So... just watching the late night news, and seeing that these new RFI
credit cards have quickly caught the attention of the thieves - no freakin'
surprise! Who woulda thunk it?
So - the "advice" to the consumer is to take extra measures - buy new
"special" wallets to protect your RFI card from being hijacked.
Wait just a minute here - did we - the consumer demand this "cool new card",
or was it foisted on us by the credit card companies? Why should the
consumer have to take *any* steps to protect themselves? Why would the
credit card company not be liable for any fraud perpetrated from their
latest (ill thought through...) "idea"?
Why are these credit card companies not held criminally liable for these
ramifications? Should they not have anticipated this kind of event (it was
kind of obvious...), and built in the protections for the consumer? So -
the consumer will be the victim, and have to bear the cost of dealing with
this - while Visa and MasterCard go blissfully on.
Something is really wrong with this picture.
I have a better solution: a center punch (or nail set) and a hammer.
Applied directly over the chip in the card. No more "new" security
problems! You still have the same security problems you had before
RFID technology, can't help you there. This same technology is in the
new US passports. The govt kinda gets upset if you "fix" them
though. Better go with the foil-lined wallets there.
I think you can relax a bit.
Is this not the same Chip & pin that Europe has used for years? The one
that cut fraud by 80%?
Just having a credit car number does not get you anything. You still need a
PIN or expiration date and security code.
As for security and liability
Banks originally not liable by default
The Chip and PIN implementation was criticised as designed to reduce the
liability of banks in cases of claimed card fraud by requiring the customer
to prove that they had acted "with reasonable care" to protect their PIN and
card, rather than on the bank having to prove that the signature matched.
Before Chip and PIN, if a customer's signature was forged, the banks were
legally liable and had to reimburse the customer. Until 1 November 2009
there was no such law protecting consumers from fraudulent use of their Chip
and PIN transactions, only the voluntary Banking Code. While this code
stated that the burden of proof is on the bank to prove negligence or fraud
rather than the cardholder having to prove innocence,  there were many
reports that banks refused to reimburse victims of fraudulent card use,
claiming that their systems could not fail under the circumstances reported,
despite several documented successful large-scale attacks.
This changed on 1 November 2009 when legal, rather than voluntary,
regulations came into force requiring banks to reimburse cardholders unless
they could prove that the transaction was authorised by the cardholder.
On Wed, 16 May 2012 23:49:44 -0500, Tim Daneliuk wrote:
Using cash will never happen. People have gotten so lazy that they would
say that it was easier to swip a card than to dig some moeny out of their
wallet. It's not hard to believe that a lot of people out there have no
idea how to keep a buget anymore since credit cards have appeared.
We moved over 700 miles about 9 months ago. The credit card was the only
way to pay the movers. The last time I moved, many years ago, we had to
have a certified check for the cost when the movers picked up the
furniture. This was bad for two reasons. One it was inconvenient
trying to get to the bank while you are trying to complete other things
that had to be done as part of the move, and having that large of a
check in the insecure situation. Two: The movers were then responsible
for carrying the large negotiable check around in their truck. We also
got a large number of "Thank you points" for the transaction.
I am a Republican and know the need for a budget whether personal, a
business or a country, so we do 90% of our purchases by credit card. I
can down load the transactions, and see exactly where our money is
going. I can easily see when one of the categories is going out of line.
Let me provide some context for the "use cash" recommendation.
I have a high tech consultancy. About six months ago, I was contacted
about providing services to help a number of large banking institutions
implement the EMV smartcard standard. I brushed up on the technology
and here's what I found out:
- Mastercard/Visa defined the standard for EMV but are themselves
incapable of fully implementing it. Both the technology and,
more importantly, the changes to their business processes
are very complicated. Ditto Amex once they joined the party.
- This isn't just a technology that makes sure you are who you
say you are. Fully implemented EMV would actually have full
applications software running out of the smart chip. The
real money isn't in charging you ATM fees, it's doing deep
analytics on your buying and spending patterns and selling
that information to marketing and retailing companies.
- Another unnamed player here is the National Security Agency.
