Biometrics and payment card security
06 April, 2010
category: Biometrics, Financial, Government, Library
These and more top 2010 list of security trends
By Ross Mathis, Contributing Editor, AVISIAN Publications
In predicting the security forecast for 2010, there will be a noticeable increase in the utilization of biometrics and cloud computing environments, says Terry Hartmann, vice president of identity solutions at Unisys. Increasing the security of credit card information and mobile transactions will also be a major issue.
Led by the Asia-Pacific region and Europe, more than sixty countries have invested in the electronic passport infrastructure, issuing passports containing a chip to store an individual’s biometric data, typically a photo and a fingerprint. However, Hartmann points out only five countries are actually reading the information from the biometric chip to verify that the person who the passport is issued to actually matches the traveler crossing the border.
“In 2010, a lot more countries will pilot, investigate, and look at verifying electronic passports,” says Hartmann.
More countries are also issuing biometric-enabled identity cards. Taking these cards into the streets and other remote locations, will in turn, increase the demand for mobile biometric devices. These mobile devices permit a country to take biometric-based critical services directly to citizens, rather than requiring citizens to come to the technology.
Police forces in Australia are already using mobile fingerprint scanners to access the national fingerprint database from the field. Officers cross reference with the criminal database and search for a match. In the future, these devices will also aid in the identification of individuals in disaster situations when time is critical.
Taking it to the clouds
Organizations will begin to reduce the tendency to protect everything, instead prioritizing security controls based on whether the data presents low, moderate or high levels of risk.
“Cloud computing can allow customers to make a number of cost savings as they run their operations,” Hartmann says. “2009 was the year of people becoming aware of cloud computing.”
In 2010, organizations will begin moving less sensitive public data into cloud environments. They will attain these cost savings and follow with migrating more sensitive data into the cloud, as new security models are tailored to address the increasing levels of data sensitivity.
Securing card and mobile transactions
Hartmann predicts there will be tougher standards and policies to combat credit card fraud in coming year. “At the moment, in the U.S., we are pretty lax in regards to how we handle credit cards.”
On the back of a credit card is supposed to be a handwritten signature of the owner–a biometric linking the owner to the card itself. “However, nobody actually checks that,” says Hartmann.
He predicts more implementation of EMV to ensure that both online and face-to-face transactions are performed by the actual owner of the credit card.
Hartmann states this system will be primarily pushed by consumer demand. “People travel to Europe and Asia-Pacific where these extra levels of security are already established, they are surprised that these types of controls are not already set into place in the United States.”
The demand for security platforms and anti-fraud applications need to be strengthened and updated regularly, to ensure the protection of mobile transactions. As more employees and consumers use smart phones to conduct business dealings online, organizations will look for new ways to protect its data beyond simple PINs and passwords.
“For a lot of people, your cell phone is a biometric–you’re uncomfortable if it’s not around. It’s a part of you. You’ll notice you’ve lost your cell phone before you’ve lost your credit card.”