Looking Toward a Fraud-proof Credit Card
Today's credit card news is full of stories about the migration from magnetic stripe technology to EMV chip technology, and how that will make credit cards less susceptible to fraud. That's very true--a Federal Reserve Bank of Atlanta Working Paper noted that when credit cards in the United Kingdom transitioned from magnetic stripe to chip and PIN technology, only certain types of fraud declined. While domestic counterfeit and fraud committed by using lost or stolen cards declined, there was a two-year increase in fraud for card not present transactions, such as online shopping, and cross-border fraud. But as the number of EMV cards increased around the world, fraud rates began going back down.
While EMV cards are certainly more secure than magnetic stripe cards, and the US will hopefully experience similar declines in fraud activity and hacking attacks, it's still possible to see fraud in this type of credit card as well because even with complex codes and layers of security, attackers and identity thefts can eventually figure out a way to copy the information stored on the card.
However, a research team in the Netherlands has found a way to use quantum mechanics to create a fraud-proof credit card. As published in The Optical Society's journal Optica, the team developed a security measure known as Quantum-Secure Authentication, which can authenticate a physical "key" without being detected or intercepted by criminal activity.
The team addressed this problem by studying photons, tiny particles of light that have unusual quantum properties which allow them to be in more than one place simultaneously. Because they have this special feature it means they can be in two places at once to manage authentication questions and answers, which means that for credit cards, there can be a fraud-proof authorization.
"Single photons of light have very special properties that seem to defy normal behavior," said Pepijn Pinkse, a researcher from the University of Twente and lead author on the paper, in a statement. "When properly harnessed, they can encode information in such a way that prevents attackers from determining what the information is."
In credit cards, Quantum-Secure Authentication would work by embedding a thin section of white paint into a credit card. This paint contains millions of nanoparticles, and if a photon of light is projected onto it, the light bounces around the nanoparticles, which creates a pattern that can be used for authentication.
Of course, a hacker could try to thwart this authentication by projecting regular light onto the area and measuring the pattern it makes. He then could reply with the correct response pattern.
However, a bank can send a pattern of "quantum" photons into the paint, and that reflection of the light will appear to have a larger pattern than it actually does because of its quantum properties. This then foils the hacker because he wouldn't be able to capture all of the information he'd need to be able to repeat the transaction authentication.
"It would be like dropping 10 bowling balls onto the ground and creating 200 separate impacts," said Pinkse. "It's impossible to know precisely what information was sent (what pattern was created on the floor) just by collecting the 10 bowling balls. If you tried to observe them falling, it would disrupt the entire system."
Because the system uses existing technology that's pretty cheap, it might be useful for purposes other than credit cards, including building security, identification cards and automobiles. "The best thing about our method is that secrets aren't necessary. So they can't be filched either," said Pinkse.
It's not known whether or not any banks will develop Quantum-Secure Authentication for actual use, but the possibility of having fraud-proof credit cards might be something that we carry in our future wallets.