Feeds

Boffins test voice-activated secure credit card

Give me the bl**dy money!

  • alert
  • submit to reddit

3 Big data security analytics techniques

Boffins have developed a credit card that works only when it hears its owner's voice.

A prototype card from Santa Monica, California-based Beepcard comes with a built-in voice recognition chip, miniature battery, microphone and speaker.

To operate the card a user would need to press a button on the card's surface and provide a password. If the in-built voice recognition technology authenticates this voice then it emits an variable audible squawk, which a merchant's server can recognise and thereafter allow a transaction to proceed. The system would allow merchants to establish a customer has a card and is the authorised user for customer not present transactions, a notorious source of credit card fraud.

The technology is based on a refinement of a non-voice activated version of the card (which could only establish that a person had a credit card; it still might be stolen). In the case of both old and new technologies the audible signal from a card differs according to a preset order known by the server, but unfathomable to crooks. The principle is the same as that used by two-factor authentication devices commonly used for authenticating remote access.

Although two-year battery life isn't a problem with the prototype card (whose circuit is only switched on when its button is depressed), size is more of a challenge. The prototype card is three times the size of a regular credit card. Also merchants would have to support Beepcard's technology.

Visa, which already makes some use of voice recognition technology on telephone calls, is cautiously enthusiastic about the idea. "It's an interesting idea but the transaction has got to be user friendly. You wouldn't want to increase the time it takes," Visa spokesman Colin Baptie told New Scientist.

Respected security expert Bruce Schneier is far more enthusiastic. ""It's a physical authentication system that doesn't require any special reader hardware. You can use it on a random computer at an internet cafe. You can use it on a telephone. If the price is cheap enough, Beepcard has a winner here," he writes in his monthly Cryptogram newsletter. ®

Related stories

UK credit card fraud down 8%
Retailers must embrace Chip and PIN. Or else
Anti-fraud scheme saves retailers £2m
Online fraud, ID theft soars
Shoppers warned of £110m card not present fraud
Opera browser to recognise speech
Insurer taps voice analysis tech to detect fraud

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.