A recent article in MoneyCNN.com reported that SmartMetric, Inc. has developed a biometric smart card that scans and reads a fingerprint before giving up any of its information. That could be good news for Brick and Mortar merchants.
It’s unclear to me how a biometric smart card can help an online merchant in spite of the article’s cite of a report stating, “The increasing use of the internet for making online payment transactions is also fueling growth in the global smart card industry as this technology enables consumers to make secure and reliable transactions…”
The article also tells us that SmartMetric is “actively negotiating agreements” with banks and online transactions. OK, glad to hear that the banks are in the radar but does that mean as credit card issuers? There’s no mention of any of the card brands. And again, I’m not seeing how any smart card, Biometric, RFID, or any other, can help reduce fraud in the online world, unless they plan to have customers buy a special chunk of hardware to go with the card. That won’t be an easy sell.
If you’ve followed this blog, you know the results of Chip and PIN in the UK. Card Present fraud was reduced by close to 50% but Card Not Present fraud went through the roof. If any of my readers can enlighten me as to how biometrics will help online merchants, please do so – comments are open!
Similar Posts:
- The latest in credit card fraud news
- Are you ready for an increase in credit card fraud?
- RFID Credit Cards in the U.S. After All?
- Card Companies Insecure About Security
- iovation Partners with Merchant911 to Educate Online Retailers About Device-based Fraud Prevention Solutions
Biometrics certainly have potential, but will not do much towards improving card fraud. The number one reason for card fraud is the acceptance of transaction based solely on the information printed on the card (also known as manual transactions), or data on the magnetic stripe.
Visa and MasterCard both offer additional security for internet transactions by using 3D secure. 3DSecure navigates from the merchants page to a payment page on the issuing bank, and then back to the merchant. 3DSecure can be used with a variety of cardholder authentication methods, such a passcode, or using EMV cards for CAP/DPA (Chip Authentication Program, Dynamic Passcode Authentication) transactions (also known as Verified by Visa or MasterCard SecureCode).
Biometrics can easily be added to EMV cards for use with CAP/DPA, there are cards that include a display on the card, which can display a number on presenting a valid fingerprint, however I don’t see how these cards would work at an ATM, since they need to be powered in order to capture a fingerprint, and ATMs typically capture the card before powering it…
On board powered cards with fingerprint scanner and dynamic magnetic stripes are available today…
The CardLab Biometric Credit Card will only “turn on” the dynamic magnetic stripe, when the card owner has authorized the card by swiping his/hers finger on the on board powered scanner. I.e. no power from an external scanner (such as an ATM) is needed.
The onboard display can, after authorization, show an on board generated One Time Password, e.g. a dynamic CVV code, and will thereby eliminate most online fraud
Copied credit cards will simply not work, since the CVV code is a One Time Code, and not printed on the card or stored on the magnetic stripe as it is today…