Secure Display

Concept definition

The IDEMIA Secure Display service enables card issuers to securely display sensitive card-related data (card data or PIN code) from the issuer’s mobile app. IDEMIA provides easy to integrate APIs and an Android/iOS SDK to securely transfer sensitive information between the issuer’s back-end and a mobile app and securely display it to share it with cardholders.

Use Cases

The IDEMIA Secure Display service covers the following use cases:

  • Card data can be shared to the user right after opening an account or applying for a credit line, offering immediate access to payment capacity — a feature greatly appreciated while waiting for a physical card in the mail.
  • This is another use case that speaks highly in favor of card data display: in case of a lost or stolen physical card, the issuers can provide the cardholder with temporary or new card details while sending the new physical card by mail.
  • The PIN code related to a physical card can be shared for the first time or be displayed on-demand via the issuer’s mobile app.

User Experience

Cardholders simply login to the bank’s mobile app, verify their identities and request the display of card details and/or PIN code.

The display of secure data gives the consumer continuous access to payment means or other card-related information. It is a convenient solution for on-demand need or unexpected physical card events. No more purchases suddenly denied, no more days wasted checking your mailbox, no more frustration of not being able to make payments, no disruption in the payment experience.

Key features

Security is a paramount

  • The IDEMIA Secure Display service has been designed following EMV and PCI-DSS security guidelines.
  • The IDEMIA Wallet Agent SDK ensures end-to-end encryption and no storage of any sensitive card data. It provides a secure display of the payment instrument for an eCommerce payment transaction directly onto the device screen for a limited period of time after consumer being authenticated locally (CDCVM).
  • A device binding step is performed at first launch of the mobile application which add a layer of security during the display request and data exchange mechanisms.
  • The screenshot mode is disabled while the IDEMIA Secure Display is displaying the sensitive data.

User friendly

This end-user feature gives more control to the cardholders when it comes to accessing secure payment data whatever the use case. Also, the consumer is able to copy the PAN from the device display and paste it into the merchant payment data fields.

Activate new features

By relying on the IDEMIA Digital First Platforms Suite and integrating the IDEMIA Secure Display service, card issuers can easily access new services and make new features available via their mobile banking app to the cardholders.

The IDEMIA Secure Display service can be combined with the IDEMIA Virtual Card service to generate and verify alternate card data (token) to add security layer for eCommerce transactions and unlock new use case possibilities.

The IDEMIA Digital First Platforms Suite operate as a multi-tenant cloud system offering card issuers a unique interface to activate features from their mobile banking app and for connectivity to Token Service Providers and Token Requestors, for a variety of use cases.

Service Benefits

The IDEMIA Secure Display service provides issuers with the following benefits:

  • End-to-end security service to avoid issuer’s mobile app to be under PCI-DSS constraints,
  • Improving security and trust by relying on sensitive card-related data display, putting the cardholder “in control”,
  • The unmatched immediacy and convenience of displaying securely card related data such as card number or PIN number creates a unique set of benefits, fostering client satisfaction, boosting customer acquisition and retention,
  • Consumers can immediately start accessing payment credentials for online payments after onboarding or in case of lost or stolen physical card. The result? This continuous access to a payment means is a great way to customer satisfaction,
  • Easy to integrate set of APIs and mobile SDK.

Integration overview

Below are the different end-points the issuer needs to integrate with to benefit from the IDEMIA Secure Display service:

The issuer integrates IDEMIA Issuer API for Secure Display with its Card Management System. This integration can be done with the issuer’s processor, The IDEMIA Secure Display service comes with a mobile SDK, compatible with Android 7+ and iOS 13+, to be embedded into the issuer’s mobile app.

Integration overview