Deloitte staff trial Visa card with built in OTP generator for IT access control

Deloitte staff trial Visa card with built in OTP generator for IT access control

Deloitte employees are piloting a corporate Visa Barclaycard that includes technology for generating one-time passwords that can be used to remotely access the company's IT system.

The three month pilot sees around 500 Deloitte staff using the card to remotely access their company IT system via a virtual private network (VPN).

The card has a keypad and LCD screen embedded into it, to allow users to enter their PIN and generate a one-time use passcode, which is then authenticated by the VPN.

The firms say the card, developed using technology from Australia-based Emue, is expected to reduce costs substantially compared to using a separate token device.

In addition to supporting remote network access, the card is compatible with Verified by Visa which could prevent CNP fraud and identity theft associated with online banking, telephone authentication and other remote channels, says Barclaycard.

Simon Owen, senior partner, Deloitte, says: "The Emue technology enabled Visa Corporate Barclaycard offers real benefits for card issuers based on our own experiences of providing staff with one time code functionality for remote access. We estimate that we could save up to 65% per user over having a separate traditional token device."

In November, four European banks outlined plans to pilot an OTP Visa card for use in consumer transactions online or by telephone. MBNA, a Bank of America company in the UK, Cornèr Bank in Switzerland, Cal in Israel and IW Bank in Italy all signed up to trial the technology.

Comments: (1)

Michael Fuller
Michael Fuller - None - London 14 May, 2009, 22:31Be the first to give this comment the thumbs up 0 likes

While Barclaycard say that "Verified by Visa could prevent CNP fraud and identity theft" my recent experience suggests that they don't really believe that.

I made two purchases on my Barclaycard at the weekend each of which was verified using Verified by VISA yet later I still recieved an automated call asking me to confirm these transactions were genuine.

Come on Barclays get your act together. If I use VbV don't then get your wires in a twist when two validated transactions hit what was a dormant account.

By the way the sooner all Visa and MasterCards incorporate a OTP feature the better since the CVV is a fatally flawed and vulnerable "security" feature.