The Universal Card 358
retro128 writes "Wired News is carrying a story about a new product from Chameleon Network that's supposed to replace all of your credit/debit/customer cards. It can read the information off of the magnetic strips of credit/debit cards, scan the barcode off of customer loyalty cards, and even memorize the RFID signals of devices like the Mobil SpeedPass. All of this information is stored in a device called the Pocket Vault, and is unlocked with the user's fingerprint. If you wish to use a magnetic strip card, you select the card from the touch screen and put a Chameleon card, which looks like and can be run in standard readers like a credit card, in the Pocket Vault. The Chameleon card will then assume the identity of the card you selected, but only for 10 minutes. In this way, if the card is lost or stolen, nobody can use it. In the case of RFID, you just hold the Pocket Vault up to the RFID scanner for a reading. For barcode-based cards, the barcode will appear on the screen and can be scanned by a standard barcode reader. Chameleon Network says this technology will be available in early 2005 and is expected to cost under $200."
Yes but what about bluetooth? (Score:3, Funny)
Re:Yes but what about bluetooth? (Score:2, Funny)
Re:Yes but what about bluetooth? (Score:5, Insightful)
Yeah, that's the obvious problem. Who's to say that the information in the card database is for your credit card? Couldn't it be anyone's credit card?
Credit card companies have taken steps to link the physical card to the bearer - putting your photo on the credit card, printing on the card that merchants should request ID confirmation, etc. This completely sidesteps those mechanisms.
In short,this is the perfect tool for credit card theft. Work at a diner for a month, and scan every customer's credit card into your Chameleon. You can then take a great free vacation to another state and pay for every expense on a different credit card.
It took me about 14 seconds to realize this. And yet, some company spent $beeleeons developing it - probably relying on the old "we can paper over the problem with marketing hype" tactic/fallacy. Any chance the Chameleon is made by Diebold?
- David Stein
Re:Yes but what about bluetooth? (Score:5, Insightful)
The average person (i.e. almost everyone) has precisely zero reason to carry someone else's credit card (and if they had them, many stores wouldn't accept one that wasn't yours since they're not supposed to do so). This device may simply make the valid assumption that all of your cards should have the same name (which is stored magnetically in the card, if I'm not mistaken).
This would, at least, prevent stealing more than one person's card.
Small Problem (Score:4, Insightful)
"Jonnie Public"
"Johnathan Public"
"J. Q. Public"
"Johnathan Quincy Public"
Re:Small Problem (Score:5, Interesting)
Re:Yes but what about bluetooth? (Score:4, Insightful)
But everyone has to trust the device to enforce that restriction. A hack for this device, or a copycat device, would exploit that trust quite easily.
- David Stein
Re:Yes but what about bluetooth? (Score:4, Informative)
*****
Dear Malachi,
Three-digit credit card security codes will appear on the Pocket Vault screen when you press the "card details" icon. For any card that is currently "issued" or active on the Chameleon Card, the Pocket Vault will then display the security pin and available credit and card balance at the last time the device was updated.
Todd O. Burger
President & CEO
Chameleon Network Inc.
30 Monument Square, Suite 300
Concord, MA 01742
TBurger@ChameleonNetwork.com
W (978) 287-0703
F (978) 369-4661
H (781) 863-1196
M (781) 820-2521
*****
Dear Malachi,
Credit and debit cards can only be loaded to a person's Pocket Vault while the Pocket Vault is docked to a PC or Mac and the legitimate owner of the Pocket Vault has established a secure Internet session.
(The computer and the Pocket Vault actually establish dual secure sessions in parallel on a standard dial-up or better Internet connection with the Pocket Vault website or the website of an authorized Pocket Vault dealer (for example, a major credit card issuing bank). The security and simplicity of our loading process are two of the elements that impressed card industry executives. The complexity is not visible to the consumer and the number of steps the consumer actually takes are few.
