VISA’s Dynamic passcode authentication (DPA), like Mastercard’s Chip Authentication Protocol (CAP), enables EMV IC cards (smart cards) to provide security in Internet transactions where the card can’t be presented to the vendor.
The smart card is inserted into a pocket-sized device, the dynamic passcode generator. The card owner enters their PIN. Then a small software application on the smart card computes a one time, time-sensitive passcode, unique to that transaction. The code is entered with the transaction.
The credit card company can use this code to prove that the card was in possession of the person who is making the Internet transaction and that they knew the PIN, two factor authentication.