Research & Development

Quantum photonics promises ultra-secure credit cards

18 Dec 2014

Netherlands-based team develops hack-proof “quantum secure authentication” for security applications.

Researchers from the University of Twente research institute MESA+ and the Eindhoven University of Technology (TU/e), both in the Netherlands, have together developed a secure method for authenticating “physical objects” making them impossible to copy or clone. This quantum photonics-based technique, which could be applied to credit cards and identification cards, will soon be possible.

The research has just been published in The Optical Society’s journal Optica.

Technologists are fighting a continuous battle with criminals who are trying to obtain confidential information from credit cards, identification cards and the electronic locks of cars and other encoded systems. In bank cards the magnetic stripes have been replaced with a chip with a small microprocessor and a secret code, but the chip can still be copied and hackers are finding ways to discover the accompanying code, potentially leading to massive fraud.

The scientists have developed a method which, they say, “makes it impossible to hack cards or imitate their properties, even if those with malicious intent have all the necessary information at their disposal, such as the complete structure of the card”. The method exploits the quantum-physical property that photons can exist in multiple locations simultaneously. This fact is known from the famous double-slit experiment that forms the basis of quantum physics.

The new security technique is based on the following idea: a credit card or similar is fitted with a paper-thin layer of dry white paint containing millions of nanoparticles. A light particle fired into the paint will bounce between the nanoparticles until it escapes. If a bank transmits a complex pattern of light dots, unique for each financial transaction, into such a layer, a corresponding but different unique exit pattern will be observed. The bank will only approve the transaction if the emergent pattern is correct.

Digital defense

The researchers recognized that if the bank employs “normal” light in such a process with many more photons than just the coded light dots, a hacker could scan and measure the entering dot pattern and then project the correct pattern, such that the bank would not see a difference between the real card and the hacker’s signal.

The ingenious solution is based on quantum physics: because a photon can be in multiple locations at the same time it is possible to send a pattern into the paint that consists of fewer photons than light dots. Because there are not enough photons, a hacker could no longer measure the entire pattern, and would therefore not know the code being transmitted and so could not clone the output, while the bank could verify an incorrect output from just one photon.

According to Prof. Dr Pepijn Pinkse, who leads the research, this represents a unique way to provide security for a range of applications such as government buildings, bank and credit cards and car locks. “The best thing about our method, which we've called quantum secure authentication (QSA), is that secrets aren't necessary. So they can't be filched either.

"QSA can be employed in numerous situations relatively easily, as it uses simple and cheap technology which is already available. The layer of paint is cheap and easy to apply and the read out equipment consists of a simple laser, a simple image sensor and an image-forming chip as is present in every modern projector.”

About the Author

Matthew Peach is a contributing editor to optics.org.