CONTINUE TO SITE »
or wait 15 seconds

Article

No need to fear, the smart card is here

The use of smart cards is popping in retail merchant markets all over the world. Although the United States has been slower to catch on to smart cards, U.S. retailers are beginning to express interest.  In fact, smart cards are catching on in the United States, but not in the financial industry.

February 22, 2005 by

In this week's Info Center, KIOSKmarketplace continues a discusson about the use of biometrics, and other technologies, on smart cards. (Read "Back to the future: Biometrics revisited," on ATMmarketplace, a story that explored the potential use of biometrics at ATMs as well as challenges that stand in the way.)

The idea of carrying a template of some part of yourself around in your pocket is, well, a little unnatural. But it's becoming one of the preferred forms of identification, especially when compared with the alternative - storing biometrics data elsewhere.

Whether it's used to let a cardholder gain access to accounts at ATMs or to enforce security restrictions at airports, biometrics is finally attracting increased interest- largely because of weaknesses associated with other verification methods.

Although biometrics technology has been around for more than a decade, it hasn't yet taken off as a form of identification, especially in the United States.

Mark Grossi,NCR Corp.'s chief technology officer, said that consumers weren't comfortable with biometrics in the 1990s. They didn't understand how biometrics information would be used and stored, and financial institutions weren't willing to tackle the infrastructure challenges that storing all of that data posed.

But experts like Francois Lasnier, North American vice president for Axalto Inc., a Texas-based provider of smart cards and point-of-sale terminals, believe that the challenges that slowed adoption of biometrics in the '90s can be overcome with smart cards.

It's not called smart for nothing

Card issuers around the world realize that online connections are not as secure as they need to be, Lasnier said.

Banks were initially eager to connect all transactions, from ATMs to online banking channels, but recent incidents of phishing and card skimming at ATMs and POS terminals, have forced banks to reconsider traditional methods of protecting data.

"It's really all about the communication channel," Lasnier said. "The U.S. is one of the leading countries in the world to address online security. But the whole online environment (is vulnerable). People can get into your account."

Lasnier said FIs in the United States have been reluctant to change the way they do things because they fear a consumer backlash.

But the retail industry has been more accepting of smart cards, even in the United States.

Beyond biometrics, smart cards, because they are embedded with computer chips, can be used to store information about shoppers, offering rewards on certain purchases and tracking shopping habits for loyalty programs. And as more and more smart card readers flood the market, more retailers are likely to get with the smart card program, said Randy Vanderhoof, executive director of the Smart Card Alliance.

Take retail merchant McDonald's as an example. In August 2004, McDonald's and MasterCard announced that the fast food chain would begin rolling out MasterCard's PayPass contactless smart card payment solution at locations in New York and Dallas by the end of 2004.

Equipped with contactless card readers from Verifone, the participating McDonald's locations can accept customers' payments without the need for a swipe. PayPass cardholders just wave or tap their cards near the reader and the transaction is complete.

Lasnier said he expects the financial industry to change over to smart cards within the next five years. As the rest of the world incorporates the Europay/MasterCard/Visa standard, the United States will be forced to catch up.

EMV

In 1996, Europay, MasterCard and Visa first released flexible specifications for smart card-based debit and credit payments. In 1999, the three card associations founded EMVCo, an independent organization, to manage and enhance EMV specifications as technology advances and the implementation of chip card programs become more prevalent.

Since then, EMVCo has published specification updates that factor in advancements in smart card technology, such as faster chip speeds.

EMVCo also established a single approval process for POS terminals and ATMs to ensure cross-payment system interoperability.

Because smart cards can hold far more information than magnetic-stripe cards, and because data cannot be copied as readily from them as it can from magnetic stripe cards, issuers throughout the world are beginning to adopt the EMV standard.

According to a report published by Verifone, entitled "EMV: Global Framework for Smart Card Payments," Visa estimates that counterfeiting can be decreased by at least 70 percent with smart cards.

The financial industry in the United Kingdom became one of the first to endorse EMV specifications when card fraud soared there during the mid-`90s. In 1999, the UK began converting its approximately 80 million mag-stripe debit and credit cards to smart cards, and began requiring ATMs and POS terminals to be equipped with EMV-compliant card readers.

Western Europe faced a deadline of January 2005 to make the smart card/EMV switch. Central and Eastern Europe, the Middle East, Africa and Asia/Pacific must make the move by January 2006.

Though Canada has yet to establish an EMV compliance deadline, Lasnier said smart card pilots are already underway there. "When that technology begins to unfold, you'll begin to see neighboring countries, like the U.S., begin to use it," he said.

