A bank card that allows workers to securely access company IT systems from outside the office is being trialed in the United Kingdom.
Up to 1,000 staff at Deloitte and Visa will be given new Barclaycard Corporate Visa cards, which generate one-time-use passcodes that allow remote access to the company IT system over a virtual private network (VPN).
The card has an embedded keypad and LCD screen, to allow users to enter their PIN and generate the passcode, which is then authenticated by the VPN.
The three-month pilot began last month and is aimed at demonstrating how much businesses could save by using the cards instead of investing in separate tokens to generate passcodes.
Simon Owen, who leads the information and technology risk practice at Deloitte, told ZDNet Asia's sister site Silicon.com: "It allows you to combine the savings of not having to produce and distribute a separate dongle device with the security and convenience of having this in a credit card."
The two-factor authentication technology was developed by Barclaycard in conjunction with EMUE Technologies.
Deloitte used to rely on a separate dongle to generate a passcode but its 10,000 staff now use a mobile phone applet based on EMUE technology to authenticate access to systems via VPN. The applet works in the same way as the card, generating a one-time passcode after the employee enters their PIN.
"We believe that the EMUE technology offers 60 percent cost savings over traditional security technology such as the dongle offerings," Owen said.
The card can still be used for authenticating ATM and Chip and PIN transactions and is swipe-card-reader compatible.
The passcode technology can also provide remote authentication to combat card not present (CNP) fraud and identity theft associated with online banking, Internet shopping and telephone authentication.
CNP fraud using stolen U.K. cards cost 328.4 million pounds (US$501 million) last year, accounting for more than half--54 percent--of all card losses.
Owen said: "EMUE is designed to stop CNP fraud that many banks say are hurting them at the moment."
Consumers could also use the technology to avoid being scammed by phone calls or e-mail messages, inputting an EMUE code into their card from the caller or the e-mail to authenticate the correspondence.
Nick Heath of Silicon.com reported from London.
Play video
Deloitte own Emue
Interestingly after about 4 years of owning this technology and failing to get any interest from the banks, they have now looked to recover their costs by using it in house ;)
Posted by anonymous on Wednesday, May 20 2009 05:04 PM