They are busy building an enormous data warehouse out West
where they plan to capture pretty much anything electronic,
encrypted or otherwise. They want to develop a complete view
of who you are and what you do by connecting the trail of
electronic litter you leave behind and they're doing this
domestically without warrants or court supervision:
- Despite what you may see in the popular press, the Next Big
Thing in technology isn't some game or the Facebook IPO. The
NBT is here, it's called "Big Data". A ton of effort has
gone into grinding through enormous piles of data to extract
knowledge from noise. There's even a "free" open source
project for this (Hadoop). Why is this a big deal? Because,
in the past, your data trail was like finding a needle
in a haystack. Now the needle hunters have tools that make this
quite reasonable to do.
- If you have a modern car, it probably has GPS tracking built in.
Your smartphone certainly can be used to track you. In fact,
*every single keystroke you type is captured* is you use an
iPhone or Android device.
- The combination of realtime data capture like EMV combined with
Big Data mining tools, and implemented by government agencies
without a bit of legal restraint means that ... YOU HAVE NO
PRIVACY. Everything you say, everywhere you go, and everything
you do is now available both to Big Brother Government and
every private sector corporation with enough money to buy the
The short and the long of it is that privacy is dead unless
you're able to completely go off grid ... which is impractical.
Using cash when you can will reduce your data footprint noticeably
but at the end of the day, you and your behaviors are essentially
on display in the middle of town. The only hope we really
have is to count on the complexity of all this stuff
slowing down adoption considerably. That's certainly been
true for the regional banks and point-of-sale retailers but
it ain't true for the NSA. They're smart, they have lots of
(our) money, they don't much care about legal fine points like
warrants, and the Obama Department Of Justice is pretty much
ignoring it all.
IOW ... We're Doomed ...
Tim Daneliuk firstname.lastname@example.org
PGP Key: http://www.tundraware.com/PGP /
You're a bit behind times, Bubba ... it is not the next big thing, we in
fact are well past that leading edge.
This is exactly what Facebook, and Google, have been intent on since
coming onto the scene, collecting that "big data" is both entities sole
reason for existence ... Google is especially adept at it due to the
opportunities their search engine algorithms provide, as well as their
mobile Android OS. It is, in fact, the wellspring of Google's revenue.
Facebook are still newbies at the game and Google is lightyears ahead of
them in that aspect, despite Facebook's 900,000,000 user base
Anyone who uses a smart phone, along with the apps that run on same,
Android and IOS, are, in some cases unwittingly, also providing the
grist for the "big data" mill.
Right now, collection is being driven by advertisement revenues, but
that is only the tip of the iceberg since the government realized a good
while ago that they needed to be in the game.
But you're right .... reading, and understanding, TOS' is getting both
more and more important, and more and more futile.
We are indeed toast ...
But that's not what I was talking about. "Big Data" is something
relatively new. Google kicked it off, but it's really hit its
stride outside Google (and government) within the last year or two.
In the 1990s we were talking about gigabytes. In the 2000s
it was petabytes. We're now at exabytes and mining data at
that scale has never before been practical until very recently.
The other thing that's changed is the ubiquity of "smart"
devices - phones, credit cards, cars, appliances, and so on.
Assuming someone has access to these devices via some
network connection, they are all providers of new data to
Tim Daneliuk email@example.com
If you know what you are doing, you can avoid being a marketing info
goldmine through rooting and modding your phone. My phone is rooted
with a ROM with CIQ removed and I have disabled all location services.
I know they can still gather location information, simply by my usage
of the phone (cell tower location) and probably via other methods, but
the utility of these phones is amazing and enough for me to accept the
intrusions into my privacy.
I do use cash.....theirs...for approximately 28 days. :-)
And I get cash back.
I once had a GM card where I accumulated a $4600 credit on a new GM
vehicle. When I dickered the price down to as low as I could and then
agreed to buy, the salesman nearly choked when I told him about my $4600
I did the same but in 1997, $3600 IIRC the salesmen did not care, the
dealership was not loosing any money, they simply collected that amount
directly from that GM entity. And truly I am not sure the salesman ever
knew about that credit as that was all handled in the closing/finance
office. Pleas write us a check for "X" - $3600 and please verify that
you want to take your credit at this time with the GM Card rep on our
HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.