For two years, the technology team at Bank of New Zealand (BNZ) has been working on a project to put an end to “skimming” of credit cards. The practice refers to the capturing of information on the magnetic stripe of a card to create a clone credit card. The card holder is then billed – six months to a year later – for purchases they never made and often in places they have not visited.
The security technology, called Liquid Encryption Numbers (LEN), is now in all BNZ credit and debit cards.
Michael Turner, BNZ fraud initiatives manager, who invented and subsequently developed LEN, says on standard bank and credit cards, the data stored on the magnetic strip is static and doesn’t change.
LEN makes this information dynamic, so it changes every time a customer visits a BNZ ATM.
If a cloned card uses old data captured by the skimming device, the transaction is declined. In the meantime BNZ is alerted immediately of a LEN mismatch. If the bank detects a card has been compromised but not yet fraudulently used, it does not need to be blocked.
“Instead, we can just ask customers to visit a BNZ ATM where their cards can be secured by updating the LEN,” says Peter Yarrington, BNZ chief information officer.
Yarrington says the process is simple and automatic with minimal inconvenience to the customers. LEN not only stops fraudulent transactions, it also helps investigators to identify the source of these transactions, he says.
Turner says when BNZ customers travel overseas; they should check their balance at the BNZ ATM at the airport, and do the same thing on their return. “Our ATM customers are now our safest users,” says Turner.
Yarrington says the technology does not require a massive shift in customer behaviour. Nor does the LEN technology require physical changes in the BNZ ATMs.
Yarrington says the BNZ has been granted a number of overseas patents for the technology. As well, the bank is also talking to organisations with which they could work with to roll the technology out globally.
Yarrington says, however, the primary motivating force around the project was to raise the level of customer protection in credit cards. “We don’t want to become an encryption supplier globally to banks. We are looking to wrap up the product in terms of its intellectual property, the description of how it works, and work with other organisations in having it implemented in other banks.”
Yarrington says the technology innovation around LEN did not happen by accident. “Organisations spend millions trying to get this type of innovation that has happened at BNZ.”
He says it is important that an employee who has an innovative idea does not have to go to “too many layers” to be able to talk to the executive team.
He says Turner came up with the idea two years ago and proposed it to the leadership team who told him to go and see how the concept could work out.
For Yarrington, working with the team on a project like LEN is a critical aspect of the CIO role. “As a technologist coming into an organisation like this, one of your challenges is to think how the technology might work to produce better outcomes for the customer.”
He says work on innovations to protect customers from credit card fraud is ongoing. Fraudsters use extremely sophisticated systems, he says. “We have to remain technically ahead of these folks.”
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.