There has been persistent increase in the electronic bank fraud. The governments around the world have been in search for the strong authentication for online banking and securities trading to guard against the $4 billion financial institutions lose annually to fraud.
The most common authentication measures used by banks around the world are OTP key fob tokens and software programs. The key fobs are bulky and most often do not provide the reciprocal authentication. Software programs have been proven vulnerable to hacking and are tied to a specific computer.
Recently the 12-button Credit Card Embedded Authentication Device has been developed by eMue Technologies and Innovative Card Technologies. This device is user-friendly and remedy for the persistent problem of electronic bank fraud. The device is embedded on the credit card itself and has a built in keypad
The Credit Card Embedded Authentication Device has an embedded alphanumeric, electrophoretic display, a 12-button keypad with buzzers, circuitry, and an algorithm-storing chip.
These electronics have been placed into the space used by a standard payment card. A one-time pass code is generated which is unique to the device and dependent on the user's correct entry of a secret PIN code. With the entry of a PIN code, an embedded algorithm (the seed is unique to each card and is tracked by the backend server) generates the resulting OTP – thus achieving reciprocal authentication. The firmware inside the card is currently configured to generate different OTPs respectively for email, web, and phone applications. The menu is scrollable with the ‘mode’ button. Thus, an OTP generated for one mode is not transferable to other modes.
When users logs into their account via electronic interface or by supplying an OTP to a bank associate via phone would not only need to physically possess the card in order to generate the correct OTP, but would also have to know the secret PIN code.This protects against both theft of electronic information (static userID and PIN alone cannot access the account) and physical theft of the card (useless without the correct PIN). In these situations, the OTP is entered into the interface by the user or phone operator and is validated instantly by a backend server. Lastly, the magnetic stripe can also be coded to permit physical access via a swipe lock, such as at an ATM terminal inside the lobby of a bank after hours.
The device is with ISO size specifications. There is a magnetic strip via which, the card can facilitate full payment card capabilities. For the user, the card is taking up the wallet space of a regular credit or debit card and is also providing strong authentication for electronic and phone access to their accounts.
No comments:
Post a Comment