The Chameleon Card does have a conventional signature block on its back. Most security experts would acknowledge that the usefulness of the signature is no better than the skill of the average retail clerk who must perform on the spot handwriting analysis by "confirming" that the signature on the card matches the signature on the receipt or the signature entered on the pad at the cash register. Despite the limited value of such verification, we do not alter this verification element. Of course, we think the other security elements that essentially verify that you are the legitimate owner and user of the Pocket Vault represent the real substantive security, and that retailers will eventually come to a similar conclusion, tending to ignore the signature block on Chameleon Cards.
There are two types of places that take imprints: Those that do it as another security tool on top of magnetic-swipe capture of the account number, and those that are completely off-line (e.g., a taxi or flea market merchant.) Those that do it for additional security will no longer need to do this with chameleon Cards. For truly off-line merchants, (about 2% of total credit card transactions or less), the merchant will record the card number by looking at the screen of the Pocket Vault and writing this by hand on the slip. Since worn cards often leave illegible imprints that require the retailer to re-write the number anyway, there is not a great deal of difference here.
The Pocket Vault can store a license type photo (and family and pet photos as well) and associate that photo with any photo ID. The photo displays on the Pocket Vault screen while a photo ID type card is issued.
Please feel free to post this information. You are one of many that has asked such questions, and we are unable to answer all of them. We hope the flood of orders we are seeing (and hope to continue to see) convince card industry executives that we have something here of broad interest to consumers, which could accelerate our efforts.
Thank you for your interest in our product and services.
Todd O. Burger
President & CEO
Chameleon Network Inc.
30 Monument Square, Suite 300
Concord, MA 01742
TBurger@ChameleonNetwork.com
W (978) 287-0703
F (978) 369-4661
H (781) 863-1196
Re:Yes but what about bluetooth? (Score:3, Informative)
*****
License and Other Photro IDs
If we have an agreement in place with the AAMVA (American Association of Motor Vehicle Administrators) or the individual state MVD, it will be the official license image. Otherwise, it will be your photo associated with a Driver's License number. In about 15 states, the license is simply a tool to use in a police cruiser to check the state license database to see if the license is current and in good standing. In those states,
And the difference is... (Score:3, Insightful)
Right...
Re:Yes but what about bluetooth? (Score:3, Interesting)
I this case you require the cooperation of the card producer. Just like HomeLink universal garage door opener has cooperated so we get UGDO. But car alarm companies and car manufacturers have not so we do not have universal keyFobs.
I am more confortable with distribution/decentralization of my money access tools. This is why I dont use
You want me to pay for that? (Score:5, Insightful)
How about YOU pay ME.
Re:You want me to pay for that? (Score:2, Interesting)
Re:You want me to pay for that? (Score:5, Informative)
Seriously. (Score:5, Interesting)
Here's what would make more sense: All credit/debit cards require the reader to verify and register the purchase. Instead you open up a meta-account with a debit card that you register ALL your cards and bank accounts with, and then use just that card, allowing the meta-account to distribute your money for maximum savings or returns. Since interest is compounded daily, paying/investing daily could save/make you a fair chunk of change. Hell, just make it a free government service and make it your driver's license or id, so you don't have to carry anything extra.
Oh, and if you lose it you're not out $200.
Free? (Score:5, Insightful)
Free? Free to who? There are no such thing as "free" government services. They cost tax $. My tax $. Maybe I don't want to pay for your personal convenience. Maybe the guy next door doesn't care to pay for it either.
Re:Seriously. (Score:5, Insightful)
But that's the complete opposite of the truth. It needs the fingerprint of whoever owns the vault, not whoever owns the original credit card. This scheme simply means that if I DO get access to your credit card briefly that I may also have a cheap consumer device, that I don't need to be coy about using, that allows me to easily copy your card. Instead of walking round with a pocket full of stolen cards I have a single vault that nobody else can access.
Any "security" features of the original card are rendered irrelevant because of course I do have a completely valid chameleon card.
Signature confirmation goes completely out because either there is no signature on the chameleon card or, again, it's the signature of whoever owns the chameleon card not whoever owns the original.
