There exists a number of short-range wireless technologies to communicate between electronic devices such as smart tags and payment cards. Example of this type of wireless technology include touchless protocols such as RFID and NFC (Near Field Communication). There are a number of common applications known in the art such as bank cards, stored value cards, loyalty cards, and access cards. These cards often contain valuable and sensitive data which needs to be protected from unauthorized access. It is important to protect the privacy of the data and to ensure its authenticity and integrity.
Though there are obvious advantages of using a touchless card to make payments there are drawbacks as well. Inherent in the wireless nature of the technology is that it is much easier to access the card or to eavesdrop on data being transferred between a card and a card reader when compared to other technology that requires a direct connection between the card and the reader. Due to the fact that a card reader can read the card data without touching the card, unauthorized accessing or eavesdropping of card data transfers may occur without the user being aware of the unauthorized card reading operation.
A number of solutions to this problem that have been proposed. Some are based on improving security in the card while others concentrate on improving security in the card reader. A card reader can require the manual input of an authorization code or password at power up or at a predefined interval. Other systems detect when a card has been removed from the proximity of a reader and automatically stop any data transfer operations. Other security measures require the card holder to authenticate using an emulated card or e-wallet application on a mobile device that asks for a user password or biometric authentication before allowing access. These existing solutions are all cumbersome and detract from the simplicity of using touchless card technology. Furthermore, most existing solutions focus on increasing the reader side security. There exists a need for technology that supplements and complements security features in the card, emulated card, or wallet by increasing security in the card reader. Solutions should decrease the risk of data theft while preserving the ease-of-use of the NFC and other touchless card and wireless technology.