Passcode-generating payment cards have faced years of resistance by U.S. banks, but Gemalto NV bets that, by putting its own brand behind the technology, it can make a difference.
The cards are the size and shape of ordinary payment cards but with buttons printed on the plastic and a screen that can display a dynamic security code. The cards have long been pitched as a way to improve online banking security, for instance, by requiring users to type in the card's code for each login, but U.S. banks have resisted deploying the technology to consumers because of its cost.
The card can still be used for standard payment. Amsterdam-based Gemalto says it is in talks with several American banks that are considering the card, which has been adopted by a client in Europe.
Observers said that Gemalto's size and its focus on financial services may make a difference for this technology, which has typically been pitched by startups or by security companies with less banking focus.
"The card needs some action, and if this was a small, startup company, it wouldn't attract attention. … [But] this is a killer company," said Brian Riley, a research director for bank cards at TowerGroup. Gemalto is "a global player, a dominant player in the business, no doubt."
Adam Dolby, Gemalto's eBanking channel manager for the Americas, said that its technology can bring consumers a level of security that is more commonly offered to businesses.
"Internet banking security" of this nature "has been reserved only to people at the corporate level," whereas consumer security has been less visible to end users, Dolby said. By contrast, the Gemalto card "is something tangible."
The new product will cost $10 to $12 each to produce.
Passcode-generating cards have had limited success in recent years.
In November 2008, Bank of America Corp. began selling such a card to online banking customers who would pay a $20 fee to improve their online security.
Citigroup Inc. is testing a similar technology from Dynamics Inc., a three-year-old Pittsburgh startup. Though Citi is using the technology to reprogram the card to give access to two different accounts, Dynamics also offers a security feature wherein part of the account number is obscured until users unlock it by typing in a code on the card.
Analysts said that passcode-generating cards do not address the bigger problems issuers face.
"The mag stripe needs to be dead, and nobody knows how to kill it," said TowerGroup's Riley. Cards with chips that adhere to the EMV Integrated Circuit Card Specifications add security, he said, but "the immediate problem that you have with EMV right now is that you have half the world that's using it, and you have half the world," including the United States, that doesn't.
Avivah Litan, a vice president and distinguished analyst at the Stamford, Conn., market research company Gartner Inc., said that, although screen cards are typically proposed as a way to improve online banking security, a better use would be "at the point of sale because of all the counterfeit [card] fraud on the rise as a result of these data breaches and because the rest of the world is moving to" EMV.
Because the U.S. has not accepted EMV, fraud will migrate to the U.S. from countries that have already implemented the EMV standard, she said. "The Europeans are already here," she said.
Litan said she knows several major issuers that are seriously considering a screen card. Gemalto wants to let banks know it can supply the cards, she said.