To try to spin this as giving added security to owners of genuine cards is absurd.
Re:Seriously. (Score:5, Insightful)
This is the real problem. These guys sound like they have done a great job of protecting the consumer. In the process they have completely ignored the fact that they have created a method of forging credit cards that requires no expertise or special tools.
I think it will not be very long before the card associations tell their merchants that they must not accept these cards.
My vote: the current system (Score:5, Insightful)
Re:Size DOES matter! (Score:3, Insightful)
Why? Because I have thought of designing something like this for myself in the past. Even though I no longer carry half my cards anymore (BiMart, et all), I somehow still manage to have WAY too many... Obviously, i could not replace my drivers license (no Mr. Officer, really, this is valid)... looking through my wallet while replying to this, I found 12 cards that I could easily get rid of. Wierd thing is,
Warning: Vaporware Company Detected (Score:5, Insightful)
I fear that Slashdot's logo is now going to get added to their brag-about-press-coverage page [chameleonnetwork.com]. For the record, the "Boston's WB in the Morning" program they brag about was canceled in 2002.
I'm not suggesting that this company's technology doesn't exist, but their product is pure vaporware [chameleonnetwork.com] and they have lists of good reasons why a merchant, bank, or large company should partner with them, but they can't name any merchant, bank, or large companies who have agreed to partner with them. At least they have a patent appilcation pending [chameleonnetwork.com].
Re:Warning: Vaporware Company Detected (Score:2, Funny)
I will not buy it, Sam I am.
Re:Warning: Vaporware Company Detected (Score:3, Interesting)
On a more serious note, how much of a far-fetched idea did universal remotes appear to be when they were first being developed? While they can be a little bit cumbersome when switching between multiple devices (for those of us who still rig our cable between the VCR, satellite dish, microwave, Bose wave radio, ham radio, heat pump and Tesla coil), it still seems to be generally less hassle than having to sw
Re:Warning: Vaporware Company Detected (Score:5, Insightful)
This interested me... (Score:3, Informative)
Yeah, what did you mean by "suspect?" Are EMC or IBM guilty of producing vaporware? Is NewsCorp not far-reaching enough for you? Granted, not all of these are the most ethical companies in the world... but just an example.
Re:Warning: Vaporware Company Detected (Score:3, Insightful)
Meanwhile, I've got a bunch of Swatch Access watches with contactless smartcards built-in. Why can't we upgrade to something like this instead?
Great idea....for thieves! (Score:5, Insightful)
OMG you are a genious. (Score:5, Insightful)
The only thing that could be done to prevent this is to make it hold only a small number of each type of card. Like only 10 Credit Cards. Still, its pretty much simplyfies the "printing" of stolen cards.
OTOH, i wonder if this will ever work. CC companies must back this up to work, i mean try taking the mag strip off your AmEx (or visa, or
Re:OMG you are a genious. (Score:3, Interesting)
Re:OMG you are a genious. (Score:5, Interesting)
The criminal element factor was my first reaction to this. Back in the day, I worked as a bartender in a restaurant. I also knew a few people who were 'connected', as it were. These nefarious people had access to a magnetic card writer. I had access to a great many credit cards. I'm sure you can make the connection.
I was paid a non-trivial sum for every credit card number I delivered to them, and more for American Express Platinum cards. I was also paid another amount for pilfering credit cards from the office safe -- you'd be surprised how many people leave their cards behind at a bar and never reclaim them. We would always get at least 5-10 a night, and there was a stack of 100's that people had never claimed.
These people would then re-encode the pilfered cards with the stolen numbers and go on a spending spree. In the event of a store with a last four numbers check, or if security was a concern, they just used another corrupt employee like me to type in the correct four digits. I even recieved a few of these cards as bonus payments myself.
Luckily for me, I got out of the business before it attracted too much attention on my part. However, to this day, I will not use a debit card in place of a credit card. At least with a credit card, you have protection. A debt card just comes right out of your bank account. I certainly tried to not give the criminals debt card numbers, but I'm sure a few slipped through the cracks, and I know that there were co-workers less scrupulous than me.
