Presently smart cards can be classified into two main groups, contact and contactless. Contact, as the name suggests, requires some form of physical prolonged contact with the reader to permit use of the card. Contactless cards by contrast simply use an RF source to energise the card to facilitate data transfer between the reader and the card without the need for physical contact with the reader.
Since their development, smart cards have been utilised in a variety of applications including finance, identification, healthcare, transport and security etc. In many of these applications, personal or other sensitive information is often recorded to the card. The card's ability to store such sensitive information has proven a popular target of criminal activity. One of the most popular forms of crime utilising data skimmed from cards is that of identity theft. In the US, the total value of identity fraud for 2003 alone was US$47.6 billion. In the United Kingdom, the Home Office reported that identity fraud costs the UK economy £1.2 billion annually. In Australia, identity theft was estimated to be worth between A$1 billion and A$4 billion per annum in 2001.
Often instances of identity theft result from details being acquired from an individual's credit card through skimming the card or via hacking of websites etc. to obtain the information. More often than not, most individuals do not realise that they have been the target of an attack until they are notified by the credit card company or their banking institution.
More recently, the introduction of tap and go or automatic processing of the transaction for purchases under a certain denomination without requiring identification or the input of a pin etc. has again made credit cards an attractive target for opportunistic criminals.
In view of the issues with card security, various counter measures have been proposed. One example of a counter measure which has been employed to prevent card fraud is discussed in WO 2009/076525 entitled “Biometric Access Control Transactions” to Visa Inc. This document discusses the use of biometric security measures to verify the identity of the card user during a transaction. In the event that the biometric information does not match that of the card owner, the card is temporarily deactivated. If subsequent attempts are made to utilise the card without the correct biometric data, the card is permanently deactivated.
Another example of the use of biometric security measures to further enhance card security is disclosed in WO 2007/110142 to Borracci et al. The Borracci document discusses the use of a smart card incorporating a biometric reader such as a finger print reader. At activation of the card, generation of the absolute biometric identification data of the authorised user is carried out, said biometric data being stored in on said card in a form that cannot be read or utilised outside said card. In addition to the generation and storage of biometric identification data, the user access code is also encoded onto the card during initial activation. When the card is utilised for a transaction, the biometric data from the reader is compared with absolute biometric identification data. The user is also required to enter the access code. If the biometric data or the access code fails to match the stored data, the card is being allowed in order to continue regular working operation. Thus, under the system of Borracci, two pass authentication is utilised in order to access the card's higher functions.
A further example of a smart card employing the use of additional security measures is discussed in U.S. Pat. No. 8,130,078 entitled “RFID Badge with Authentication and Auto Deactivation functions” to IBM. The document discusses a radio frequency identification (RFID) badge which includes a card having an authentication data acquisition and/or input device configured to receive inputted data unique to a holder of the card, including at least one of fingerprint data and a combination of fingerprint data and alpha-numeric code data, from the holder. The card also includes an RFID tag having external system access information stored thereon which is readable for access granting only when the RFID tag is activated and which is un-readable when the RFID tag is deactivated. A controller is configured to conduct an identification algorithm, during which the inputted data is compared with stored data, to thereby confirm that the holder is authorized to do so and to activate the RFID tag for a predetermined time upon such confirmation or to otherwise deactivate the RFID tag. The card includes a clip which is designed to permit operation of the card when the mating parts of the clip are disengaged i.e. the card must be worn or the clip forced open to permit the card's processor etc. to be powered up by the on-board power source.
As can be seen, the above system utilises some form of biometric security to permit access to the card's higher order functions. While this does provide increased security, it is still possible to circumvent these measures and gain access to the card's higher functions. Indeed, the ability to circumvent the biometric security measures is contemplated in U.S. Pat. No. 8,130,078. While a number of systems do employ the use of a secondary step to complete a transaction with the card, the use of a secondary step still exposes the card to an attack. That is, once the biometric security measure is circumvented, the card is activated, opening up the card to hacking.
Clearly, it would be advantageous to provide an apparatus, system and method which would mitigate the risks of card hacking and which would prevent the unauthorised use of personal data to complete a transaction. It would also be advantageous to provide a system and method wherein the risk of the misappropriation of personal data during such data exchanges is minimized.