American Express has launched a new service, ID Keeper, that turns its smart card into a special-purpose storage device. Now, Amex "Blue" cardholders can store the user IDs, passwords, and addresses to their favorite Web sites onto the chip's memory.
For password security, smart cards limit the potential points of compromise. The user's personal information resides in only two user-controlled locations: on the PIN-protected card and on a password-protected, encrypted backup file. "The difference between this and the 'electronic wallet' is the ability to take your most confidential information and put it on the card--and take it out of the cyberspace environment," said David Bonalle, vice president and general manager of advanced payments enterprise development, American Express, New York.
Amex Blue cardholders can install the ID Keeper functionality onto the smart cards they already possess. "This application is downloaded over the Internet in a very secure way, which is very different from how other applications on smart cards have been introduced in the past," said Bonalle. "It had to be on the card at issuance, or otherwise you were out of luck."
Reliance on ID Keeper also means that cardholders can stop telling everybody on the Web the name of their maternal grandfather, high school, or childhood pet as a secondary password. Similarly, the card should make it more practical for users to choose difficult-to-guess passwords combining a long string of numbers and letters, rather than simply entering the name of one's spouse or favorite sports team.
Users can also stop depending on passwords stored in "cookies." ID Keeper includes a downloadable browser plug-in that pulls information directly from the chip in order to log onto password-protected Web sites, and also assists the user in filling out forms at e-commerce shopping sites.
As part of the ID Keeper rollout, American Express provides free smart card readers to its cardholders and also sells discounted Compaq keyboards with built-in readers. "Any manufacturer that wanted to make our software available on their reader, we would give them everything they needed to be able to do that," said Bonalle. "That's something we would very much like to have happen."
This article originally appeared in Bank Systems & Technology eNEWS,a weekly e-mail newsletter. To order a free subscription, click here: http://www.submag.com/