American card issuers have been reluctant to adopt EMV because fraud has not been as great a problem as it is in countries like the UK. But Lasnier predicts that could change.

"We can suspect that fraud is going to begin moving to the U.S. as the increased use of smart cards spreads throughout the world," he said. "The fraud will move to the place of least resistance."

Lasnier estimates that 50 percent of the POS devices being sold in the United States include smart-card readers. Approximately 35 percent of the country's installed base of POS devices is ready for EMV now, he said.

"The last link is the smart card infrastructure," he said. "So in the next two or three years, there won't be anything to hold it up. You will begin to see smart card connections in the United States."

Lasnier believes that Visa and MasterCard may even mandate the technology in the United States as they have elsewhere around the world.

If you build it, they will come Â…

Most experts agree the issue of where to store biometric data has been one of the primary issues blocking the use of biometrics at the ATM. If smart cards are adopted in the United States, those barriers could begin to disappear.

As card fraud becomes a greater concern throughout the world, the use of smart cards at the ATM must be considered, Vanderhoof said.

And evidence of growing consumer acceptance of smart cards in the United States is popping up, Vanderhoof added.

Last November, the Transportation Security Administration launched an 11-month worker identification credential prototype that requires transportation employees to present smart cards that contain biometrics information for admittance at ports, airports and other sites. Gordon Hannah, a senior manager for BearingPoint, which is overseeing the $12 million project, said 200,000 credentials will be issued over the course of 11 months.

BearingPoint is running the prototype project at 10 sites, some using contact smart cards and others using contactless versions that communicate with smart card readers via radio waves. At the end of the 11-month period, the project will be implemented at 30 sites.

Hannah said biometrics data, including fingerprint templates and facial and iris images, are being stored in a database, a government requirement for the project, and also on the cards themselves.

"For this program, we had a requirement to use the database, to make sure that we hadn't seen the person before, so that we didn't issue more than one card," Hannah said. "Or, for the scenario of re-issuance, I want to make sure that I only have to make the match once to get a new card, so that I don't have to come back in."

But using smart cards alone for biometrics information could be appropriate in other situations, Hannah said - including ATMs, where creating a database to hold all users' information would be cumbersome, if not impossible.

Another interesting use of biometrics in the United States is underway at five airports -Minneapolis, Los Angeles, Houston International, Boston Logan and Washington Reagan - where select frequent flyers present cards with biometrics data to verify their identity. About 10,000 frequent flyers - 2,000 at each site - are participating in the pilot.

The expectation of the pilot, which is being administered by Unisys Corp., is that airports throughout the country will be able to quickly usher frequent flyers through security checks.

All five sites are using iris and fingerprint biometrics. Three of the five airports store information only on cards, while the other two are using a database.

Bryan Ichikawa, chief engineer for Unisys' Registered Traveler Program, said the pilot has been extended until the end of September 2005.

Because the program is voluntary, Ichikawa said, there hasn't been any resistance from consumers. In fact, he said cardholders are pleased with the program because it has eliminated the need to wait in long lines at security checkpoints.

"Security is the catalyst," he said. "If you think in terms of a haystack, there are something like 60 million passenger boardings per year. Half of those are performed by about 8 million people. So if you know who the 8 million are, you've cut the haystack of boardings in half; you've narrowed that down to 30 million boardings."

"It's not about looking for needles when it comes to terrorists," he added. "It's about making the haystack smaller."

Using smart cards to store biometrics templates is logical, Ichikawa added, because the cards "are inherently secure." There is plenty of room to store biometrics data on smart cards, especially if only a biometric template, and not the entire image, is used.

"Going back to ATMs - having one common network to hold all of the biometrics data would be difficult. And you have the same sort of situation in the airports. It just would seem easier to put the information on to the card," Ichikawa said.

Related Media

Blog
How Self-Service Kiosks Drive Customer Behavior and Increase Sales
Blog
Is Your Kiosk Network Missing Something? The Case for Kiosk Management
Blog
Measuring Kiosk Performance: Are Your Kiosks Meeting Customer Expectations?
White Paper
Simplifying Digital Signage Content Management
Presented by PROVISIO LLC
Recent Posts
USConnect granted US patent for Theft Detective technology
GameChanger Systems secures 2nd round of series A funding
IDEMIA launches enhanced kiosks for background checks
EcoATM names Matt Furlong as CEO
Convious Kiosks cut queues, boost sales at Zoo Osnabrück


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'