New credit-card technology uses
sound waves to enforce security
By Jathon Sapsford
THE WALL STREET JOURNAL
August 14 � An Israeli start-up has created a bit of gadgetry that uses sound waves to
address some of the biggest issues of e-commerce: fraud, privacy and convenience TO
DEMONSTRATE, Alan Sege of ComSense Technologies Ltd. holds up a bit of white plastic
that looks like a credit card. The executive points the card at his beat-up Sony
laptop computer. He pushes a small round circle on the card he calls a �Com Dot� �
dot-com in reverse � and the card emits a coded sound pitched so high the human ear
can�t hear it. The computer�s microphone picks up the signal, and the card emits an
audible chirp to let Mr. Sege know the transmission is complete.
� � � ��Good morning, Alan,� the computer says in response, and a Web page suddenly
appears on the screen. The system has used the Com Dot�s ultrasonic signal to identify
Mr. Sege.
� � � �The set-up, being unveiled by ComSense Monday, also asks users for a password
as a further security check. Then it can tap into a distant server computer over the
Web to pull up confidential information that the user has provided, such as account
numbers or address, making it easier to shop, trade securities or perform other online
tasks. The system can even automatically fill in order forms when consumers shop on
the Web.
� � � ��The card just goes ding-dong and you�re done,� says George Shuster of Magalia,
Calif., a 73-year-old retired Air Force colonel who tested the system as part of a
trial sponsored by America Online Inc. �It was painless.�
� � � �Many computers already have a built-in microphone and sound board, which are
needed to decipher the card�s ultrasonic codes. ComSense hopes to have credit-card
companies install in their cards the computer chip, tiny battery and speaker needed to
make the technology work. It is pitching it to big U.S. credit-card companies,
including Visa USA, and Internet services such as Lycos Inc., and is seeking patents
on the system.
� � � �Investors in the 50-employee company include individuals such as Intuit Inc.
co-founder Tom Proulx and Robin Neustein, a managing director at Goldman Sachs Group;
and venture funds including Argoquest Inc. and Israel�s Polaris.
� � � �ComSense has another backer: Its nonexecutive chairman since June has been
Malcolm Williamson, chief executive of Visa International, the parent organization of
the credit-card association. However, Mr. Williamson has recused himself from Visa�s
discussions about whether to use the technology.
� � � �ComSense is only the latest in a string of companies to put gizmos into plastic
cards. So far, the results have been mixed. So-called smart cards, with computer chips
that store credit or data, have achieved some acceptance in Europe, where they are
used for phone cards or to hold an individual�s health-care records. But they have
been slow to catch on in the U.S. And to use a smart card for Web transactions
requires a �card reader,� a piece of hardware that the consumer has to buy and hook up
to his PC.
� � � �ComSense�s technology remains unproven. Visa says it is still testing it. And
there are competing technologies such as �biometric� readers, which scan users�
fingers or eyes to prove that they are who they say they are.
� � � �Chris Christiansen, an analyst at International Data Corp., said another
possible hurdle is ambient noise, which could drown out the card�s signal. But he said
the benefits far outweigh this concern. He said the card also could confirm a user�s
identity during telephone transactions, because the signal can be carried over phone
wires or cellular phone waves, a crucial application as the Web goes wireless. �I
thought it was pretty slick,� the IDC analyst concluded.
�Unlike smart cards, which actually store sensitive data, ComSense�s card merely sends
signals that tap into data housed on a server. Backers say that will help cut down on
fraud. ComSense is marketing the server technology as a go-between that a bank or
credit-card issuer could use to vouch for the user�s identity and credit standing. The
server would send the online merchant a coded confirmation signal rather than a card
number.
� � � ��I used to be leery about sending my credit-card information all over the
place,� says Mr. Shuster, the retired Air Force colonel testing the technology. �But
this is less risky because it is stored in only one spot.�
