NagraID: creating the credit card of the future

February 22, 2011 | Robert Scoble

Credit/Debit card fraud is a huge problem that costs banks and consumers billions of dollars per year. NagraID is tackling this problem by creating the credit card of the future, complete with computer chips and other security features that promise to make transactions both more secure and more convenient in the future.

“As you know, when there’s money involved, there’s also fraud involved,” explains Sebastian Pochic, Product Manager with MasterCard Europe.  “As a consumer, it’s very inconvenient when you have had a fraudulent transaction on your credit card, or even worse, on your [debit card].  What we’re trying to do is put in place some preventative measures to avoid any of these fraudulent transactions and make the use of the credit card more convenient for our customers.”

One of these measures is to house your security information on a computer chip within the card as opposed to displaying it on the card. Another is a unique display window that reveals a security code necessary to complete a transaction. Each code can only be used once, so even if your card information were stolen, a thief would be unable to effect a transaction without having physical possession of the card and its security code. This window can also display account information such as your last transaction, your balance, how much you have spent this month, even messages from your bank.

One thing the card will not do is broadcast your location or reveal other private information.  “The card is not a tracking device,” explains Phillippe Guilland, co-founder and CTO of NagraID Security.  “It does not send back information regarding your location or the way you shop.”

More info:

NagraID web site:  http://www.nagraid.com/
NagraID on Twitter:  http://twitter.com/nidsecurity

This post was tagged:
 

{ 2 comments }

Luis February 23, 2011 at 2:45 pm

Looks very cool but the fact that Master Card is involved its already DOA! They will have another pilot somewhere in the world and thats it. Plus the form factor of a credit card is so 1965.

There are other players that are trying to disrupt the credit card cartel and probably will have success. The whole ecosystem is under attack from the terminal makers to the financial institutions.

direwolff February 22, 2011 at 8:14 pm

The fraud issue, that’s a red herring. The card companies have done relatively little to reduce fraud. If you consider that in Europe, they’ve been able to do a lot about fraud by simply requiring PINs to be entered at the POS (whether in a restaurant, a parking meter, or a store) for well over 15 yrs, but that was never instituted in the U.S. The argument was always that cost to upgrade devices that supported this capability was high. Given how fraud happens, you’d think the math was a no-brainer. If you also consider that card companies began supporting online transactions well before the security issues had been worked out (and they’re still not really well worked out as evidenced by the huge number of credit cards stolen and in the black market). You can get some ideas of how big the numbers are from this NYT article: https://www.nytimes.com/2010/11/14/magazine/14Hacker-t.html/?pagewanted=1&_r=1.

A good question would have been, given that the discount rate charged to merchants in part helps cover fraud losses in the VISA & Mastercard systems, will they be lowering those rates as a result of this technology? ;)

As it relates to the RFID issue, if that card is going to have as much info on it as they claimed, which basically includes all of people’s banking transactions, defeating the security will be of value to many. Have they put their encryption technology into the real world and allowed security professionals & amateurs to try to hack it or defeat it? Short of that, it can’t really be trusted as we’ve seen over and over. I have yet to see a security standard like this go into the wild and survive the attacks of those in the know. The problem is that where today we lose our number but can cancel the card quickly before too much damage is done, with this new tech someone who defeats the security can get an awful lot of information about you before having the card get disabled.

Sorry for my pessimism, but I’ve seen too many supposedly secure RFID and chip-based card systems get defeated (remember the U.K. effort at distributing RFID passports, where is that now? ;) . It’s OK to use such tech for a secureID card for access to some nebulous computer system, but once the value is more tangible I expect a focused attempt by many to defeat this “platform”.

Comments on this entry are closed.

{ 2 trackbacks }