However, I also wonder if you'd be able to use this device in any store. With all the security in place today, I wonder who would accept this as a valid credit card. I can't even buy things without having the back signed half the time. Then again, it's not like the self-checkout lines at Wal-Mart ever physically inspect my card.
Re:OMG you are a genious. (Score:3, Interesting)
It comes down to bank policy. My credit cards, by law, have a cap of $50 of personal liability if they are stolen. But my debit card, by WFB policy, has a cap of $0. Which card will *I* use? Hm...
Re:OMG you are a genious. (Score:3, Informative)
that is why NONE of my cards are signed but say in big sharpie ink.. "CHECK MY ID!"
Technically, if you DON'T sign it, it is not valid. I can see your point about putting "CHECK MY ID!", but according to most terms of credit cards, it shouldn't be honored. Now, if you don't sign the card and don't put "CHECK MY ID" on it either, you are just asking for trouble. Let's say a thief gets a hold of an unsigned card without "CHECK MY ID" in the signature box. All the thief has to do is sign your name with his o
I hope you never travel (Score:3, Interesting)
I know someone who on some occasions had the write the words "check id" to the upper right of her signature because people interpreted it as part of her sig.
Stores REALLY need to start reading the smart chips on cards. I've got 4 or 5 cards with those, but since moving to the USA they haven't been checked once.
Re:Great idea....for thieves! (Score:2)
That's not to say that it wouldn't be hackable (I haven't looked into their encryption methods - anything can be hacked), but it would be a more difficult than you propose.
Besides, the situation you describe
Not so (Score:2)
Its Last name, First name in some. First Last in others. First Initial Last in yet others, etc. I have one card where my last name is misspelled (its ok phonetically).
Also now that i think about it, this needs some kind of text entry too, cos it would need to store the CVV to be displayed on screen at purchase time.
*CVV is the 4 digit number middle right in AmEx cards, or 3 digit at the end of the CC num
Re:Not so (Score:2)
Note that I'm not a real proponent for this. Like others, I consider it something wallets and purses already take care of. This would just be something else to car
Re:Not so (Score:2)
and even memorize RFID signals of SpeedPass (Score:4, Insightful)
Hey, slick, it can memorize a SpeedPass code. Gee, what could posiably go wrong with this?
Now we gotta wrap our speed pass in tin foil too!
Re:Great idea....for thieves! (Score:3, Interesting)
This is going to be the kind of tool that buglars stay up all night praying for!
Genda
Did you read the parent post? (Score:3, Interesting)
Re:Did you read the parent post? (Score:5, Insightful)
Making him decode the cards would be akin to making him testify against himself, hence making it unadmissible in court.
Plus he could always claim (farfetched, yes, but possible) that it was all some kind of equipment glitch or Chamaleon card mixup in a bar or something along these lines
Re:Did you read the parent post? (Score:4, Informative)
HUH ? (Score:2)
The parent was saying to use the RECORDER to steal the card numbers using it to record the customer's card (as you would your own cards) and then sending it to the Chamaleon card to use it in shops.
Just imagine what you could do with the RFID cards. Just walking in a mall recording off other people's cards, or cars !!!
And the irony is that you can even steal the info off these Chamaleon cards.
potentially inconvenient (Score:3, Insightful)
Re:potentially inconvenient (Score:2, Funny)
Re:potentially inconvenient (Score:2)
Just fabulous (Score:2)
Re:Just fabulous (Score:2)
If you did lose/have stolen your wallet, at least you'd know that they'd have to actually hack into the card rather than simply use the visa which would otherwise be in there. Of course, once a backdoor is found it would presumably be easy to automate.
