[Cryptography] Keeping Malware from Using Security Hardware

[Jerry Leichter]

> For smart cards this was recognised as far back as the late 1980s with cards
> with a built-in display and keypad, the first I know of being the Super Smart
> Card from 1989.  They never took off, and nor did the later card readers that
> did the same thing.
For the specific case of credit cards, I knew someone who was involved with designing this kind of technology.  One variation simply had the bottom 4 digits of the CC number displayed by LCD's, so that they were time-varying.

The reason the technology went nowhere in the CC industry was entirely based on economics:  The CC industry looked at how much they were losing to credit card fraud, compared it to what supporting the new technology, and decided in wasn't worth it.  Instead they put their money into real-time transaction monitoring.  And, to their credit, they also improved the card replacement experience, with such features as automatically updating vendors who had an established record of repeated charges to the account.
                                                        -- Jerry