The introduction of chip and PIN will significantly reduce the level of fraud on counterfeit and lost and stolen credit and debit cards. However, fraudsters will always look at new ways to commit fraud and will turn their attention to card-not-present fraud over the phone or Internet. To counter this, work has begun on utilising chip and PIN technology to make card transactions online or by phone more secure.

There is widespread agreement that, at some point in the future, banks will need to move from static authentication for online banking, using passwords and IDs, to an alternative form of authentication involving something the user has, as well as something the user knows (technically known as two-factor authentication).

TBA is generally thought to offer one of the most promising medium to long-term solutions for authentication of remote banking and payment transactions. This involves a customer inserting a chip and PIN credit or debit card in a handheld reader and entering their PIN to authenticate themselves. A unique one-time number is generated that the customer can enter in their log-on screen for online banking, in place of a static password. TBA provides strong two-factor authentication and a similar customer situation to that experienced at cash machines and point-of-sale terminals.

APACS played a pivotal role in facilitating agreement of a robust industry-wide standard for TBA, supported by both MasterCard and Visa. This was achieved at the end of September 2004, with the publication of a new standard by MasterCard, and the completion of a cross-licensing agreement with VISA.