Analysis: How chip and PIN led to contactless cards
It's the third anniversary of Chip and PIN, so IT PRO explores the potential of the tech behind the card chip.
This weekend marks the third anniversary of the rollout of chip and PIN across the UK.
Although the chip and PIN payment system has had its problems and isn't foolproof, it's generally thought that the extra authentication makes it more difficult for criminals to carry out card fraud.
But technology has moved in the past three years, and chip and PIN is now being used in new ways in addition to cash machines and face-to-face transactions. The banking industry has already started to implement ways of using the security of chip cards against online fraud by using dynamic passcode authentication'.
Some online shoppers may already be familiar with how such authentication works with both e-commerce and telephone ordering, as well as online banking.
Banks like Barclays, Nationwide and the Royal Bank of Scotland give customers their own card readers, which carry a smartcard slot, a keypad, and a display.
Customers insert their chip and PIN card into the reader and are given a one-time code to enter into the website or use over the phone. This strengthens security because it offers two-factor authentication, as both the card and a valid PIN need to be present in order for the transaction to proceed.
Contactless Cards
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Some systems are taking the opposite tactic, and not requiring customers to enter a PIN at all. Using certain contactless card systems for anything costing 10 or less, all users need to do is wave the card at a reader with a ripple' symbol, and the transaction is done automatically without any input - very useful for buying food or small items.
Organisations such as Barclays have already released contactless cards such as the Barclaycard OnePulse, which offers an Oyster card, credit card and contactless capability all in one go.
The Oyster card is already quite familiar to Londoners, but with smaller purchases you are able to use the contactless technology in shops throughout London, including Books etc, Yo Sushi and Coffee Republic.
Contactless cards are secured by the same technology that underpins chip and PIN. Contactless payments don't need the PIN to be entered as standard, but from time the terminal asks the user to undertake a full chip and PIN transaction.
This should deter fraud if the card is lost or stolen, by re-affirming the cardholder is present. Contactless cards also won't have to be charged' like pre-pay Oyster cards funds will be simply debited from your account.
Last month, Barclays said it would be the first bank in the UK to use debit cards for contactless payment systems from March, in as many as three million wallets and purse next year.
The future for mobile banking
After contactless cards, transactions on mobile phones could be the next step thanks to a wireless technology called Near Field Communications (NFC), which can be integrated in mobile devices.
It's a simple extension of contactless card technology which combines a smartcard and a reader in a single device. It's also compatible with existing contactless infrastructure already in place. Last year, O2 conducted trials of the technology, which makes it possible for mobile phones to be used as digital wallets'.
In these recession hit days, where retailers have bigger priorities such as day-to-day survival, it may be quite a while before we really see what the technology behind chip and PIN can really do, but it seems clear that the technology will be widespread soon.