Saturday, December 17, 2005
RF ID PayPass credit cards... a good idea?
Robin's Commentary Part 2
what's in your wallet?
you may not like the answer.
one of the newest items to rollout is using an RF ID embedded chip inside of your credit card for a process called PayPass in which you no longer have to swipe your credit card or debit card through the card reader itself, instead you only have to "Tap" the card to the reader.
Although it sounds wonderfully convenient because you would no longer be bothered with the hassle of signing receipts and entering pin numbers because they will no longer be required.
MasterCard (Chase) is one of the companies that had started to use this technology.
To understand why I'm concerned about this... let me address how I understand the technology.
The technology is called "BLINK", which works with the same principle as the RF ID tags that are in merchandise in stores. It has an antenna in which it receives its power from and when activated it emits an encoded signal which the reader picks up.
The company claims that the cards have a range of about 4 inches and can be read through your wallet... however, just like any type of radio signal, there are two factors which have a major influence on the range of the device.
#1) the signal strength of the transmitter.
#2) the sensitivity of the receiver.
A signature is not required when using a blink card because Chase feels that the encryption and other security features built into the blank make the card secure without the need for a signature. of course, unlike a debit card which requires a pin number for security, the blink card only requires the card to touch the reader. This in no way identifies who the rightful owner of the card is.
Another problem with the card depends on the location of the terminal (reader) itself. In some cases, if two or more terminals were close together, not only did both terminals read the card, but the read range of each terminal increases to as much as 30 feet.[NPR]
Even if the terminal is operating within the proper range of 4 inches, some people are worried that they could accidentally walk too close to a terminal and end up paying for someone else's purchase.
One of the security concerns is somebody with a RF ID sniffer device could capture your credit card information without coming in physical contact with the card and duplicating that information onto another card (or emitter) without you even knowing it.
The credit card is designed so that it can not permeate metal, meaning that if you put it within a metal sleeve that readers can not read the card and thus gives you some control over the card.
To permanently disabled the RF ID, there are devices that will do this. However, without doing further research and with the risk of damaging the card at this point I do not recommend experimenting with one of these devices like Tagzapper
To sum up... the technology may make it more convenient to purchase items, I just want to have the choice of whether or not I wish to use this type of technology or not.
information sources:
Kim Zetter, reporter for wired news -- guest on NPR radio
How Stuff Work - How Blink Technology Works
Subscribe to:
Post Comments (Atom)
5 comments:
hummm. I never thought of that one.. thanks
Robin, you are wise to concider this eves-dropping as a personal threat. For more eye-opening information on this trend check out this link that is following this technology:
http://www.motherjones.com/interview/2005/12/albrecht.html
Welcome to the real BIG BROTHER.
Sorry if link doesn't work go to www.spychips.com and click under the Mother Jones article. Bob
thanks.
also check out implantable devices such as Digital angel Corp. offers
http://www.worldnetdaily.com/news/article.asp?ARTICLE_ID=17705
Hm..I guess those swipeless cards are really NOT secure enough. Otherwise everyone would be using them. I didn't think they were around in 2005....
Post a Comment