How do you see the primary role of Oberthur Technologies?
We all live with embedded technologies and behavior has changed more in the last 10 years than in the previous century. OT ensures that these uses are safe for consumers and companies. This is essential, since roll-out of these technologies is based above all on trust. Consumers and companies want to protect themselves from fraud. We protect the billions and billions of items of data in circulation and secure access to premises and resources.
What are OT’s areas of activity?
We offer our expertise in four activities. Firstly, the essential sector of payments. The main use is payment cards. Followed by telecommunication networks. Our flagship product is the SIM card, which everyone is familiar with. We also secure the connected objects sector, which is currently expanding and will grow quite spectacularly in the next 10 years. Finally, there is a fourth segment for OT, relating to governments and access to infrastructures. Your passport, driving license and identity card have become major security challenges in an insecure world.
Security needs have migrated from our computers to embedded objects. This is a very Darwinian evolution, since the disruption has been rapid and sometimes brutal.
Yes, you’re right. Twenty years ago (and 20 years is a generation), it was PCs that required security protection. In the early days of computing, only a small number of objects needed to be secure. At that time, we worked on 130 million PCs a year. Then, in the 2000s, telephones and smartphones were launched and the figures exploded. The current trend is for 1.3 billion smartphones to be sold each year.. Finally, the third stage, covering the current decade, is that of connected objects. Figures vary depending on the sources, but 8 billion connected devices are supposed to be shipped per year forecasted by 2020. You can see that at each stage of this technological advance, at least one zero is added to the number of connected objects.
Have the dangers followed the same trajectory?
Yes, fraud is evolving alongside usages and tools. The risks are particularly high since some connected objects will be directly linked to the internet and operate using Android, in other words an open protocol.
Strangely, the transition has been slowest in the United States, when we might have imagined the opposite. How do you explain that?
Americans are currently migrating from cards with magnetic strips to smart cards…
You mean that Americans don’t use smart cards, like us, to pay for purchases or withdraw cash from ATMs?
That’s right, but there is a reason. Americans invented the payment card. They went to the limits of this technology, which involved significant development costs. Before changing technology, the aim is always to maximize the profitability of the preceding model. That is the logic of the experience curve. So you won’t be surprised to learn that the Chinese moved directly to contactless. In countries where the internal market has taken off, the right solution was to make a technological leap.
Sorry to return to the US market, but was there an event which triggered the transition?
There were several stages. In 2013, the chain store Target faced a major crisis of confidence. Some stores’ files, including a database of 70 million customers, were hacked and resold on the black market. Hackers are smart. The files lay dormant on servers.
They were gradually and discreetly released to avoid alerting victims too suddenly. As a result, US consumers blamed Target and boycotted its stores. You can imagine the collateral damage! The same thing happened with Home Depot. As I said, commercial relationships are based primarily on trust… And trust is based on the ability of retailers – and commercial organizations generally – to guarantee their customers’ total security. That’s where we come in.
So the US market is an important challenge for you?
Americans were the least protected and hackers always gravitate towards open and weakly protected markets. OT represents 30% of the US EMV market, in which we are also the leader in supporting the migration to smart cards. We are a global company, attentive to the technological situation in a given region.
And in Europe?
Across the continent as a whole, fraud has moved to the internet, which for obvious reasons accounts for 65% of fraud. When making an internet purchase, we supply our bank card number and three-digit CVV code.
And you have recently made a decisive step in this respect?
Yes, we have recently unveiled a revolutionary innovation, OT MOTION CODE™, featuring a dynamic code which changes regularly. Let’s say, for example, that you make a purchase at 3pm and your code is 249. An hour later, it will have changed to 591. You can see that this represents an incredibly efficient means of fighting internet fraud. It presents fraudsters with an insurmountable obstacle, since several days to a few weeks generally pass between the theft of data and its fraudulent use. The stolen data becomes obsolete in a few minutes.
Have you found a banking partner to roll out this innovation?
From November, the BPCE (Banque Populaire et Caisse d’Epargne) is launching a pilot involving 1000 customers. BNP Paribas and Société Générale have also decided to experiment with this innovation, as well as other clients in the world. The system we are offering is a complete solution, incorporated into the bank’s IT system. A server synchronizes with the cards in circulation to authorize the transaction. The advantage of this innovation is that it integrates directly into daily usages. Sometimes, new technologies require a learning process. That is not the case with OT MOTION CODE™. It is totally transparent for the end-user and the retailer and fast to implement for banks.
Will secure cards become more expensive?
Embedded technology requires investments and OT has invested massively in R&D and in our industrial tool. Yes, the price will increase for banks, but in very reasonable proportions and prices will soon come down. It is a common phenomenon with new technologies. Development costs are high, but once they reach the mass market, they always eventually fall. I am not sure that the price difference will be very significant for end-users, but that decision will be up to banks.
In the field of mobile payment, you have an agreement with one of the market leaders, the Korean firm Samsung. What does this involve?
Yes, we are working with Samsung as a result of in-house software which makes it possible to remotely register bank details on a telephone. Smartphones are fitted with a secure element which receives data from the bank. But that is not enough on its own – we manage the Samsung Pay system in real time with a very high level of security. This is already in the realm of future usages, or rather usages which will be widely adopted very quickly. We cannot rest on our laurels in our business. We need to monitor the market and plan technologies which will keep pace with progress, since all these solutions are ultimately additional services for companies and consumers.
What are the next steps for Oberthur Technologies?
Vehicle manufacturers are working on connected cars. They are looking at connection to the internet, which already exists on some cars. This includes the emergency call feature, for example. Plans for predictive maintenance are in the pipeline. It is already possible to start your vehicle remotely via the internet using a smartphone. But you can imagine the security problems which arise when the signal travels via the internet. Security is essential in an open system. The challenge is to protect private vehicles and fleets of company vehicles. There’s no room for error in this field.
How do you position yourself in relation to connectivity providers?
Our mission is to make consumers’ lives easier. Here is an example. Users must retain their decision-making power. Let’s take the case of a driver who wants to download movies for his/her children in their car. He/She must be able to use the technology irrespective of his/her connectivity provider. With the vehicle’s embedded card, he/she should be able to change operator remotely. In our jargon, we talk about an OTA (Over-The- Air) model. Our SIM cards are pre-programmed to be compatible with several operators and make this possible. For example, we are working with Telefónica and other operators to demonstrate that this interoperability works.
What is important is to make progress available to the public. We are obsessed by changing usages and we work relentlessly each day to provide reliable and useful services and solutions to companies and consumers.