3. · An icard is a cash card that contains security features to protect the identities of the
cardholder and card issuer. These security features are unique to every icard issued.
The value of each icard depends on the purchase price of the goods’ or services
sought by the cardholder.
Identity theft is a term used to refer to fraud that involves someone pretending to be someone else in
order to steal money or get other benefits. The term is relatively new and is actually a misnomer, since it
is not inherently possible to steal an identity, only to use it. The person whose identity is used can suffer
various consequences when he is held responsible for the perpetrator's actions.
Standard validation systems often use multiple inputs of samples for sufficient validation, such as
particular characteristics of the sample. This intends to enhance security as multiple different samples are
required such as security tags and codes and sample dimensions. These icards could be used for
government agencies seeking high security access online or offline, or may act as a remote backup in the
event traditional access to offline or online resources have been compromised. SMS Origin comprises of a
rolling code (or sometimes called a hopping code) used to prevent replay attacks, where an eavesdropper
records the transmission and replays it at a later time in an attempt to make false transactions.
Level 1 Security
Existing icard technology contains a unique 8 digit Card Identification Number (CIN) marked randomly
on the icard for determining sufficient funds held within the cardholder’s bank account. This number is
used in the initial txt message represents the identity of the cardholder in numerical form only. The name
of the account holder is never represented in alpha form for security reasons. This amount is never
declared visibly in plain text form, for security reasons.
Level 2 Security
Existing icard technology contains a balance amount mechanism for indicating to the cardholder that
sufficient funds is held in their bank account before authorising payment of goods or services or
authorising money transfers.
Level 3 Security
Existing icard technology contains an antiphishing mechanism, for establishing the authenticity of the
card issuer’s txt message, and, as a means for indicating intent for accepting the terms of use
Level 4 Security
Existing icard technology contains an authorisation mechanism or Random Reference PIN (RRP) for
establishing the authority of the cardholder and authority to complete payment for goods or services or for
making money transfers.
Level 5 Security
Future icards contains a courier tracking mechanism marked on the card, to instantly assist the courier in
determining the authenticity of the icard, before exchanging it for the goods or services purchased by the
cardholder. The courier tracking mechanism is revealed, only, to the courier at the point of exchange for
goods or services.
5. Typically the string minimum ranges from a 12 digit combined pin to 48.
The randomisation is necessary to avoid prying cryptanalysis. If the txt
message containing the RRP is correct, the cardholder receives an encrypted
PDF document, sent to the cardholder’s email containing a proof of purchase
receipt. An encoded matrix is placed within the PDF document which is
decoded by the icard. This data matrix is used to dispute unauthorised
transactions by the cardholder.
Offline/online shopping/money transfer;
First off, the merchant enters the 8digit Card Identification Number (CIN) of the icard into a txt message
followed by the amount charged to the cardholder’s account. The txt message is sent to the acquiring
bank’s short code over a 3G network.
The cardholders, icard is then inserted into the slot of an iPOS (aka a PINreader) connected to an Iphone
terminal to authenticate the response txt message. The reply txt message contains a cryptographic
credential to establish the validity of the acquiring bank’s identity. If the credential is 100% accurate the
acquiring bank is acknowledging sufficient funds held in the cardholders account, but requires the
cardholder to authorise payment by sending a reply txt message containing the correct Random Reference
PIN (RRP).
A geometric system can provide the following two functions:
· Verification
Authenticates its users in conjunction with an icard, dynamic pin & ID number. The geometric
template captured is compared with that stored against the registered user either on a smart
card or database for verification.
· Identification
Authenticates its users from the geometric characteristic alone without the use of smart cards,
usernames or ID numbers. The biometric template is compared to all records within the
database and a closest match score is returned. The closest match within the allowed threshold
is deemed the individual and authenticated.
In an effort to make passports more secure, several countries have implemented RFID in passports.
However, the encryption on UK chips was broken in less than 48 hours. Since that incident, further efforts
have allowed researchers to clone passport data while the passport is being mailed to its owner. Where a
criminal used to need to secretly open and then reseal the envelope, now it can be done without detection,
adding some degree of insecurity to the passport system. This is a noticeable opportunity for the iPOS
system to take advantage of this market gap. However, the market will ultimately, in time, determine the
merits of the iPOS system and wither or not there is a place for egovernments to utilize the iPOS system.
Logistics & Transportation could be another major area for implementing the SMSOrigin technology. For
example, Yard Management, Shipping & Freight and Distribution Centers are some areas where secure
tracking technology is required. Transportation companies around the world may value security
technology due to its impact on the business value and efficiency.