Richard Jewson and Anthony Golledge of Aconite build a business case for using EMV cards to authenticate consumers on the Internet.
No currently available technology as usually implemented fully meets the growing need for a consumer-oriented authentication solution. Payment protocols address transaction-oriented security whilst underlying technologies such as SSL provide session-oriented security.
The paper suggests that the implementation roadmap for EMV provides the basis for a consumer authentication solution suitable for payment transactions and non-payment session authentication services.
A number of approaches are discussed and the business cases for a number of different interest groups are considered.
EMV authentication can support closed-system environments such as e-banking and open environments where identity is shared across a number of services. This approach to authentication is complementary to other approaches, suggest the authors, and offers a relatively low-cost, practical and opportunistic solution appropriate to mass-market applications.» Download the document now 216Kb PDF