Barclays to distribute Gemalto devices to its customers
Barclays’ customers have to insert their EMV (Chip-and-PIN) card into the reader and type in their PIN. The PINsentry device will then generate One-Time-Passwords to authenticate the users at log-in and sign transactions. A new password is generated each time and has a short validity period after which it is no longer accepted by the server. The first target for the deployment of this application is Barclays customers who perform third party payments. The other 1.7 million Barclays online banking customers who don't set up new third party payment, will be upgraded to PINsentry when it is needed for their online banking activity. The device is compliant with the standard industry specifications: EMV, MasterCard and Visa Chip Authentication Program (CAP) 2007. It also meets the APACS (the British payment association) requirements.
Barclays did not disclose the cost of the operation, but the bank expects to absorb it thanks to online fraud reduction. Some other British financial institutions are said to be planning the introduction of similar devices building on the Chip-and-PIN infrastructure to provide secure online banking services.