backtop


Print 32 comment(s) - last by torpor.. on Nov 14 at 1:44 PM

Display Card has its own keyboard and LCD

MasterCard has been showing off a next-generation credit card called the Display Card. The name Display Card comes from the fact that it has a small LCD in the upper right-hand corner. In the lower left-hand corner is a small numerical keypad.

The credit card is designed for increased security and combines the functionality of a secure dongle that generates one-time passwords with a credit card, allowing users to carry one device rather than two.

The idea with the Display Card is that the little LCD will display the one-time password needed to complete certain online banking transactions. In the future, the card's capabilities can be expanded, and the small display can be used to show other things such as accumulated reward points, last transaction amounts, and even the credit card balance. The card is expected to be available from participating banking institutions in January.

"We brainstormed on ways to make it convenient and yet secure for customers," said V Subba from Standard Chartered Bank, which is collaborating with MasterCard.

"The question was: instead of sending customers another bulky token, could we replace something which already exists in the customer's wallet? That was when credit, debit and ATM cards immediately came to mind."

The first customers likely to get the new Display Card are expected to be account holders at the Standard Chartered Bank locations in Singapore. There's no indication of when these cards might come to the U.S. or other countries.

Source: BBC News



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Interesting
By Cheesew1z69 on 11/9/2012 9:17:38 AM , Rating: 2
But so many possible failures I think...




RE: Interesting
By FITCamaro on 11/9/2012 9:32:30 AM , Rating: 2
I think one time passwords like you have with MMOs are a great idea. Means even if they steal the number they can't use the card online.


RE: Interesting
By FITCamaro on 11/9/2012 9:32:51 AM , Rating: 2
Assuming a site implements requiring the password that is.


RE: Interesting
By dragonbif on 11/9/2012 11:09:36 AM , Rating: 2
They do... baloney1


RE: Interesting
By torpor on 11/14/2012 1:40:53 PM , Rating: 2
For Mastercard, it's called Mastercard SecureCode. For Visa, it's called Verified by Visa. Many major websites (including Newegg) use it.

It would be a relatively simple technical and functional matter to let this be the password generator for Verified/SecureCode.


RE: Interesting
By kattanna on 11/9/2012 12:04:17 PM , Rating: 2
quote:
But so many possible failures I think...


I'm wondering if these will be cost effective to actually catch on. They cannot be cheap.. and what of the failure rate?

will be interesting to see how well they can work out in the field with the everyday user.


RE: Interesting
By NellyFromMA on 11/9/2012 12:35:21 PM , Rating: 2
I agree. As uninterested as I am in using my smartphone as a replacement for swiping my card, everyone is bound to have a smart phone, idk if anyone will want to fork over anything extra to have one of these cards.

If they hand them out for free, presumably consumers will pay in other ways (fees are the first thing that comes to mind).

Can't help but wonder if this is the credit card industries way of trying to remain relevant in a world that currently seems slated to do away with them in favor of more tech-based solutions.

Frankly, I think the world might be better if the credit card industries were replaced, but in reality, I don't see how that honestly ends up happening.


RE: Interesting
By Cheesew1z69 on 11/9/2012 1:12:26 PM , Rating: 2
I can't imagine they would be cheap at all.


RE: Interesting
By Master Kenobi (blog) on 11/9/2012 4:28:43 PM , Rating: 2
It doesn't cost more than a few dollars to manufacture something like this. Depends on if the credit card companies will pass that cost on to the consumer or write it off as less fraud cases to deal with = cost savings.


RE: Interesting
By Kefner on 11/9/2012 12:06:06 PM , Rating: 2
Yea, I can see these LCD screens getting cracked/busted from sitting on them in your wallet all day (for those who carry them in a traditional rear pocket wallet). Guess I'd have to start carrying a purse :)


RE: Interesting
By FITCamaro on 11/9/2012 3:56:24 PM , Rating: 2
I don't keep my wallet in my back pocket unless I'm walking around. When driving it sits on the passenger seat or in the cup holder.


RE: Interesting
By polishvendetta on 11/9/2012 12:38:32 PM , Rating: 2
Considering all of the regualtions and requirements placed on credit companies, I would have to assume that these would be sent through millions of quality tests before releasing them into the public.

With only one bank speculated to use them so far im guessing these are for accounts that would truly require ultra security and not just your grandma's mastercard used to buy gorceries.


Remove the card number
By Spookster on 11/9/2012 1:20:13 PM , Rating: 2
If you simply removed the imprinted card number from the card and then display it once the correct code has been punched in that it would make this alot more secure. Then to use the card in a store or online you punch in the code which unlocks it and makes the card number visible so then you can swipe it in the scanner or punch the card number into the register/online web form. Either way the card cannot be used unless you have the code.




RE: Remove the card number
By Ironoclast on 11/9/2012 2:37:38 PM , Rating: 2
This is mind blowing, if you didn't embed a keyboard and display into the card itself... well you'd probably have to make sure that all the machines swiping cards provided the ability to let you enter a PIN and get a response and that would be nigh on impossible.


RE: Remove the card number
By JediJeb on 11/9/2012 3:31:36 PM , Rating: 2
This would be only for the ones with the keypad and display on the cards. I was thinking the same thing, that instead of the card just giving you a one time password for online purchases, make it also need a PIN to enable it to be used in a physical swipe. Now if you had to activate it and swiped it on something that had a skimmer installed they would still end up with your card number, but they would need to make a physical copy to use it because they would not be able to get access to the one time codes for online use.


