Introducing EVC® for Virtual Cards: Dynamic Security, Now Fully Digital
- Robert Woo
- 18 hours ago
- 4 min read
At Ellipse, we’re champions of payment security that protects cardholders in the most real-world, convenient ways. And as the payment industry evolves, so does payment card fraud, which means that the technology that prevents fraud has to evolve as well. Today, payment security shouldn’t depend on whether a card is made of plastic, metal, or even pixels. Fraudsters are equal-opportunity opportunists in the modern era, so your protection should be equally modern and versatile.
That’s why we’re excited to announce the next evolution of Ellipse Verification Code (EVC®) technology: EVC for Virtual Cards. Dynamic CVV/CVC security that eliminates ecommerce payment fraud, now available even when there’s no physical card at all.
Why Bring EVC to Virtual Cards?
Virtual cards are booming. Banks, fintechs, neobanks, and embedded finance platforms increasingly lean on digital-only issuance to speed up onboarding, cut costs, and support modern use cases like subscription management and single-use corporate cards.
There’s just one problem: They’re still vulnerable to Card-Not-Present (CNP) fraud, which is the fastest-growing category of payment fraud globally.
While EMV chips were a huge technological leap to help prevent card-present fraud decades ago, online fraud keeps climbing because static CVVs remain… well… static. Once exposed, they’re yours-but-not-yours anymore.
With EVC for Virtual Cards, issuers can now equip their digital cards with a dynamic CVV/CVC that refreshes automatically, giving cardholders EMV-grade protection in online environments, without requiring any physical hardware.
It’s the same award-winning technology inherent to the EVC micromodule, now in a digital form for digital-first issuers. This way, today’s fintechs who cater to an audience who only want to transact from their phones finally get the modern card security that’s been missing in their features and services.
How EVC for Virtual Cards Works
Traditionally, EVC has been known as a micromodule integrated into physical cards, changing the CVV during a card-present EMV transaction. But virtual cards don’t tap, insert, or go through terminals. They live entirely in digital channels.
So Ellipse re-imagined the architecture: The same dynamic CVV/CVC logic, now delivered through secure digital infrastructure tied to the virtual card’s lifecycle.
This means:
Cardholders see a fresh CVV/CVC in their issuer-branded mobile app or digital wallet whenever it is opened.
Issuers get a cloud-integrated, fully on EMV-rails way to secure all their virtual debit or credit cards.
Fraudsters get… well, disappointed.
No battery. No hardware. No friction. Just better security, everywhere the card goes.
Why Digital-First Issuers Will Love EVC for Virtual Cards
Virtual card issuers have been waiting for a real answer to rising CNP fraud. Now they have the same EVC technology that physical card issuers have had access to, with the features they need to protect their customers:
✓ EMV-level protection for digital-first portfolios
The same dynamic CVV tech that protects physical cards now strengthens purely digital products.
✓ Zero change to checkout flows
EVC works with existing e-commerce payment infrastructure meaning there are no extra steps for cardholders or merchants.
✓ Fewer fraud losses and fewer costly reissues
If a CVV is compromised, it can be refreshed instantly. No need to replace a digital card number or create account disruption.
✓ Flexible for every virtual card use case
Consumer cards, corporate cards, single-use cards, and more; no matter the use-case, they all benefit from dynamic CVV/CVC.
✓ Ready to on-ramp to physical EVC cards
Not all digital-first issuers remain digital-only. When it’s time to branch out into offering physical payment cards, you’re already EVC-Ready and the same dynamic CVV/CVC technology can be quickly implemented on physical cards.
Why Cardholders Will Love EVC for Virtual Cards
Nothing ruins a good day like learning someone in another city just bought a lawnmower using your virtual card… when you don’t even have a lawn. EVC aims to make the days of unauthorized card usage a thing of the past, giving cardholders peace-of-mind and more confidence in using their virtual cards with more ecommerce sites.
EVC makes virtual cards safer by:
Blocking CNP fraud attempts when card data is stolen
Refreshing security codes so compromised details can’t be reused
Keeping digital wallets secure without requiring user action
Delivering visible, confidence-boosting security in the app
In other words: security you can actually see, even on mobile.
So Why Now?
Virtual issuance is growing and we’ve been speaking with more and more fintechs who have been clamoring for a 100% digital version of EVC. While we will always champion physical payment cards for their versatility, compatibility, and security; we are hard-pressed to ignore the growing appetite for a digital-only solution.
EVC for Virtual Cards is Ellipse’s answer to a simple question we’ve heard from the industry again and again:
“Can we bring EVC-level protection to cards that don’t physically exist?”
Now the answer is yes. Because the future of card security should be dynamic, not static.
And it couldn’t come at a better time for the industry.
To learn more, read our full press release announcement here.