While having the card hacked into is a risk, there are lots of other ways to get at the sam
Gimmie your wallet! (Score:5, Funny)
Re:Gimmie your wallet! (Score:3, Insightful)
I see the parent is modded as "funny," but this is actually a realistic threat. If someone steals my current batch of credit cards, all they need to do is forge my signature, or maybe not even that. No real inducement to harm me, and actually an inducement to keep me from even knowing a theft took place. Now there's a bonus for taking my thumb.
My suggestion: use your little finger. Then either you'll be able to convince them that they should take the less valuable digit, or if they'r
A card is more than just a magnetic strip... (Score:5, Insightful)
Accepting non-original cards opens up the risk of accepting any card with a magnetic stripe as being a stand-in for the real credit card. It would effectively turn all in-person credit card transaction to being as insecure as a web transaction. There's a reason why web merchants have to pay more for their credit card services, and it's that insecurity.
So, it's near certian that Visa and Mastercard accepting stores will be ordered by the card networks not to accept Chameleon Cards from customers. Game over for this technology... it works in the lab but won't work in the real world.
Re:A card is more than just a magnetic strip... (Score:2, Insightful)
If nothing else, cr
Re:A card is more than just a magnetic strip... (Score:4, Interesting)
It sounds like middle-age era to the europeans.
For more than ten years now, we have anbandonned the use of the magnetic tape (not to speak of imprinting...).
Every credit card is equipped with a chip, is protected by a password (a four-digit code) that has to be typed on the card-reader for _anything_ you buy. And if the price is higher than some limit (say $100), the system contacts your bank.
No signature is ever used.
If you want to steal a card, you have to ask for the code (still better than to be asked for your thumb, btw).
It is difficult to copy a card. You cannot simply read it and make a copy. There have been some breach in the past, they have been somewhat fixed afterwards. They have remained small in their extend, and the bank had to cover any subsequent loss themselves (by law). It would be possible to do something even better, but apparently, the costs of upgrading the system are higher than those induced by fraud.
I guess it is the same issue that makes you keep your aging system.
Re:A card is more than just a magnetic strip... (Score:3, Interesting)
I think it's probably due to the different economic and social pressures involved, the strongest being the fact that most US card producing companies are mostly of the large, monolithic type. I've been in an actual room where First Chicago - National Bank of Detroit produces CC's, and not only is the entire Haggerty Road Tech Center building under tight security but t
Re:A card is more than just a magnetic strip... (Score:2)
Sure, a card reader should be able to know that all Visa cards start with a 4, and all Mastercards start with 5, but they still ask the clerk to declare what card it is as an idiot check...
Re:A card is more than just a magnetic strip... (Score:2)
This might be able to fool the ATM machine... but trust me, banks are going to warn consumers against doing it.
Re:A card is more than just a magnetic strip... (Score:4, Informative)
A debit card transaction can get by with just the pin and no physical verification... but that also means an even higher merchant fee. This is why Wal-Mart is no longer accepting MasterCard debit cards as debit cards when the card is capable of supporting a credit card transaction, because that's what's cheaper for the store to do.
Re:A card is more than just a magnetic strip... (Score:4, Informative)
1: Stores get the money credited for debit transactions immediately. They have to wait for credit card payments. That float is meaningful.
2: A credit card transaction is a lot easier to reverse... simply complain to the credit card company. Even if the complaint is invalid, the store's payment for the transaction is held in escrow until that is declared. (Reversed-by-complaint credit card transactions also carry steep penalty fees on the merchant side... the card issuing bank has to eat all fraudulently presented card cases.)
So, for $3 transactions, the debit card is better than the credit card mode because the store is just willing to eat the loss if the transaction goes fraudulent. For $300 transactions, not so much. Trust me, there's a dollar value somewhere at which point the default behavior will spin around... and you as a consumer never will want to use a debit card so long as you have a credit card in your wallet somewhere that can take the hit without incuring intrest.
Re:A card is more than just a magnetic strip... (Score:3, Insightful)
Re:A card is more than just a magnetic strip... (Score:3, Informative)
Where did you get that idea? The merchant always loses, not the bank. The bank is more than happy to reverse the transaction and collect their chargeback fee.
completely compatible? (Score:3, Insightful)
or verify a signature?
not too good..
