ACS touts hacker proof online payment system

A secure online payment system that removes the need to transmit information over the Internet can potentially surmount the steepest hurdle to e-commerce - consumer fear.

ACS Smart Card Technologies has licensed the Covadis Communication Management System (CMS), an Internet payments system, which the company says offers end-to-end security for consumers, merchants and banks.

CMS is a virtual payment technology that uses a device plugged into a PC to download payment transactions. Peter Anastasiou, managing director of ACS Group in Australia, said this removes the need for credit card details to be transmitted across the Internet or stored on a PC, one of the main risks of e-wallet software.

The system is based on Secure Electronic Transaction (SET) protocol, codeveloped by Visa and MasterCard, to ensure authentication and verification of consumer credit card information. However, SET protocol was initially pronounced cumbersome to use, with consumers still exposed to security risks when transmitting personal information via Internet and storing their credit card information on the PC's CPU.

"Using most SET-based electronic wallets the consumer is still open to hacker activity and Trojan attacks," Anastasiou said.

CMS combines the SET protocol with a smart card and a secure environment for the consumer using the Internet wallet terminal, he added.

To use the system, dubbed Caroline (CARd OnLINE), the consumer plugs the terminal into a computer, inserts a credit card and enters a PIN to proceed. Covadis remotely authenticates the Caroline terminal and downloads operating software for the card, operating software for the wallet and applications from the CMS.

The PIN is verified locally and transaction proceeds without transmission of the card identification number. Neither the merchant nor the bank receive credit card details and after the transaction is completed, all details are deleted.

The Caroline wallet device is adaptable to any chip card, credit card, debit card, electronic purse or e-purse reload applications, ACS claimed.

"The Caroline acts as a vault in which consumers authenticate themselves and removes the need to send personal information over the Internet," Anastasiou said.

ACS Group is aiming to launch the system in November, and is still under nondisclosure agreements with ANZ and several other banks for endorsement, according to Anastasiou.


Covadis Communication Management System

Under the Covadis-developed virtual payment system, all parties of a transaction are protected, according to ACS Group.

Peter Anastasiou, managing director of ACS Group Australia, said the system uses reader processing more commonly found in CD-ROM technology - DSP (digital signal processor).

CMS contains algorithms which provide 2048 bit encryption levels. While a microprocessor-based reader could take up to five minutes to decrypt and read information stored on a card, the DSP-based processor takes less than seven seconds, Anastasiou said.

The reader also employs secure tunnelling, therefore communication is direct from reader to back-end of the merchant's and bank's management systems, he said.

The cost of device will be less than $100 to the consumer.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about ANZ Banking GroupAustralian Computer SocietyCMSMastercardVisa

Show Comments