In an article written for CNET, John Lowensohn writes about HomeATM at Finovate. Here are some excerpts and I've taken the liberty to clarify a few miscues in the article:
What'ssomething we often use for security in the real world but not online?PIN codes. We use them at stores, banks, and ATMs, so why not use themonline? For one, a QWERTYkeyboardlets you create a much stronger, and often easier-to-remember passwordthan you could with numerical digits.
But PINs are still a password andcan be just as good as a password with the right precautions. He then goes on to feature HomeATM as one of the companies at FinovateStartup conference doing just that.
The HomeATM plugs into your USB port and lets you make purchases and transfer money instantly--and securely.
HomeATM.net is ATM hardware for the Web. It's a physical piece of hardware you have to lug around with you. Editor's Note: To be sure, I know that "lug" is the NOT the proper term,(dictionary.com: LUG:1. to pull or carry with force or effort: to lug a suitcase upstairs) as our device is less than the size of a business card (see picture above left) and weighs less than an ounce. The HomeATM device more than comfortably sits in your shirt pocket and since it's designed for eCom use and hooks to your laptop it readily fits in any compartment of your laptop case, let alone a purse or briefcase.
You securely enter your PIN or swipe your debit card to use for P2P money exchanges and purchases on commerce sites. Editor's Note: It also serves as an "authenticator" and an "enabler." It is designed as a 2FA (two factor authentication) module. Banks issue your card and they issue your PIN. So why are we entering: Username/Password when we could simply swipe the bank issued card and enter the bank issued PIN for secure authentication to the bank's online banking website? Once authenticated, it "enables" the consumer to
1. Securely purchase goods online,
2. Securely transfer money in real-time from bank account to bank account or person to person or Business to Business, or yes, Consumer to Business and Business to Consumer...using "ANY US Bankcard"
3. Securely use the online banking services, i.e. Bill Payments. It is the razor and the bank's online services are the blades.
The payoff is that, unlike money-transfer systems that go off the credit and check system (which can take up to three days to clear), the money gets transferred immediately. All the while your data isn't compromised by things like keyloggers or screen-grabbing tools.
Josh continue the article by saying: "The only downside is that you and the person you're sending the money to need to have the hardware." Editor's Note: That's not entirely true. The sender could load the money onto a recipients card or even third party reloadable card and they could immediately have access to the cash. (Of course the downside would be that both the sender and the recipient "would need to "lug around" a debit, credit or reloadable card" lol)
Besides, the price for our "key injected" thus "pre-encrypted" secure hardware swiping device WITH a PIN Pad is less ($12) than the price you would pay for simply injecting the PIN Pad. (usually around $20) and that would be AFTER spending several hundred dollars for a POS device AND another $100 plus for the PIN Pad
So, I don't know...whaddya think? Maybe there's some inherent value to "lugging" around our PCI 2.0 Certified PED.
Oh...and while I'm on the subject, one more thing. The device that we manufacturer specifically for use with ANY mobile phone "enables" your "smart phone" (i.e. iPhone, Blackberry) to become a secure POS device WITHOUT having to "lug around" our device.
Just connect it "one-time" to your mobile device via the earjack, swipe your card(s), enter your PIN(s) and "voilla" your 3DES encrypted payment information is securely stored in HomeATM's HSM (Hardware Security Module) in our PCI certified data NOC. (network operations center)
The user is now "enabled" to use their mobile phone to securely purchase online, transfer money from account to account, to others, etc.
When the user is done "enabling" their phone, they can simply pass our device along to the next person, who can then do the same thing...and so on...and so on...