Re:completely compatible? (Score:2)
Card-not-present transactions cost more in merchant fees because there is of course a higher risk of fraud when the physical properties of the card aren't being checked. Therefore, stores won't go for this.
Re:completely compatible? (Score:2)
Big Ouch at the ATM (Score:3, Interesting)
give up one digit or four? (Score:5, Insightful)
I don't know about you, but I'd much rather have it use a password. I think most people would happily give a sufficiently threatening criminal their 4 digit PIN number (or any style of password) without too much of a fuss, but I'd rather avoid giving anyone any incentive whatsoever to leave me short one digit. It would be a very small consolation to cancel my credit cards after such an incident.
Been done (errr, thought of) (Score:4, Insightful)
This just in, new tool for ID Theft just released! (Score:5, Insightful)
Tm
Stacks of Credit Cards? (Score:4, Interesting)
I wouldn't call that a stack and it's manageable. Never even though of this as being a problem before reading the article.
If someone were to use this gadget, they'd have the 'stack' of cards, AND the gadget to worry about. Right?
Sounds like a waste to me.... Nothing to see here, move along please.
wbs.
Re:Stacks of Credit Cards? (Score:2)
ATM? (Score:2, Funny)
The Ident-i-Eeze!! (Score:5, Funny)
It was an Ident-i-Eeze, and was a very naughty and silly thing for Harl to have lying around in his wallet, though it was perfectly understandable. There were so many different ways in which you were required to provide absolute proof of your identity these days that life could easily become extremely tiresome just from that factor alone, never mind the deeper existential problems of trying to function as a coherent consciousness in an epistemologically ambiguous physical universe. Just look at cash point machines, for instance. Queues of people standing around waiting to have their fingerprints read, their retinas scanned, bits of skin scraped from the nape of the neck and undergoing instant (or nearly instant-a good six or seven seconds in tedious reality) genetic analysis, then having to answer trick questions about members of their family they didn't even remember they had, and about their recorded preferences for tablecloth colours. And that was just to get a bit of spare cash for the weekend. If you were trying to raise a loan for a jetcar, sign a missile treaty or pay an entire restaurant bill things could get really trying.
Hence the Ident-i-Eeze. This encoded every single piece of information about you, your body and your life into one all-purpose machine-readable card that you could then carry around in your wallet, and therefore represented technology's greatest triumph to date over both itself and plain common sense.
Ford pocketed it.
Wow, how convenient. (Score:3, Funny)
A thief can now just steal my vault and get access to not only my credit cards, but get discounts at my grocery store!
I gotta go with the last line... It sounds cool, but it's just more hassle to actually use come purchase time.
"Honey, this was a lovely dinner of sushi, are you sure this isn't too expensive"
"No problem, I'm just going to pay with my pocket vault... and...uh"
"What's wrong?"
"I've got soy sauce on the fingerprint scanner and now it won't authenticate me and give me my credit card!"
"Don't you have cash?"
"I don't use cash because I have the pocket vault! AUUGGGHH THE BATTERY WENT DEAD!"
Universal Card. (Score:2)
wbs.
Credit cards are free, why pay $200? (Score:5, Insightful)
1) Cumbersome
2) Breakable
3) All eggs in one basket
4) A lost/stolen card is replaced by the credit card company. Who replaces that lost/stolen $200 computer?
5) What do you do when the batteries run out
6) What happens when the OS crashes and the information is wiped out?
So many reasons...
Re:Credit cards are free, why pay $200? (Score:3, Insightful)
Picture shows that it fits in a wallet
2) Breakable
You can always use your real credit cards. What if a palm pilot breaks? You write things down on paper. . .
3) All eggs in one basket
Agree with this.. would rather not have everything linked in one breakable / trackable / hackable system.
4) A lost/stolen card is replaced by the credit card company. Who replaces that lost/stolen $200 computer?
