The technology that could replace credit cards and passwords
The Melbourne man who invented mobile wireless EFTPOS in the 1990s, Daniel Elbaum, believes Australians will soon need to carry a wallet-sized personal security card to access banking and basic services to protect against the unstoppable threat of cybercrime.
Computershare co-founder Tony Wales and trucking magnate Ian Cootes are among the investors who have already poured $125 million into Mr Elbaum’s venture, VeroGuard, which has been working on a solution to prevent cyber crime for the past 20 years.
VeroGuard has invented the VeroCard, a multifactor authentication device the size of a business card. It offers the “same level of protection as a bank transaction during online use”, according to the VeroGuard website.
Mr Elbaum said the device was already being used by defence forces and intelligence agencies, and it was only a matter of time until it became commonplace, replacing cards and passwords.
“Medibank, Latitude, Optus, [those incidents] are all based on an ID breach that lets you come in and take over the system,” Mr Elbaum told The Australian Financial Review.
Until a year ago, everybody said we’ve got one hardware [a smartphone] let’s use this for everything. Now everybody is moving back to hardware and in three years you effectively won’t be able to log in online without hardware, I can guarantee you.”
The average cost of each cyber breach globally hit a record $US4.35 million ($6.2 million) in 2022, up 2.6 per cent from the year before, while in Australia, the bill reached $US2.92 million, up 3.4 per cent, according to IBM Security.
But Monash University cyber crime expert Professor Nigel Phair is sceptical that everyday consumers will accept carrying more hardware.
"There are a litany of cyber solutions out there but organisations don't pick them up because consumers don't want things that are hard," he said.
“The average punter wants the path of least resistance. Once they have to go through another step they switch off. The best security is the security you don’t see. It could be the most awesome technology in the world, but that doesn’t mean it will be commercially successful.”
Mr Elbaum admits getting consumers to carry an extra piece of hardware in addition to their smartphone is the biggest barrier to the company’s success.
“You have no other choice, you will have to have another device,” he said.
Mr Elbaum said he had been worried since 1996 that “the crooks” will take over the internet.
“The biggest black hole in technology that’s been created is internet security for individuals,” he said. “Nobody knows how to hack this technology yet and it allows you to use all the services in the cloud and never be at risk.
“You can use this technology as a payment device at home and never put your details online again.”
Users of his VeroCard enter an assigned PIN number when prompted by the application they are trying to access.
Asked what happens if you lose your wallet or the device, Mr Elbaum said it remained secure and could be easily replaced.
It went much further than the two-factor verification now offered by most online banking portals, where an SMS code is sent to a customer’s phone.
“A Google authentication is nice, however it is not secure because it is an authenticator, not a verificator,” Mr Elbaum said.
“We are deploying in Defence already. We are the only company in the world which is certified for remote access for the Defence agencies.
“This technology is the equivalent of a guided missile system ... it’s one to one, making sure the communication can be so secure that nobody can hack it.”