Authentication technology provider Natural Security SAS is preparing a global launch of its secure payment card system based on contactless smart card and biometrics technology.
Its system features a mid-range contactless device that holds the biometric data and serves as credit card holder, says Andre Delaforge, head of marketing at the Lille, France-based company.
"It's more secure than a PIN card because the PIN just verifies that someone knows the PIN — it does not verify who the cardholder is," Delaforge says. "When using the secure element in biometrics, you are sure it is the card user who is actually there when he is making a transaction."
Last spring, the company announced a partnership with TazTag Inc. to provide the cardholder device, as well as a similar device and reader that attaches to a personal computer for fingerprint authentication when shopping online.
Natural Security, founded in 2008, has spent more than three years evaluating and researching various biometrics and other security technology, Delaforge notes.
The company has established issuing bank partnerships with Banque Accord, BNP Paribas, Credit Agricole and Credit Mutuel Arkea, as well as retailers Auchan and Leroy Merlin. In addition, terminal maker Ingenico SA, also based in France, is listed as a "stakeholder" in the company's media packet.
Natural Security continues to work on its payment security method for consumers using a bank ATM, while also focusing on adapting the system for mobile phone use, Delaforge says.
In a retail setting, the process of using the biometric smart card device for authorization would take less than five seconds to complete, Delaforge adds.
Consumers using the technology don't even need to remove the contactless cardholder device from a pocket or purse. Or they could tap the device on a retailer's payment terminal, which in turn would receive a scan of the person's fingerprint for storage in the fingerprint reader. The consumer then places the same finger on the reader for authorization, Delaforge says.
All of the biometric information remains stored on the cardholder device and under the consumer's control, he adds. If the consumer loses or has the cardholder stolen, no one else would be able to match the fingerprint, Delaforge says. In addition, consumers can turn off the cardholder's wireless communication function and use the card in contact mode as an EMV chip-and-PIN card, he adds.
Retailers can purchase the fingerprint readers from Natural Security, or may receive them from an issuing bank, Delaforge says.
The payments industry has long awaited a biometrics technology that would work in a retail setting, but challenges remain, says Scott Strumello of New York- and London-based Auriemma Consulting Group.
"It's an interesting concept, but there are a lot of moving parts in a point of sale system, and it would have to work with all of them," Strumello notes.
The challenge for biometrics has never centered on security aspects, Strumello adds. "Integration at the POS and getting it on the cash registers has always been a key challenge for this type of authentication," he says.
Strumello says he is not familiar enough with Natural Security's project to comment on its specifics, but suggests that any sort of venture into new security methods relies heavily on partnerships.
"Natural Security seems to be taking steps in the right direction with its bank and terminal maker partners," Strumello says. "But it could provide more credibility by possibly partnering with a payment network or a large merchant acquirer."
Delaforge also realizes biometrics can't be viewed as a silver bullet in payments security.
"It is just one aspect of a security solution, and we are always evaluating biometrics and thinking of new ways to use it," he adds.
For the time being, Natural Security is stressing strong security along with convenience for the consumer and effectiveness for the retailer.
"Having 20 different passwords to authenticate yourself doesn't make any sense, and it is a nightmare for the user," he says.