Company introduces technology for a one-time password in your credit card
By Jeremy M. Simon | Published: August 31, 2006
Imagine being able to generate a one-time password with your credit card, adding an extra level of security when making card transactions online, for example. A Los Angeles-based company has found a way to do just that.
Innovative Card Technologies, or InCard, has devised a method for building a display screen, battery, and password-generating chip into a card, such as a credit card. The technology competes with tokens which also provide two-factor identification -- enabling users to combine a known password or PIN with a code generated by something they have. InCard's chief executive, Alan Finkelstein, explained that his company had taken a form factor that was unwieldy and miniaturized it. He added that current tokens can only do one thing well, which is issuing the one-time password, while InCard's product can be a credit card, employee ID card, and can provide access to buildings.
The InCard product, called a DisplayCard, also can generate passwords for validating online logins or transactions, such as when banking online, just like the tokens. The cards provide a further level of security, in addition to the usual login name and password. Some banks have provided high-net customers with tokens for some time.
And, the DisplayCard's screen can be designed to show prepaid balance, reward points, or both.
The timing of the InCard product is excellent, with financial services firms under mounting pressure to strengthen the security of online transactions. In October of 2005, the Federal Financial Institutions Examination Council recommended that banks introduce multiple-factor authentication by the end of 2006. In a positive for InCard's products, the federal guidelines are not specific about what sort of authentication banks should use.
According to Finkelstein, it took InCard four years to develop the card, combining technology from a Taiwanese display maker, a U.S. battery manufacturer, and a French security team. He noted that the largest development obstacles were the ability to bend the card, power consumption, and thickness. The end result is a card that is as thin and flexible as a regular credit card and is guaranteed to function for three years and 16,000 uses -- or around 15 times a day, seven days a week, the InCard CEO commented.
Shortly, InCard hopes to unveil a card that contains two chips, both inside the card. One will create the password and the other will store personal information, such as details on the most recent transaction or balance information.
Although InCard is in discussion with various banks and credit card organizations around the world to get its invention into the market, it cannot announce any deals just yet. Finkelstein acknowledged that Visa, however, has already agreed to evangelize the technology into its banks.
Still, the price of the card could prove an obstacle to InCard's success. A credit card with a one-time password generator costs just over $10, a significantly higher price tag than the approximately 40 cents it costs to produce a plain card and $5 for a traditional password-generating key fob. But InCard is convinced it can overcome that issue. According to Finkelstein, sealing, addressing, and mailing a token adds about $5 in cost. He remarked that banks know how to distribute cards in mass numbers, so that with everything combined, InCard's product is basically similar in cost.
- You may soon be able to buy lottery tickets at grocery checkout – States have to approve shoppers using smartphones linked to credit or debit cards to purchase Powerball and Mega Millions chances ...
- EMV chip card torture test – We put EMV chip credit cards through a series of tests to see how they stand up to common threats such as extreme temperatures, water and corrosive liquids ...
- Abolish the password? Card issuers are working on that – Credit card issuers and banks aim to phase out passwords over the next few years with the help of biometric authentication ...