Is The Unredeemed Giftcard About To Go Away?

Written by Evan Schuman
October 3rd, 2006

A Los Angeles company on Wednesday announced a new approach to digital gift cards, with an eye on security.

Imx Solutions said the products are initially being used by Sears, Kmart and CompUSA along with television’s Ultimate Shopping Network (USN).

Giftcards are quickly becoming an extremely popular retail payment option, but the traditional analog cards suffer from a lack of security when used for E-Commerce. The card itself becomes virtually irrelevant, with the number?which can be guessed or hacked into?the only means of identifying the card. Customers who purchase cards that have already been emptied of their value?presumably fraudulently?usually have little recourse, beyond blaming the retailer.

The Imx approach uses a two-factor authentication approach?aka the “something you have and something you know” tactic. The “something you have” is a credit-card-sized CD and somewhere on that CD?or near it, in the CD’s packaging?is a PIN associated with that card. The PIN will typically be hidden until the purchase is made, and will be often be visible when?for example–a protective coating is scratched off, said Imx Sales/Marketing Director David Farris.

But the “something you have”?the CD?also takes a page from the one-time-password-issuing devices because it has a series of encrypted codes on it that needs to match up with a list of encrypted codes on an Imx server and the correct code “changes twice a minute,” Farris said.

When a customer installs the mini-CD into a computer, it first plays a multimedia advertisement while the card connects with the server and tries to authenticate the customer’s card.

The cards boast both storage and stored-value capabilities and Imx is pushing them as a multimedia advertising vehicle.

But the nature of the mini-CDs also have the potential for both adding additional security as well as CRM capabilities. That is true in the sense that they can capture and transmit IP address information (for additional identification of the user) along with potentially information about what the user is clicking on in the E-Commerce site and possibly even where they visited before and after.

Farris said his people have considered such possibilities, but that different customers of theirs will use different capabilities and that various states, cities and countries have conflicting privacy rules about such data acquisition.

This raises the issue of the morphing of another retail POS and/or marketing tool. Will the digital giftcard morph with the credit card and the loyalty card? Could a contactless payment card communicate and share data with a wireless-equipped digital giftcard?

In the same way that smartphones (which themselves are the morphing of cellphones and PDAs) are turning into personal Point-of-Sale systems, able to interact with vending machines, ATMs and cash registers, will gift cards and credit cards evolve in the next two years into something unrecognizable to us mere mortals from 2006?


One Comment | Read Is The Unredeemed Giftcard About To Go Away?

  1. Tina Henson Says:

    Upon review of current policies of Barnes & Noble and Borders it appears that neither company any longer has expiration or depreciation on their gift cards. As anticipated we believe this is the trend of most retailers.

    I would also like to clarify the pricing structure of Plastic Jungle.

    Buyers never pay more than the selling price of the card.
    Sellers pay a flat fee of $3.99 to list a card for sale for other users to buy.
    Sellers can sell their cards directly to Plastic Jungle for 60-75% of the value of the card.
    Traders pay $3.99 to list their card for trade.

    The average gift card is $40


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.