News

One-time password technology to beef up chip and Pin card security

Banks are to roll out a new type of chip and Pin card that will offer consumers secure access to online accounts and improve the security of paying for goods online.

Through the use of two-factor authentication, the cards aim to protect the public against phishing e-mails and sophisticated Trojans designed to steal passwords. They are expected to be issued by several high street banks before the end of the year.

The move follows growing concerns by banks that phishing and Trojan attacks are beginning to dent the confidence of the public in using the internet for online banking and e-commerce.

The Association of Payment Clearing Services (Apacs), said it expected high street banks to issue the cards over the coming three to four months.

The cards contain an algorithm developed by Apacs, Visa and MasterCard, which will authenticate the owners of the card and generate a secure one-time password when consumers plug the card into a handheld reader.

John Varo, head of card-not-present at Visa, said the credit card company planned to investigate the use of the technology in its Verify by Visa programme, which currently allows online customers to confirm their identity using a password.

"For the banking industry as a whole it will offer a very secure mechanism for logging on to internet sites for internet banking. It would also enhance Verify by Visa and potentially have benefits for telephone orders," he said.

However, many banks are still looking at the business case for two-factor authentication technology, and they would want to conduct further trials before issuing card readers to customers, Visa said. The firm plans to test the technology in two European pilots next year.

Apacs plans to release technical standards that will cover specifications of the chip and Pin cards, card readers and back office servers that banks will need to use the authentication service.


 

COMMENTS powered by Disqus  //  Commenting policy