I remember Ian, Adam, <someone else> and I talking about the
card-in-a-floppy thing at CFP '96.
Soulda, woulda, coulda, and all that...
Cheers,
RAH
--- begin forwarded text
From: [EMAIL PROTECTED]
Date: Mon, 20 Sep 1999 08:50:44 -0500
To: [EMAIL PROTECTED]
Subject: IP: Smart Cards with Chips encouraged
Cc: [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Source: New York Times
http://www.nytimes.com/library/tech/99/09/cyber/commerce/20commerce.html
September 20, 1999
By BOB TEDESCHI
New Hardware Could Help Web Merchants Cut Fraud
Credit card companies love the Internet, since they pocket a share of most
e-commerce transactions. But like everything in the world of revolving
credit, that love has limits. Stolen cards used to make purchases online,
in particular, cost credit card issuers millions each year -- pushing the
price of doing business on the Web higher for banks, merchants and,
ultimately, users.
So even as the major credit card companies and the banks that issue those
cards explore ways to build Internet market share, they are also looking
for creative ways to limit fraud.
The recent launch of the American Express blue card, which comes with an
embedded computer chip, is an example of both efforts. Since the card's
chip can access a user's personal information, it will eliminate the hassle
of typing in that data in every Web purchase -- and, American Express
hopes, encourage people to use its card. At the same time, the chip limits
the fraud by guaranteeing the shopper's identity and offering greater
protection to the buyer's information during the transaction.
The key to these features is a piece of computer hardware that, until now,
has been foreign to the desktop: a credit card reading device. Starting in
November, blue card owners will be able to obtain such a device, which they
will be able to plug into their PC's, enabling them to swipe the card at
home much like a sales clerk would at a retail store.
Other credit card issuers are exploring similar technologies. One company
that makes a card-reading device for personal computers, UTM Systems,
recently announced that four major U.S. banks affiliated with both Visa and
Mastercard International will begin distributing its system free to
consumers before the end of the year. UTM's founder and chief executive,
Robert Lee, declined to name the banks, but said they served "well over 10
million customers."
The device, which costs the card issuers $6 a unit, is simple. When a user
is ready to make an online purchase, the credit or debit card is placed in
the UTM card reader, which is inserted into a floppy disk drive. A small
window then appears on screen, asks for a personal identification number
and sends the encrypted information to the retail site. When the
transaction is complete, the window disappears.
David Robertson, president of the Nilson Report, a credit card industry
newsletter, predicted that credit card companies would be aggressive in
spreading such technologies. "American Express is the first, but you'll see
everyone start to do this by the end of the first quarter of next year," he
said. "It's inevitable."
>From the standpoint of fraud prevention, card issuers have great incentive
to promote the devices, he said. Issuers lose roughly 8 cents for every
$100 in online sales to fraudulent card use -- "slightly higher than the
market at large, but it's growing," Robertson said.
"The industry has been fabulously successful at pushing fraud down in
general," he added. "But that just highlights the liability associated with
the Internet."
Which is not to say that Visa, American Express and Mastercard are stepping
lightly into the electronic frontier. Each has begun major Internet-related
advertising efforts, of which Visa's is the most aggressive. According to
the Nilson Report, 59 percent of Internet credit card purchases are made
with Visa, 28 percent with Mastercard and 12 percent with American Express.
Off line, Visa has a 51 percent share, compared with 25 percent for
Mastercard and 17 percent for American Express.
In part, the success of PC-based credit card readers hinges on how secure
consumers feel about credit card transactions on the Web. While such
devices in fact provide users more security than typical Internet
transactions, surveys indicate that consumers are less concerned about
entering their credit card data online than they used to be. One recent
survey by Navidec, a consulting firm, indicated that 21 percent of Internet
users worry about credit card security during transactions, about half the
number that expressed such concerns in 1997.
However, Paul Hughes, an analyst with the Yankee Group consulting firm,
says that new Internet users might warm to these devices, given the
trepidation with which many still approach online shopping in general.
"That said, the credit card companies are going to have to do some creative
marketing to drive these into the hands of consumers," he said.
At least one online merchant is leery of such creativity. "If credit card
companies say that only with this device is a transaction secure during
transmission, that would be a disservice to e-commerce as a whole," said
Peter Baltaxe, senior vice president of 911Gifts.com. "I don't know of a
single documented case of a credit card number being taken in transit."
If credit card companies succeed in spreading the gospel of card-reading
devices without scaring consumers, it could help the cause of e-commerce
merchants, who have gone to great lengths to reduce fraud in recent years.
Internet retailers have cut the rate of fraud from as much as 15 percent of
online transactions earlier in the 1990s to roughly 2 percent today, but
given the difficulty of achieving a profit online, that figure still
rankles executives.
More important, however, is the premium Web merchants pay in credit card
transaction fees because of the higher risk of fraud associated with online
purchases. The biggest Internet-only retailers can negotiate transaction
fees of roughly 2 percent, which are competitive with off-line retailers,
but most e-commerce sites pay at least 1 percentage point more -- often 3.5
percent. Such purchases -- so-called "card not present"
transactions in industry parlance -- are deemed riskier because the
retailer cannot physically match the credit card with the buyer.
Card-reading devices would presumably solve that problem, since they insure
the identity of card holders by requiring them to enter a personal
identification number. "Would we like to have fees reduced, seeing that
we're always dealing with the card-not-present issue?" said Elaine Rubin,
chairman of Shop.org, an e-commerce trade group. "Clearly we'd love that.
Is that going to happen? It's too early to tell."
Both American Express and Visa representatives agreed. "We would have to
look at the entire value proposition" before reviewing online merchants'
transaction fees, said Michael Biendorff, who heads Visa's recently formed
Evisa unit. "Right now it would be premature to speculate."
Copyright 1999 The New York Times Company
**********************************************
To subscribe or unsubscribe, email:
[EMAIL PROTECTED]
with the message:
(un)subscribe ignition-point email@address
**********************************************
<www.telepath.com/believer>
**********************************************
--- end forwarded text
-----------------
Robert A. Hettinga <mailto: [EMAIL PROTECTED]>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
