Analysis: How chip and PIN led to contactless cards

It's the third anniversary of Chip and PIN, so IT PRO explores the potential of the tech behind the card chip.

This weekend marks the third anniversary of the rollout of chip and PIN across the UK.

Although the chip and PIN payment system has had its problems and isn't foolproof, it's generally thought that the extra authentication makes it more difficult for criminals to carry out card fraud.

But technology has moved in the past three years, and chip and PIN is now being used in new ways in addition to cash machines and face-to-face transactions. The banking industry has already started to implement ways of using the security of chip cards against online fraud by using dynamic passcode authentication'.

Some online shoppers may already be familiar with how such authentication works with both e-commerce and telephone ordering, as well as online banking.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Banks like Barclays, Nationwide and the Royal Bank of Scotland give customers their own card readers, which carry a smartcard slot, a keypad, and a display.

Customers insert their chip and PIN card into the reader and are given a one-time code to enter into the website or use over the phone. This strengthens security because it offers two-factor authentication, as both the card and a valid PIN need to be present in order for the transaction to proceed.

Contactless Cards

Some systems are taking the opposite tactic, and not requiring customers to enter a PIN at all. Using certain contactless card systems for anything costing 10 or less, all users need to do is wave the card at a reader with a ripple' symbol, and the transaction is done automatically without any input - very useful for buying food or small items.

Organisations such as Barclays have already released contactless cards such as the Barclaycard OnePulse, which offers an Oyster card, credit card and contactless capability all in one go.

The Oyster card is already quite familiar to Londoners, but with smaller purchases you are able to use the contactless technology in shops throughout London, including Books etc, Yo Sushi and Coffee Republic.

Advertisement - Article continues below

Contactless cards are secured by the same technology that underpins chip and PIN. Contactless payments don't need the PIN to be entered as standard, but from time the terminal asks the user to undertake a full chip and PIN transaction.

This should deter fraud if the card is lost or stolen, by re-affirming the cardholder is present. Contactless cards also won't have to be charged' like pre-pay Oyster cards funds will be simply debited from your account.

Last month, Barclays said it would be the first bank in the UK to use debit cards for contactless payment systems from March, in as many as three million wallets and purse next year.

The future for mobile banking

Advertisement
Advertisement - Article continues below

After contactless cards, transactions on mobile phones could be the next step thanks to a wireless technology called Near Field Communications (NFC), which can be integrated in mobile devices.

It's a simple extension of contactless card technology which combines a smartcard and a reader in a single device. It's also compatible with existing contactless infrastructure already in place. Last year, O2 conducted trials of the technology, which makes it possible for mobile phones to be used as digital wallets'.

Advertisement - Article continues below

In these recession hit days, where retailers have bigger priorities such as day-to-day survival, it may be quite a while before we really see what the technology behind chip and PIN can really do, but it seems clear that the technology will be widespread soon.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020