Fisher International has been shipping their Smarty smartcard reader in a
floppy for years. The Smarty was an evolution of Fisher's SafeBoot token,
also in a floppy form factor. I received a free SafeBoot kit at the 1994 or
1995 RSA conference.
--Lucky Green <[EMAIL PROTECTED]>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Behalf Of Robert Hettinga
> Sent: Monday, September 20, 1999 07:27
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; Digital Bearer
> Settlement List
> Subject: IP: Smart Cards with Chips encouraged
>
>
> I remember Ian, Adam, <someone else> and I talking about the
> card-in-a-floppy thing at CFP '96.
>
> Soulda, woulda, coulda, and all that...
>
> Cheers,
> RAH
>
> --- begin forwarded text
>
>
> From: [EMAIL PROTECTED]
> Date: Mon, 20 Sep 1999 08:50:44 -0500
> To: [EMAIL PROTECTED]
> Subject: IP: Smart Cards with Chips encouraged
> Cc: [EMAIL PROTECTED]
> Sender: [EMAIL PROTECTED]
> Reply-To: [EMAIL PROTECTED]
>
> Source: New York Times
> http://www.nytimes.com/library/tech/99/09/cyber/commerce/20commerce.html
>
> September 20, 1999
>
> By BOB TEDESCHI
>
> New Hardware Could Help Web Merchants Cut Fraud
>
> Credit card companies love the Internet, since they pocket a share of most
> e-commerce transactions. But like everything in the world of revolving
> credit, that love has limits. Stolen cards used to make purchases online,
> in particular, cost credit card issuers millions each year -- pushing the
> price of doing business on the Web higher for banks, merchants and,
> ultimately, users.
>
> So even as the major credit card companies and the banks that issue those
> cards explore ways to build Internet market share, they are also looking
> for creative ways to limit fraud.
>
> The recent launch of the American Express blue card, which comes with an
> embedded computer chip, is an example of both efforts. Since the card's
> chip can access a user's personal information, it will eliminate
> the hassle
> of typing in that data in every Web purchase -- and, American Express
> hopes, encourage people to use its card. At the same time, the
> chip limits
> the fraud by guaranteeing the shopper's identity and offering greater
> protection to the buyer's information during the transaction.
>
> The key to these features is a piece of computer hardware that, until now,
> has been foreign to the desktop: a credit card reading device. Starting in
> November, blue card owners will be able to obtain such a device,
> which they
> will be able to plug into their PC's, enabling them to swipe the card at
> home much like a sales clerk would at a retail store.
>
> Other credit card issuers are exploring similar technologies. One company
> that makes a card-reading device for personal computers, UTM Systems,
> recently announced that four major U.S. banks affiliated with
> both Visa and
> Mastercard International will begin distributing its system free to
> consumers before the end of the year. UTM's founder and chief executive,
> Robert Lee, declined to name the banks, but said they served "well over 10
> million customers."
>
> The device, which costs the card issuers $6 a unit, is simple. When a user
> is ready to make an online purchase, the credit or debit card is placed in
> the UTM card reader, which is inserted into a floppy disk drive. A small
> window then appears on screen, asks for a personal identification number
> and sends the encrypted information to the retail site. When the
> transaction is complete, the window disappears.
>
> David Robertson, president of the Nilson Report, a credit card industry
> newsletter, predicted that credit card companies would be aggressive in
> spreading such technologies. "American Express is the first, but
> you'll see
> everyone start to do this by the end of the first quarter of next
> year," he
> said. "It's inevitable."
>
> >From the standpoint of fraud prevention, card issuers have great
> incentive
> to promote the devices, he said. Issuers lose roughly 8 cents for every
> $100 in online sales to fraudulent card use -- "slightly higher than the
> market at large, but it's growing," Robertson said.
>
> "The industry has been fabulously successful at pushing fraud down in
> general," he added. "But that just highlights the liability
> associated with
> the Internet."
>
> Which is not to say that Visa, American Express and Mastercard
> are stepping
> lightly into the electronic frontier. Each has begun major
> Internet-related
> advertising efforts, of which Visa's is the most aggressive. According to
> the Nilson Report, 59 percent of Internet credit card purchases are made
> with Visa, 28 percent with Mastercard and 12 percent with
> American Express.
> Off line, Visa has a 51 percent share, compared with 25 percent for
> Mastercard and 17 percent for American Express.
>
> In part, the success of PC-based credit card readers hinges on how secure
> consumers feel about credit card transactions on the Web. While such
> devices in fact provide users more security than typical Internet
> transactions, surveys indicate that consumers are less concerned about
> entering their credit card data online than they used to be. One recent
> survey by Navidec, a consulting firm, indicated that 21 percent
> of Internet
> users worry about credit card security during transactions, about half the
> number that expressed such concerns in 1997.
>
> However, Paul Hughes, an analyst with the Yankee Group consulting firm,
> says that new Internet users might warm to these devices, given the
> trepidation with which many still approach online shopping in general.
> "That said, the credit card companies are going to have to do
> some creative
> marketing to drive these into the hands of consumers," he said.
>
> At least one online merchant is leery of such creativity. "If credit card
> companies say that only with this device is a transaction secure during
> transmission, that would be a disservice to e-commerce as a whole," said
> Peter Baltaxe, senior vice president of 911Gifts.com. "I don't know of a
> single documented case of a credit card number being taken in transit."
>
> If credit card companies succeed in spreading the gospel of card-reading
> devices without scaring consumers, it could help the cause of e-commerce
> merchants, who have gone to great lengths to reduce fraud in recent years.
> Internet retailers have cut the rate of fraud from as much as 15
> percent of
> online transactions earlier in the 1990s to roughly 2 percent today, but
> given the difficulty of achieving a profit online, that figure still
> rankles executives.
>
> More important, however, is the premium Web merchants pay in credit card
> transaction fees because of the higher risk of fraud associated
> with online
> purchases. The biggest Internet-only retailers can negotiate transaction
> fees of roughly 2 percent, which are competitive with off-line retailers,
> but most e-commerce sites pay at least 1 percentage point more --
> often 3.5
> percent. Such purchases -- so-called "card not present"
> transactions in industry parlance -- are deemed riskier because the
> retailer cannot physically match the credit card with the buyer.
>
> Card-reading devices would presumably solve that problem, since
> they insure
> the identity of card holders by requiring them to enter a personal
> identification number. "Would we like to have fees reduced, seeing that
> we're always dealing with the card-not-present issue?" said Elaine Rubin,
> chairman of Shop.org, an e-commerce trade group. "Clearly we'd love that.
> Is that going to happen? It's too early to tell."
>
> Both American Express and Visa representatives agreed. "We would have to
> look at the entire value proposition" before reviewing online merchants'
> transaction fees, said Michael Biendorff, who heads Visa's recently formed
> Evisa unit. "Right now it would be premature to speculate."
>
> Copyright 1999 The New York Times Company
>
>
> **********************************************
> To subscribe or unsubscribe, email:
> [EMAIL PROTECTED]
> with the message:
> (un)subscribe ignition-point email@address
> **********************************************
> <www.telepath.com/believer>
> **********************************************
>
> --- end forwarded text
>
>
> -----------------
> Robert A. Hettinga <mailto: [EMAIL PROTECTED]>
> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
> 44 Farquhar Street, Boston, MA 02131 USA
> "... however it may deserve respect for its usefulness and antiquity,
> [predicting the end of the world] has not been found agreeable to
> experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
>
>