RE: Remove the card number
By torpor on 11/14/2012 1:44:56 PM , Rating: 2
Sort of like how you can use your debit card - with keypad-entered PIN - pretty much anywhere these days?

Instant response - kind of like the balance check/applied authorization that happens for each swipe today?

The things you think are impossible are already there. On their own global network.


RE: Remove the card number
By drycrust3 on 11/11/2012 1:28:09 PM , Rating: 2
Agree, it is arguable having the number printed on the card is unnecessary most of the time. If the card is lost or stolen then it makes life just a bit harder for anyone trying to use it. It isn't necessary to see it when doing an electronic transaction, which is probably the major use, because the number is encrypted inside the chip.
You can set your card up so it also does debit deductions from your cheque account, and your bank account details aren't seen at all.
The only time you actually need the emblazoned number is when doing a manual transaction which uses one of those "click-clack" machines, which one can argue is a relic of the past.
For times when you do want to see the number, e.g. doing an online transaction, you can enter the PIN and the electronic display shows the card number.


RE: Remove the card number
By JediJeb on 11/11/2012 6:55:17 PM , Rating: 2
quote:
The only time you actually need the emblazoned number is when doing a manual transaction which uses one of those "click-clack" machines, which one can argue is a relic of the past.


I have several places I use my card that won't read the magnetic stripe and they have to manually enter the number. Manual entry is not a thing of the past, yet at least.


By nangryo on 11/9/2012 11:44:33 AM , Rating: 2
Because of the security concern. If we loose the card by accident (wallet dropping etc) they can't use that because they don't have the token device.




By Kyuu on 11/9/2012 12:14:35 PM , Rating: 2
I could be wrong, but I believe you'd have to enter a numeric combination on the keypad to get the passcode to show up on the LCD. So assuming a secure PIN, the card would still be useless for any transaction requiring that passcode.


By FITCamaro on 11/9/2012 3:59:55 PM , Rating: 2
Over time it'd be easy to know which numbers were pressed for the pin. I'd want more than just a 4 digit pin.


Power?
By Proposer88 on 11/9/2012 11:56:00 PM , Rating: 2
How is the display powered? A tiny battery? A solar cell? The article should have covered that




RE: Power?
By V-Money on 11/10/2012 11:16:11 PM , Rating: 2
I am assuming that it wasn't mentioned because it is unknown at this time. If you look at VISA's implementation of this technology though http://readwrite.com/2011/11/02/new-visa-credit-ca...
quote:
In addition to the display, it comes with a numeric keypad and a battery that is supposed to last up to three years.

So I am assuming that this card uses something similar.


RE: Power?
By V-Money on 11/10/2012 11:18:05 PM , Rating: 2
Also, for the record the VISA variant was co-created by NagraID Security services, the same company that makes the display for the Mastercard, so it can safely be assumed it also uses a small battery.


Fantastic idea
By DukeN on 11/9/2012 9:54:30 AM , Rating: 2
A better way of implementing another layer of security than say, verified by visa/mastercard.




RE: Fantastic idea
By danjw1 on 11/9/2012 11:09:15 AM , Rating: 2
Dual token is the way to go. Assuming the algorithm is secure, it should be an additional layer of security for their customers. I applaud this.


Not that new
By scook9 on 11/9/2012 5:52:08 PM , Rating: 2
I work for RSA, we obviously do a LOT with tokens....We have sold various card sized tokens for years - one of which that has a display and keypad. Something this article is not mentioning is the thickness of the card. Our tokens are about 5mm thick, hardly a credit card and not something you can slide into a credit card reader. I am thinking that this will either be that fat, or not have very good durability.

We test the bejesus out of ours before going to market and determined that to get the desired lifetime and ruggedness, that is as thin as they will come - they are also tamper evident which would be important in a security device like this.

2 factor authentication using a token is nothing new, and I am glad to see it in more places (Battle.net, google, paypal, many more) but I do not see how it will make life any easier in this application. Although I do see the security benefit of course.




RE: Not that new
By FITCamaro on 11/10/2012 8:53:48 AM , Rating: 2
Would simply require new card readers. Yes I know the costs for businesses would suck but the less fraud resulting might lower fees they have to pay for accepting cards.


A bit racist but ...
By Devilboy1313 on 11/10/2012 8:01:34 PM , Rating: 2
That keypad may be OK for somebody with small hands, but what about us ham fisted North Americans / Europeans?




RE: A bit racist but ...
By jconan on 11/11/2012 11:49:48 AM , Rating: 2
That's where those 5" phones eg Galaxy Note 2 comes in with NFC... Unfortunately not everyone has a big pocket in their pants. A larger size card probably wouldn't fit. More card size area means more material cost and more environmental waste.


The question remains
By spaced_ on 11/12/2012 2:31:52 AM , Rating: 3
Does it come with rounded corners?




Why not Just a Mobile App?
By Arsynic on 11/9/2012 2:35:14 PM , Rating: 2
I use one for my SWTOR account. :)




"I f***ing cannot play Halo 2 multiplayer. I cannot do it." -- Bungie Technical Lead Chris Butcher











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki