Skip to main content

MasterCard Working On Contactless Payment Card

On Friday, Ajay Bhalla, President of Enterprise Security Solutions at MasterCard, said that consumers should be able to identify themselves without having to use PIN numbers and passwords. Biometric authentication is expected to be the key technology for this type of security, which is what the company is using in its partnership with Zwipe.

While Google and Apple are pushing contactless payments with their hardware, MasterCard and Zwipe have developed the world's first fingerprint-authenticated contactless payment card. This card uses an integrated biometric sensor and stores the user's biometric data in secure biometric authentication technology provided by Zwipe. This tech also stores MasterCard's application and an EMV-certified secure element.

In other words, the user's fingerprint data is stored directly on the card and not on MasterCard's servers. That presumably means that the only way hackers can use this card is to acquire the correct finger. The card cannot be used in contactless payments unless it's activated by the user's finger.

MasterCard indicated on Friday that Zwipe is currently working on the next-generation version of its contactless payment card. Slated for a 2015 release, this card will be the standard credit card size and work with all payment terminals. This card won't even need a battery, as it grabs energy from the payment terminals.

News of this biometric credit card arrives just one day after MasterCard revealed its support for Apple Pay. This service is based on Apple's Touch ID, which is available in newer Apple products like the iPhone 6 and iPhone 6 Plus.

Like Zwipe's credit card, Apple customers must hold a finger on the Touch ID button and then hold the device next to a contactless reader. The tech creates a unique Device Account Number, which is stored and encrypted in the device's Secure Element. This element is "walled off" from iOS according to Apple, and it's not backed up in the cloud, keeping the user's information safe.

Between Apple and Zwipe, MasterCard seems to be moving full throttle into the contactless payment arena.

"Safety and security in everyday payments is at the heart of MasterCard's business," said Ajay Bhalla. "We will continue to work with innovators, like Zwipe, to ensure we stay ahead of fraudsters and provide a seamless payment experience, as ultimately it is consumers who decide how they choose to pay."

Follow Kevin Parrish @exfileme. Follow us @tomshardware, on Facebook and on Google+.

  • iron8orn
    I hope we don't see people getting fingers cut off haha
    Reply
  • boju
    Finger hackers :o
    Reply
  • DXRick
    Say you are a cashier and someone pulls out one of these cards and someone else's dead severed finger to authenticate it.

    Do you say:

    A: "Hold it right there while I call the police!"
    B: "Thank you, and do come again."
    Reply
  • bak0n
    Just another layer of security. Issue is this will have no impact for online fraud, which I'm sure is the majority of the fraud that takes place. (once you go touch-less that is).
    Reply
  • everlast66
    @DXRick
    "Say you are a cashier and someone pulls out one of these cards and someone else's dead severed finger to authenticate it"

    No, you say: "Sir, don't forget to put the finger in a freezer to preserve it for your next purchase. Have a nice day."
    Reply
  • USAFRet
    No. No fingerprint, please.
    (to my wife) "Here, take my card and go buy groceries. Oh wait..."
    Reply
  • daekar
    So I can't give my card to my wife if she left her purse in the car? You can't give a card to your child for use in emergencies? I want at least 3, preferably 4 people able to use a card. I'm all about Biometrics, but it has to be designed for real life, not some sterile lab where only one person ever uses any device or card.
    Reply
  • LaughALot
    I see a 3D Printer Application.
    Reply
  • 2Be_or_Not2Be
    To all those saying "Wait, I can't give my card to ..." - you seem to be forgetting that virtually all CC companies will let you get additional cards for others. So you can get a card linked to your own account for your wife, kid, etc. Then, when they get the card, they can secure their own card with their own fingerprint.
    Reply
  • USAFRet
    14408738 said:
    To all those saying "Wait, I can't give my card to ..." - you seem to be forgetting that virtually all CC companies will let you get additional cards for others. So you can get a card linked to your own account for your wife, kid, etc. Then, when they get the card, they can secure their own card with their own fingerprint.

    Maybe so. But I still do not want a card tied to my fingerprint.

    When, not if, the card database gets compromised, I can get a new card.
    I can't get a new finger.
    Reply