Swiping credit cards or using payment systems like Apple Pay at stores could become much safer thanks to a new Intel system, which could also make it easier for retailers to secure data after transactions are completed.
With security breaches and customer data theft on the rise, Intel has developed Data Protection Technology for Transactions, a hardware-software bundle designed to protect credit card and personal data from hackers when transactions are being authorized.
Intel will market the chip technology to makers of point-of-sale (POS) systems, PCs and mobile payment terminals. NCR, the world's largest maker of payment terminals, has plans to put Data Protection Technology for Transactions on its products.
Intel's hardware and software security platform is adaptable to multiple payment systems. It will be supported on the latest Atom and Core processors.
This is how it works. Once a credit card transaction is made at a payment terminal, Intel's technology creates multiple layers of security to protect data. A POS terminal encrypts the data, which is transferred through a private tunnel to the credit-card processing company and ultimately to the bank authorizing the transaction.
Bundling on multiple layers of security minimizes the risk of data getting intercepted in the course of paying for products and services, said Bradley Corrion, platform solutions architect at Intel.
The technology can also be used to protect the transfer of customer information to data centers, where analytics and business intelligence applications can be used to identify buyer trends.
"We need to make sure retailers have the tools they need to collect data from the end point and hold on to it securely," Corrion said.
Consumers are also using new forms of payment, including Google Wallet and Apple Pay, which use NFC (near field communication). Intel's technology can protect NFC transactions, and can create a secure layer so payment data is securely transmitted.
The Intel system handles every step of a transaction, making it easier for retailers to deploy, Corrion said. Other systems use separate payment peripherals and encryption technologies, which are difficult to manage centrally, he said.
Intel's technology provides a level of communication and lockdown below the software level, thus providing a verification and security level that normal human error will not have an effect on, said Greg Buzek, president of market research firm IHL Group.
Most security today is software based and over 90 percent of retail breaches are due to password issues, Buzek said, citing a security report from Verizon.
"This is a critical technology for retailers who have far flung stores and branches, with a myriad of devices connected," Buzek said.
Another benefit of Intel's technology is systems management in a secure manner, Buzek said.
Intel's technology can accept payments only from recognized terminals with the security layer, locking out unauthorized payment systems.
"Many of the vulnerabilities that exist from our desire to plug and play go away. And as the number of devices radically expands due to kiosks, beacons, wayfinders, cameras, mobile devices and payment devices, this provides a sort of Big Brother oversight to all of your legitimate devices," Buzek said.
The software layer on the chip can be updated with the latest firmware to keep up with the latest encryption algorithms. Intel uses a number of data encryption technologies to scramble data, including the widely used SSL (Secure Sockets Layer), SHA-256 and AES-256 and RSA cryptography technology.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.