Earlier this week, Old Mutual in Namibia unveiled a deal with Tranwall of Hong Kong to implement South African-developed “transaction control” technology on the OMcard, a prepaid Visa card that was developed specifically for Old Mutual customers in that country.
The technology behind Tranwall, which gives cardholders the ability to “switch off” a credit or debit card so that it can’t be used, even when swiped at a merchant’s terminal, was built by South African software development house Rorotika.
The company owns the patents for the technology in South Africa.
The first proof of concept for Tranwallet, Tranwall’s consumer-facing product, received international attention during the 2010 Fifa World Cup in South Africa when a company called Neo Africa used it for a product aimed at international tourists to the country.
The offering included a disposable cellphone, airtime and a prepaid travel card co-branded by MasterCard and Standard Bank. Using the cellphone, tourists were able to activate or deactivate the prepaid bank card, ensuring no unauthorised transactions could be done. That technology made use of USSD to activate or deactivate their card. Rorotika has since developed a smartphone app, too, to do this.
Tranwall’s technology has also been rolled out in Nigeria. In 2011, it implemented a solution for Interswitch, which connects banks and runs card technology on behalf of some financial services institutions. In 2012, Tranwall launched in a limited way in the US. Pilots are now underway in Italy and the Netherlands.
“Tranwallet gives credit- and debit-card users the peace of mind that their bank cards cannot be used until they activate them,” explains Tranwall CEO Aurelien Duarte. The technology involves a layer in the communication chain between the terminal where a card gets swiped and the bank that approves the transaction. By installing the Transwallet app, which is available for both Android and iOS, a supporting bank gives its customers the ability to toggle various security features related to their credit or debit bank cards. These features can include something as simple as activating or deactivating the card or setting daily or monthly limits to enabling or disallowing in-store and online purchases.
Each of the functions defined by the bank gives users full control over where and when their bank cards can be used.
“A great example of Tranwallet in action is with a children’s card. Parents can provide their kids with a bank card over which they have full control. They are able to set limits on the card and even ringfence the merchants at which the card can be used,” says Duarte. Parents can configure their children’s bank cards not to work when swiped at a liquor store, or when trying to purchase something online.
Duarte says e-commerce is one of the biggest areas where banks lose money through fraud. Once a card’s details are stolen, the bank must cancel the card in order to prevent future fraud. He believes Rorotika’s technology can prevent this.
And Tranwallet works not only with debit and credit cards, but also with garage cards and those used by fleets. “We have a pilot project launching later this year that will give fleet companies in South Africa a viable solution when their trucks fill up with fuel,” says Duarte. It will allow fleet managers to mitigate losses by offering geolocation solutions to enable or disable a fleet card used to pay for fuel. It will also provide an audit trail.
Tranwallet also offers two-way communication between a customer and their bank. In many cases, when a credit card is used outside of a customer’s normal behaviour, the bank’s algorithms may flag that activity and decline the transaction. With Tranwall’s technology, the customer will now be able to respond to that type of action and instruct the bank to allow the transaction. This can be done simply by responding to an SMS. Duarte says the technology takes away the mystery if a card transaction is declined, putting the user in control of their accounts.
“The most important thing about Tranwall’s technology is that it does not require the merchant to change their hardware, or behaviour,” says Duarte. “Even online stores don’t need to change anything — it’s just the bank that needs to support it.”
Should a bank choose to offer the full implementation, even card magstripes can be disabled, effectively blocking the ability for a scammer to clone a card and use it on a terminal that still supports magstripes.
One of the big four banks — Duarte declines to name it — is implementing the technology, with a consumer launch expected in 2015