Smart Swipe card reader

Smart Swipe can add an extra layer of security if you are using your credit card online.

Typing credit card details into a form on a website can cause problems – malicious programs on the computer can record your keystrokes or even take surreptitious screenshots in order to steal card information. Many websites allow users to store their card details but these can also be attacked by hackers.

The Smart Swipe card reader is a small, plastic, egg-shaped device with a row of blue status lights inside the swiping slot. It sits in an oval plastic desktop stand and connects to the PC using a USB cable. Only credit cards, charge cards or Visa debit cards can be swiped.

The software installs a toolbar button in Internet Explorer 6 or later (other browsers such as Firefox and Chrome are not supported, which is a shame). It uses a database of websites to know which boxes on a page require which security details, but even if it doesn’t know about the site you’re using it will attempt to fill the page automatically, or ask you which boxes are which (it will then remember those choices).

When you arrive on a checkout page, you are prompted to swipe your card. The reader encrypts this data before it is sent to the PC and sends it directly to the website using a patented method of security.

You then have to type in the card security number (CVV2 number) which is not stored on the card’s magnetic stripe. The Smart Swipe can remember this number too if you like – if you do, a secure number is created by the software (for security reasons, Smart Swipe would not reveal how this is generated, except to say that it does not contain any card details) and associated with the CVV2. If you opt to store it, you have to type it in each time. Nothing is stored in the actual reader.

After you confirm that the swiped information is correct (the full card number is not displayed), it is sent securely to the website, entered in the correct boxes and hidden with padlock icons. Note that it doesn’t protect against phishing sites, and it won’t work with sites that don’t use encryption for your card details, but then it’s a bad idea anyway to shop with sites that don’t encrypt that information.

Pop-up screens guide the user through each step of the process, but it took us a couple of attempts to get used to it. The manual ‘customized protection’ procedure is not very intuitive and it’s a shame there’s no training utility or video to allow users to safely get familiar with the product before using it in anger.