A new type of credit card called the Motion Code card has been developed by Oberthur Technologies. It has the ability to change its security code every hour to help stamp out the growing problem (and rising costs) of credit card fraud.
The UK’s Financial Fraud Action revealed that credit card fraud in the UK rose to £755m in 2015, with the Office for National Statistics said that there were 20,255 victims for the year ending March 2016.
The card replaces the traditional printed 3-digit security code on the back of credit and debit cards, with a digitised screen that changes automatically every hour.
The screen is powered by a lithium battery that can last for 3 years.
>See also: Is there really life beyond the credit card?
Professor Alan Woodward, a cybersecurity expert from Surrey University told the BBC that this technology has been around for sometime and that “it may be costly for card operators as some extra infrastructure will be required to ensure our cards stay synchronised with the operator, but it happens already for many banks with the dongles they issue for login.”
Oberthur Technologies are currently in talks with UK banks to discuss implementing the new credit card technology, but it will be present in France by the end of the year.
French banks Societe Generale and Groupe BPCE will lead the charge in France, after a successful pilot scheme there, in Poland and Mexico.
Fraudsters are becoming more advanced in their pursuit of bank details, from increasingly evolved skimmers (a method that takes card information directly from a cash point or ATM) to more imaginative online scams. It is difficult to imagine a day when credit cards are ever safe online.
Moving away from the password banks are turning to biometrics – voice, fingerprint and iris authentication – to further tackle security vulnerabilities.
However, a study from security firm Kaspersky Labs found at least 12 sellers offering skimmers had the capability of stealing people’s fingerprints.
The study also revealed that criminal research is well underway on devices that could obtain data from hand, vein and iris recognition systems.
The new Motion Code card adds another layer of security to banking security practice.
However, having the security code in digitised form establishes a potential problem that needs to be answered: can the card itself be hacked? If it now has a digital display, can this be compromised externally?
David Emm, principal security researcher at Kaspersky told Information Age that this is “possible, of course. But the attackers would have to gain access to the providers’ systems and steal the algorithm used to generate the one-time generated codes. This happened to RSA in 2011. However, this was almost certainly not done to commit fraud against consumers.”
He went on to suggest that this technology will only “add security for cases where the card *details* have been stolen. It will not help where the card itself has been stolen.”
However, Emm did also mention that MotionCode will reduce the ‘window of opportunity’ available to a criminal to use a stolen card number.
“It’s not as strong as two-factor authentication however, which would render a stolen card of no use to criminals. It would be a stronger proposition if new CVV numbers were to be generated on another device (another card, or a mobile phone), since this would reduce the chances of a criminal obtaining both numbers.”
While banks are responsible for the security of their institutions, Emm also makes clear that consumers must “be aware of their digital footprint, installing security updates promptly, using strong and unique passwords, applying caution when using public wi-fi networks and not revealing too much information about ourselves online.”