated at the merchant server by obtaining an authorization ID from the card issuer. The authorization ID has an associated expiration date. The browser native implementation allows accurate determination of the merchant domain and establishing binding between the SVC, the merchant ID, and the merchant domain for a specific period after which the binding is automatically removed. In this manner, a user has only one SVC associated with a payment card at any point in time that can be used with multiple merchants. The techniques improve credit card security while providing a simple user experience.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Cheriyakath, Aneesh Ali Nainamvalappil and Lin, Ling, "Browser-native Static Virtual Card For Online Transaction Security", Technical Disclosure Commons, (August 28, 2020)