Future Watch: Smart cards
Within three years of becoming used in the US, smart cards have a host of potential business applications, from securing networks and storing digital signatures to accumulating cash and verifying online transactions through a mobile phone. To really make it big, developers must offer one card for all applications, significantly drop price points, and integrate card readers into mobile phones and laptops.
As you walk into your office building, you pull out a credit card-sized device, slide it through a built-in reader on the wall, enter a PIN, and presto: your picture pops up on a monitor, enabling the guard to verify your identity. Seem far-fetched? Well, with the smart card technology currently in development, this could be the norm in 10 years.
Smart cards, recognisable today as credit cards with chips that store monetary units or identification credentials, have not made much of an impact yet in the US.
They are popular in Europe, where making a phone call to verify every credit card transaction is too costly for vendors, who instead read the requisite information off customer smart cards.
But because US telecom rates are low, it would not be cost-effective to replace the current transaction infrastructure there with a smart card system. But there are all sorts of potential uses for smart cards beyond simple transaction verification. The smart card killer app will probably provide increased transaction security for online purchases, especially those made by mobile phone.
And with the increasing e-signature needs, companies are looking to smart cards to reduce the costs of signing up new customers. After all, having somebody sign an online form with a digital signature (the private key stored on a smart card) is much more efficient than mailing and processing forms manually.
Additionally, businesses could use smart cards for network log-in and authentication procedures. This would help prevent unauthorised network access because smart cards are difficult to duplicate.
Jim Cannavino, CEO of CyberSafe, believes that smart cards may even replace PKI (public key infrastructure) in some areas - that individual users will not necessarily have digital certificates. Considering the current hype about PKI technologies, this prediction may seem surprising, but unless PKI vendors make their solutions more cost-effective and interoperable, we at the test centre don't think Cannavino's vision is far off the mark.
Unfortunately, several hurdles are keeping these applications from getting off the ground. First, smart cards developed by different vendors do not follow any standards, making application development difficult. To alleviate this problem, both Sun Microsystems and Microsoft are currently developing smart card operating systems that will provide a standard among cards and their related applications.
To become truly popular, smart cards must also become very inexpensive, less than $US2 each, and the card readers should be conveniently built in to mobile phones and computers instead of standing alone.
Unfortunately, initial smart card technology will require separate cards for each application. When it gets to the point that consumers are juggling 15 cards, the outcry for a single card solution will be enormous. Although the technology for such a solution is in the works, it will probably not be standard for another five years.
As the fate of smart card technology is decided in the next two to three years, one thing is sure: smart card use will only become prevalent when they are standardised and user-friendly enough to make the jump from being a neat technology to a critical business tool.