Imagine the impossibility of taking 10 bowling balls, dropping them on the floor, and then later trying to guess which pattern the balls made when they bounced just by collecting them.

Researchers at the University of Twente and the Eindhoven University of Technology in the Netherlands have developed what they say is a somewhat analogous approach for protecting credit cards and passports from being cloned and misused. Instead of bowling balls, however, their approach is essentially to bounce individual photons of light onto specially prepared material on the back of credit cards to create unique and unbreakable patterns for each card.

The method, called Quantum Secure Authentication (QSA), takes advantage of how single photons of light move under certain conditions to create patterns on the back of payment cards that are impossible to reproduce. Single photons of light can sometimes display properties that appear to defy normal behavior, Pepijn Pinkse, a researcher from the University of Twente, said in a prepared statement about the quantum mechanics effort. By taking advantage of this fact, photons can be used to encode information in a manner that prevents attackers from deciphering what the information is. Pinkse was one of five individuals who authored a recent report on the method.

Hack-Proof Cards

As a result, QSA offers a virtually hack-proof way to protect credit and debit cards against cloning. The approach can be used for identity vetting or to verify the authenticity of debit and credit cards, according to the Optical Society, a trade association for optics and photonics professionals. Government buildings, bank and credit cards and all forms of ID can be protected using the quantum mechanics approach.

Pinkse went on to note that because of the quantum properties of light, anyone trying to tamper with the authentication process offered by QSA would destroy the information.

Payment Card Security

Techniques for improving the security of credit and debit cards have received growing attention over the past 18 months or so, especially in the United States. The major intrusions at Target, Home Depot and elsewhere have compromised hundreds of millions of payment cards and exposed banks and other financial institutions to considerable losses from fraud.

A vast majority of the payment cards in use in the United States continue to be based on decades-old magnetic stripe technology, even though many countries started to use newer chip and PIN technologies years ago.

Magnetic stripe cards are considered to be extremely easy to clone, so credit card companies such as MasterCard, Visa and American Express are pushing the U.S. payment industry to adopt smartcards based on the Europay/MasterCard/Visa (EMV) standard. EMV smartcards have embedded microchips that are used to store cardholder data, as opposed to conventional cards that store data on the magnetic stripe.

Even so, an attacker who has access to the information stored on a card can still copy or emulate it regardless of whether the data is stored in a magnetic stripe or in a microprocessor, the Optical Society said in its release. With QSA, any attempt to get at the data will only succeed in destroying it.

Importantly, QSA can be employed relatively easily since it uses simple and cheap technologies.