Feeds

Boffins test voice-activated secure credit card

Give me the bl**dy money!

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Boffins have developed a credit card that works only when it hears its owner's voice.

A prototype card from Santa Monica, California-based Beepcard comes with a built-in voice recognition chip, miniature battery, microphone and speaker.

To operate the card a user would need to press a button on the card's surface and provide a password. If the in-built voice recognition technology authenticates this voice then it emits an variable audible squawk, which a merchant's server can recognise and thereafter allow a transaction to proceed. The system would allow merchants to establish a customer has a card and is the authorised user for customer not present transactions, a notorious source of credit card fraud.

The technology is based on a refinement of a non-voice activated version of the card (which could only establish that a person had a credit card; it still might be stolen). In the case of both old and new technologies the audible signal from a card differs according to a preset order known by the server, but unfathomable to crooks. The principle is the same as that used by two-factor authentication devices commonly used for authenticating remote access.

Although two-year battery life isn't a problem with the prototype card (whose circuit is only switched on when its button is depressed), size is more of a challenge. The prototype card is three times the size of a regular credit card. Also merchants would have to support Beepcard's technology.

Visa, which already makes some use of voice recognition technology on telephone calls, is cautiously enthusiastic about the idea. "It's an interesting idea but the transaction has got to be user friendly. You wouldn't want to increase the time it takes," Visa spokesman Colin Baptie told New Scientist.

Respected security expert Bruce Schneier is far more enthusiastic. ""It's a physical authentication system that doesn't require any special reader hardware. You can use it on a random computer at an internet cafe. You can use it on a telephone. If the price is cheap enough, Beepcard has a winner here," he writes in his monthly Cryptogram newsletter. ®

Related stories

UK credit card fraud down 8%
Retailers must embrace Chip and PIN. Or else
Anti-fraud scheme saves retailers £2m
Online fraud, ID theft soars
Shoppers warned of £110m card not present fraud
Opera browser to recognise speech
Insurer taps voice analysis tech to detect fraud

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.