Innovative Card Technologies has been shaking up the payment card industry since 1993. Now, with the release of its newest product – the InCard DisplayCard with One-Time Password (OTP) – InCard has started a security revolution.
Studies have shown that the average American carries five to ten credit cards. Traditionally, these cards have offered little functionality beyond their magnetic strip. InCard’s innovators imagined more. By embedding a power source and wafer thin electronics, InCard brought plastic to life. This technology has been harnessed to power an impressive line of multi-function cards that stand out from the plain plastic crowd.
InCard applied its technology to solving the serious problem of electronic fraud, and has achieved the most powerful incarnation of Power Inlay Technology to date: the InCard DisplayCard with OTP. This easy-to-use security technology provides an additional layer of protection for any company wishing to battle online fraud or to secure access points to valuable corporate data networks. It can be integrated into a fully functional payment card or paired with RFID for physical access. The InCard DisplayCard is especially well-suited to Internet banking and enterprise logical and physical access applications.
Know Your Enemy: Is online fraud really that bad?
Unfortunately, the answer is yes, disturbingly so. In 2005, $2.7 billion changed hands in fraudulent credit card transactions. Online fraud accounted for over 58% of this amount – that’s over 1.5 billion dollars – last year alone! But what these huge numbers do not account for is the additional hardships and shaken trust experienced by the thousands of victims of identity theft. And for online businesses, a customer who has lost trust is a lost customer.
The world is watching.
The deplorable state of online security has everyone’s attention. On August 8, 2001, in an effort to protect the millions of customers of online businesses and the financial institutions that support online transactions, the Federal Financial Institutions Examinations Council (FFIEC) Agencies1 issued a number of regulations that greatly impacted the entire financial world. The FFIEC is an interagency body charged with setting standards for financial reporting. These guidelines direct financial institutions to offer greater consumer protection against online fraud and identity theft, while leaving the nature of these new security measures unspecified. The FFIEC mandates that product security upgrades be in place by the end of 2006. However, as of January 1, 2007, 33% of banks had not implemented solutions, according to a Gartner Research report2. Also, banks who hastily implemented authentication solutions to meet the deadline will be reevaluating their choices, especially for customer’s ease-of-use. We still have work to do in securing online transactions.
The most important security question.
The most important fact to verify during any online purchase or account logon:Is the person accessing the account or data system really the person they say they are?
Currently, the most widespread system for securing online accounts and data storage logins is ‘single-factor authentication,’ where the user is asked for one piece of supplementary data to prove their identity. This ‘verification’ can take the form of a password, PIN, or set of numbers on the back of the payment card. However, none of the data requires the person to physically possess the card at the time of the transaction – leaving the door open to online scams.
The FFIEC has recognized the insufficiency of all single factor authentication systems, writing in their 2001 Authentication in an Electronic Banking Environment publication:
“[The agencies] [C]onsider single-factor authentication, as the only control mechanism, to be inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties.”
Security is InCard.
InCard now offers an elegant new solution to the pernicious fraud problem – the InCard DisplayCard with a one-time-password. This simple and economical system works seamlessly alongside existing protections to offer a two-step authentication level of security. All at the push of a button!
Card users will begin online account and data system logins in a familiar way; they will first be required to enter their account information and then a PIN or password. Now however, they will be prompted to enter another proof of authenticity: their OTP. The user presses a button on the InCard DisplayCard and the one-time password appears on the display screen, which the customer then enters into the web interface. The OTP is authenticated by a secure server – confirming that only a person that knows the username, PIN or password, AND has the physical card in hand is initiating the transaction.
This simple step increases security immensely. In order to commit fraud, would-be thieves must physically steal your card – a crime much easier to detect and prevent than the current criminal technique: transmission of static information.
Don’t we all deserve the very best in online protection?
With two-factor authentication, customers using an InCard DisplayCard will enjoy the peace-of-mind resulting from better protection of their finances and their data.