You spill pasta sauce on your sweater, you buy a new one and are much more careful if it is exp
Re:Credit cards are free, why pay $200? (Score:5, Insightful)
Picture shows that it fits in a wallet
Picture is clearly photoshopped. The real consumer product has yet to ship.
2) Breakable
You can always use your real credit cards. What if a palm pilot breaks? You write things down on paper. . .
That's nice, but you're still out the $200 device.
3) All eggs in one basket
Agree with this.. would rather not have everything linked in one breakable / trackable / hackable system.
Good, so there's no risk of you wasting $200 on this.
4) A lost/stolen card is replaced by the credit card company. Who replaces that lost/stolen $200 computer?
You spill pasta sauce on your sweater, you buy a new one and are much more careful if it is expensive.
My solution is to not wear $200 shirts very often, and definitely not to eat pasta while doing so. A $200 device had better be durable if it's going to live in my pocket.
5) What do you do when the batteries run out
Considering the plethora or small handheld devices out there, why is this one so much harder to track charge for?
Because having my MP3 player stop playing music isn't as embarassing as not being able to buy what I just took to the checkout.
6) What happens when the OS crashes and the information is wiped out?
Well, you reload the data from either the credit cards again or the backup that was made
You're most likely to discover such a failure while shopping... again, the embarassment situation.
No need for recovery! (Score:2)
That'd be the secure way to do things. Any computer backup of this device's contents is
If it goes by fingerprint... (Score:2, Insightful)
On no, not another learning experience! (Score:2, Informative)
That gives me lots of confidence in the security of Speedpass cards. I predict wonderful "learning experiences" as RFID reading/duplicating technology moves down to individuals. Of course, legal threats are already being used to try to keep that genie in the bottle. (Previous story on Slashdot about nasty letters to people who bought smartcard readers for legitimate reasons.) Sure, that'll work...
Awesome! (Score:2)
Well, it looks neat. But it also looks like a really good tool for theives.
Kewl as hell though, for $200 bucks I'd probably buy one... or two... or three... ahh hell gimme the lot of 'em!
Fun with Fingerprints: Chamelon Card (Score:5, Informative)
I'm a fan (Score:2)
To quote George Carlin... (Score:3, Funny)
Saaaaaayyyy.... (Score:2)
64k? 128? 1 meg? 2 meg? 128 meg?
Hmmm....a better question would be, does it support relational databases that store gigs of information, and hook upto a PC?
What about replacements? (Score:5, Interesting)
Re:What about replacements? (Score:2)
Start simple -- digital cash (Score:5, Insightful)
By being anonymous, my privacy would be protected (at least in theory). It would also be completely unconnected to my credit cards and bank accounts, so it could never be used to steal more than $100 from me.
This is not a trivial problem -- it has some of the same problems as voting (anonymity & non-repudiation).
I think this is already being done in Europe. If only the US would catch up.
Re:Start simple -- digital cash (Score:2)
France has it (Score:3, Informative)
A Lord Of The Rings Moment (Score:5, Funny)
One Card to bring them all and in the darkness bind them
In the Land of Cameleon Network where the Shadows lie.
Terminator 2 (Score:2)
This will never fly (Score:5, Insightful)
- Lose this trinket, and you just gave *every damn card/id thingy ya had* to a thief. Yeah yeah its fingerprint keyed. So what? The data is inside and everything is ultimately hackable.
- It can obiviously be used to swipe magnetic strip data off other people's cards you may be able to handle. As a bonus if it can 'dupe' smartcards, Visa & co wont be happy - they just spent gazillions in moving every (insecure) magnetic card to ones with chip inside. I think their timetable is something like by end of 2005 every Visa card is a smartcard. I'd expect credit card companies to sue the pants off this company for unauthorized reverse engineering of their security features against duplication in the cards. DMCA will be used to pwn these guys. (And if it does *not* dupe smartcards, it will be useless in couple of years when every card becomes one)
- Big credit card companies will just tell to the retailers not to accept anything except Genunie Visa(r) Card(tm)
- Huge hassles with most clerks refusing the cards 'swiped on' with this trinket even without guidance from credit card companies - "that's not a visa card, are you trying to fool me with some thieves tool with copied card data?". The education required to train every damn minimum wage clerk in the world to identify and accept this thingy in place of a real card would be astronomical - EVEN if the card companies would go along with it.
