IBM announced it has developed a new mobile payments authentication security technology based on near-field communication(NFC) technology.
According to IBM, a user engaging in a mobile transaction would hold a contactless smartcard next to the NFC reader of the mobile device and after keying in their PIN, a one-time code would be generated by the card and sent to the server by the mobile device. The technology is based on end-to-end encryption between the smartcard and the server using the National Institute of Standards & Technology (NIST) AES (Advanced Encryption Standard) scheme. Current technologies on the market require users to carry an additional device, such as a random password generator, IBM stated.
The company said it specifically sought to create additional security measures for NFC-based devices due to their increasing usage. IBM cited a survey that stated the number of NFC devices in use will exceed 500 million in 2014.
"This statistic and the fact that 1 billion mobile phone users will use their devices for banking purposes by 2017 make for an increasingly opportune target for hackers," the company stated.