Are tech-enhanced metal payment cards better for security? | PaymentsSource

Metallic credit card

Sleek metal payment cards designed to convey affluence are still in vogue, even as in-app and device-based contactless payment volume steadily grows and many card issuers are opting for cards made of recycled plastic, compostable materials and wood to minimize environmental impact.

But a leading U.S. maker of metal payment cards is betting on future demand for a new breed of metal cards containing additional technology to authenticate users for special and high-risk transactions, as payment card fraud continues to plague issuers and merchants.

“People have been predicting the demise of payment cards for years, but we think metal cards can be used in new ways with technology to make payments more secure,” said Jon Wilk, CEO at Somerset, New Jersey-based CompoSecure, founded in 2000 to manufacture metal payments cards for high-end credit card customers.

CompoSecure is working to diversify its business lines and recently developed a new technology called Arculus, designed to be embedded within the sturdier structure of a metal card, for use when authorizing high-value transactions or new devices, logging into high-security accounts and storing cryptocurrencies, according to Wilk. 

Akin to dynamic-code dongles that have been used in the past to ensure security for logging into computers and other accounts, Arculus uses hardware provided in a metal card alongside existing software to provide a more secure authentication experience that can be highly customized, Wilk said. 

“We see use cases for Arculus in many settings where security requires stepping up multi factor authentication to the highest level and using dynamic passkeys,” Wilk said. For example, a user of a card made with Arculus technology might be required to tap the card to their phone to trigger a higher-level authentication sequence.

The approach, based on global payment card security standards administered by FIDO, eliminates the sending of a text message to the user or the use of a third-party authenticator app, he said.

“Metal cards are a strong starting point for banks and other financial institutions to offer authentication as consumers using these are often viewed as early adopters and tech-forward,” Wilk said. “We can also leverage the Arculus technology with other materials, including plastic, to address the full market.”

CompoSecure is in discussions with banks and major card networks about bringing metal cards with Arculus technology to market, but analysts say the concept may be a tough sell.

Payment technology is evolving away from card-based approaches, with Visa recently announcing a “flexible credential”  that enables issuers to instantly provision a virtual card within a digital wallet, along with the Visa Payment Passkey Service designed for secure one-click checkout for all types of online payments with any device.

Apple also recently announced upgrades with similar effects for Apple Pay, including a standalone passkey app to securely manage login credentials across multiple devices. 

“CompoSecure faces some obstacles in extending metal cards’ function to include a hardware-based security element, according to Brian Riley, director of credit advisory services at Javelin Strategy & Research. “Some cards have been piloted with mini-screens displaying a dynamic card verification code, but it is hard to imagine the workings of a dongle that a high net worth individual might want to deal with,” he said.

There may be a role for a hardware key in the form of a card to replace some existing application-based authentication technology, but it might add unnecessary steps to achieve a similar result, speculated Aaron McPherson, a principal with AFM Consulting. 

“A lot of pieces would need to go into such a card-based solution, and because there are already a lot of better-established alternatives for secure authentication, it might be an uphill climb for CompoSecure in trying to spread mass adoption with Arculus,” McPherson said. 

Wilk said Arculus has generated interest from prospective customers because of consumers’ familiarity with using cards and the potential to support new types of embedded technology in the sturdy format of a metal card.

While CompoSecure has been working on cryptocurrency storage and security solutions for the last few years, the firm’s main business is manufacturing metal cards for banks, Wilk said, adding that CompoSecure touts itself as a carbon-neutral manufacturer. 

CompoSecure, which does not make plastic cards, was among the first to supply American Express with a metal version of its elite Centurion Black card, Wilk said. The firm has also worked with other major payment card issuers including JPMorgan Chase and Capital One to produce metal cards that target affluent consumers and frequent travelers.

Consumer demand for metal cards accelerated in 2016 when the Chase Sapphire Reserve launched in a metal format and reportedly demand was so fierce among Millennials that JPMorgan Chase temporarily ran out of its metal card stock and related packaging.

Citigroup in 2017 added a metal card to its lineup with a metal version of its Prestige card, which is no longer available to new customers, and that same year Capital One began issuing its Venture Rewards cards in metal and continues to do so. Capital One’s Savor One rewards card has a stainless steel veneer. 

A growing number of CompoServe’s metal cards are now produced for banks outside the U.S. that increasingly are offering metal cards to higher-end customers, Wilk said.

“Banks are still investing in metal cards because it’s a higher quality of material and the premium form factor helps keep them at the top of the consumer’s wallet,” he said.


This website uses cookies. By continuing to use this site, you accept our use of cookies.