Dot.com boom coming back? This company is beyond loony to even attempt to develop something this stupid.
Re:This will never fly (Score:3, Insightful)
Not to mention - here in europe mobile phones/SIM cards are rapidly trying to wrestle themselves into this position. At first they'll be used as coin replacements - you can already buy soda from a v
Size matters, but in the spy business... (Score:3, Informative)
This'll be great if it takes up less space in my wallet than a half dozen cards. Otherwise, I'll wait for a future, slimmer, version.
Seriously, though, this could be a great idea. Three credit cards, a driver's license, three insurance cards (dental, medical, and auto)... plus a bunch of other cards I don't carry because I rarely use them (voter's registration card, etc) and are therefore at perpetual risk of being lost; this thing has a lot of potential.
The owner is in control of the information on the device, and it appears actually safer than carrying regular credit cards since it can't be used by thieves (assuming it also proves to be secure). My only questions center around the RFID tag, but they could be easily satisfied.
Not on the strip (Score:3, Informative)
Plus, can I sit on it?
This is bad and misunderstands cc theft (Score:3, Insightful)
A week or two later they make a fake card with your magnetic stripe and usually go on a 5000 dollar (the usual single day limit on most cards) spending spree and then fence the goods. The consumer discovers 5000 dollars on his card, usually from stuff purchased when he was in another state, at work, on the international space station, etc and calls the bank up. They issue a new card and reimburse the money.
This happened to me, and not ONCE did my card leave my wallet.
The only real solution to credit card thievery is to have intelligent software that tracks the spending habits of the legitimate user and requires extra verification before allowing out-of-the-ordinary purchases. Like if someone normally buys nothing but gas and groceriers with a credit card and suddenly buys 3000 dollars worth of stereo equipment 200 miles from where they live.... red flag!
Card Reader (Score:3, Interesting)
What do you think of this?
You get a single card that can store all your info, and a card reader at home. You slip the card in before you head out and unlock all the elements of it using the card reader and some kind of authentication thing like a public key (I like codes that thieves will not expect you to know off the top of your head, like a 4-digit PIN--that's dangerous...but can you see a crook saying, "Give me your Universal Card and your public key"?). You could say, unlock all my credit and debit until 8pm tonight, and leave the Visa and Mastercard unlocked until 10pm.
You have to choose a default credit account that stays on all the time, but if you make too many purchases with it while the rest of the card is locked, the credit card company calls you and lets you know. That's it. They don't shut it off, they don't even have to have a live person call you. They just call you and say, "Someone's charging on your locked card, is it you?"
Of course, if you prefer the credit company to be liable, then you have to allow them to shut it off if purchases don't match your typical buying profile whether it's locked or unlocked. If you want the freedom to never have your card shut off, then you agree to pay the charges.
I don't see the point of keeping things the way they are. I don't know about you guys, but I keep all my credit cards right next to each other, so if I ever get mugged, I'm going to lose them all anyway, along with my ID. So I say stick 'em all on the same piece of plastic so I only have to track one thing. And you have to admit, it's definitely more secure than cash any way you cut it. Someone gets your cash, and what recourse do you have?
sev
What are they hiding? (Score:4, Informative)
Is it just me, or does it seem a little odd to other people that several of the principals listed on their web page (including the CTO) remain anonymous? Why the heck would anyone do that? Most companies at this stage splash the identities of their principals everywhere. These guys must have some pretty bad skeletons in their closet to hide like this.
Re:Uhh.. (Score:2)
Re:Use fake telephone numbers (Score:3, Insightful)
So Linus, RMS, that ESR guy... they're all dumbasses then?
There's a difference between concealing your identiity and making sure that your private data stays that way.