The Amsterdam banking technology company Gemalto NV has received approval to offer in Europe a payment card reader designed to improve the security of online banking sites.
Barclays PLC has agreed to offer the reader to customers in the United Kingdom, Gemalto said Wednesday. It also said it has plans to offer a version for use by U.S. banks.
The Pocket reader has been certified under MasterCard Inc.'s and Visa Europe's Chip Authentication Program. The device works with smart cards that support the Europay, MasterCard, Visa security format, which is not used in the United States. It has also met requirements set by the U.K. payment association, APACS.
When users insert their card and enter a PIN, the device generates a one-time password that can be used to log in to online banking services.
Jack Jania, the vice president and general manager of financial services for Gemalto's North American unit said the device does not work with magnetic-stripe cards, because they do not have the processing capability of a smart card's chip and cannot run software that works with the reader.
Gemalto is developing a portable reader that will work with contactless cards, Mr. Jania said. "Contactless cards have chips that open up opportunity."
Several U.S. issuers are expected to start deploying a version of Gemalto's reader that works with contactless cards this year, he said, but would give no other details.
Barnaby Davis, who became retail banking director for Barclays this week, said customers in Europe should take to the reader, because they are accustomed to using smart cards and PINs for purchases. (Previously he was its director of electronic banking.)
The reader "uses a technology that they're very familiar with," he said. Because it uses chip cards, which are ubiquitous in the United Kingdom, "you've got half of the solution there already."
Barclays hopes to have 500,000 Pocket readers deployed by November. It will ask people to use them to set up payments online, he said.
The banking company has 2 million active online banking users (people who log in at least once a month to do something more than check balances). It will send readers to the 500,000 that use the service mostly for payments.
When Gemalto's reader is launched in the United States, it likely will face strong competition. Many banking companies have invested heavily in software to improve online security and spot fraud, though many observers expects U.S. financial companies to adopt some kind of hardware to work with the software.
Password-generating tokens are commonly used in corporate networks but rarely offered to consumers for banking purposes. The tokens generate a new password every minute or so, which expire as soon as the next one is created.
EMC Corp.'s RSA Security makes a keychain-fob token that financial companies such as E-Trade Financial Corp. offer to customers. VeriSign Inc. makes a similar product for customers of PayPal Inc. Entrust Inc. makes a low-priced token, and Innovative Card Technologies Inc. makes a slim one that can be built into credit cards.
Solidus Networks Inc., which makes the Pay By Touch biometric payment system used by several grocery store chains, adapted the technology for home use in October. The Solidus offering, called TrueMe, requires hardware that most consumers do not have: a fingerprint reader. However, Solidus designed its software to work with the readers available for purchase today, including the ones Lenovo Group Ltd. builds into some ThinkPad notebook computers.
