This is part two of our Point/ Counterpoint series, in which we present two opposing views on Chase's new Blink credit card. (Click here or scroll down for Part 1.)

For background information, read RFID Credit Card - Blink.

* * * * *

One Step Closer to a Cashless Society by Anita Campbell

Back in December of 2004 I predicted that contactless payment systems would really heat up and we would see more activity in 2005.

Well it turns out that my prediction holds mainly to the United States. Why? Because worldwide, contactless payment systems and other contactless cards already are hot.

They are the single largest market for RFID, according to IDTechEx. Usage of such payment systems and other "smart cards" is widespread today in Asia and parts of Europe.

And even in the United States, RFID-enabled payment systems have been in use for years. They just haven't captured the public's attention as much as the Blink card.

Exxon Mobil has offered its SpeedPass payment system for several years, usable at gas stations across the U.S. For paying tolls on toll roads, there is E-ZPass, another RFID-enabled payment system that has been in use for years.

If past experience with SpeedPass and E-ZPass is a good indication -- and I think it is -- such systems are secure, convenient and good for consumers.

Let's break down how the consumer deals with such cards.

In the United States, according to Federal law, an individual consumer has very limited potential liability for unauthorized use of a credit card. Your maximum liability under law is $50, under any circumstances. If you report the loss of the card right away you have zero liability.

What's more, as a matter of company policy, many credit card issuers do not try to hold consumers even to the $50 rule. If it is clear the card was used by someone else, the largest credit card issuers simply wipe out all unauthorized charges, period.

In their FAQs for the new Blink card, Chase reiterates the security features of the card:

10. Are blink purchases secure?

Yes. As always, you are 100% protected against any unauthorized purchases. These transactions are safe because they are protected by an additional level of encrypted security. You must deliberately use the Chase card with blink at the point-of-sale to make a transaction. The Chase card with blink needs to be within an inch of the special reader and correctly oriented to be read. In addition, blink transactions use specific data that is protected by the highest level of security.

The chances of wrong-doers being able to sniff out your credit card information and use it wrongly is highly unlikely, due to the encryption of data and the need to hold the card so close to the reader.

Moreover, the merchant still may require a signature for charges over $25. That's pretty much the same as how ordinary credit cards are handled today.

For certain small ticket purchases, such as at the gas pump, I use my credit card without signing. As far as the merchant is concerned, it could be anyone using my card.

And when I do sign, it isn't much different. Perhaps in only 1 out of 100 times does the cashier ever bother to look at my signature -- I could be writing "Minnie Mouse" for all they notice.

And that doesn't even count the number of times I give out my card number sight unseen, by phone or over the Internet, sometimes on big ticket purchases.

Whether the card has an RFID chip in it or not, my behavior in how I use the card is not likely to change. The only thing that is likely to change is whether I need to swipe the card, hand it to the cashier, or simply wave it, at the point of sale.

In short, I think it's mostly the idea of the capabilities of RFID that has people spooked. That will take some getting used to. New technology implementations always do.

But when consumers stop to think through how credit cards are being used today, and then how the cards with RFID chips in them will be used, they will realize the two scenarios really aren't much different. They will come to a comfort level with the RFID-enabled cards.

Related Entries:
Point/Counterpoint Part 1: RFID Credit Card... - Jun 02, 2005
RFID Credit Card - Blink... - May 30, 2005
If Your RFID MasterCard is Stolen are You Liable?... - Oct 19, 2004
Credit Card Minimums Set To Rise... - Jun 21, 2005

Today and tomorrow we're going to do something a little different: we present two opposing views on Chase's new Blink credit card.

Chase recently announced it will become the first issuer to issue RFID credit cards. The Blink credit card contains an ISO 14443-compliant RIFD tag. Blink cardholders will be able to make payments at select retailers by holding their cards a few inches from an RFID-enabled terminal, rather than handing their cards to a cashier. For background information, read RFID Credit Card - Blink.

Here is the first part of our Point/Counterpoint series on the Blink RFID credit card:

* * * * *

"Scares the Begeebers Out of Me" by David Francis

This new wireless "blink" card scares the begeebers out of me. I can see a huge windfall for one market and a consumer nightmare.

Ga. Credit-Card Holders 'Blink' Cards May 25, 8:19 AM (ET) By SORAYA NADIA McDONALD

ATLANTA (AP) - About 400,000 credit-card holders in Georgia will be the first in the country to use a new technology that allows them to pay for items by waving their card near a terminal instead of swiping it through a machine.

Residents of Atlanta and 160 other cities in the state will test drive the new "blink" cards, which JPMorgan Chase & Co. ( JPM) will begin mailing to its customers June 1.

http://apnews.myway.com...

Just imagine the convenience of being able to pull out that trusty "Chase" card and waving it everything you wanted to buy? Or simply waiving your card in the air at the restaurant to pay for the bill instead of waiting for the waitress to bring your bill? Oh the conveniences of technology.

Looking into potential markets however, I see a windfall for vendors of those little swipey machines the stores use to process your card. See, the store had to buy a special machine that would read your card information from that magnetic strip and then talk to the "bank" to make sure you had a good card with enough balance remaining to make your purchase.

The merchant would buy these machines outright for hundreds of dollars or over time on a lease. (Preferred by the merchant account vendor because they make huge profits on the rental fees.) Now, all their existing merchant clients need new fancy machines to receive the information from the new "blink" cards. Ching baby!

From my reading on MyWay, Google and Yahoo, the new machines will send and receive "encrypted" signals from the card and make a beep when the transaction is complete. This is is supposed to speed up the transaction and make wait times much shorter at checkout. Sounds like a win win for everyone right?

But wait... how exactly does this work anyway? I'm guessing that the machine itself will be doing all the transmitting and receiving and the card will have to be "in range" to be read. According to news reports, no signature is going to be required because the card must be in the presence of the machine to be processed. This just doesn't sound good to me. Having some experience with merchant card readers, merchant accounts, and a good bit of technology I am afraid there might be a gigantic hole to be exploited by those who would steal from you.

The technology exists already to hack into Paris Hilton's T-Mobile Sidekick as we have read in the news -- how long will it take our techno-terrorists to create a method of receiving funds from your credit card by simply walking past your wallet or purse? How hard would it be for an unscrupulous individual to rig a laptop with the new card reader set on $200 transactions and walk through the mall singing cha-ching all the way to the bank?

Oh sure, each card reader is registered and the money's go right into a merchant account so my scenario is a little far fetched, but simplifying it slightly, I can see the possibility of someone being able to get your credit card number (and what ever other information is available from the card itself) simply by getting close enough to read it.

This technology seems to be creating more holes in the system and I personally think the same amount of time and effort should have been placed into Bio-Identification systems and features at the point of sale. It could be as simple as putting the fingerprint information into the card that would cross reference with the bank database, well in my opinion.

I love technology! I love the new gadgets and features! This new wireless "blink" card scares the begeebers out of me.

Related Entries:
Point/Counterpoint Part 2: RFID Credit Card... - Jun 03, 2005
RFID Credit Card - Blink... - May 30, 2005
Credit Card Minimums Set To Rise... - Jun 21, 2005
MasterCard Contactless Payment System Headed to Nationa... - Oct 06, 2004

Here's a recording describing how Chase's new Blink credit card, which is RFID-enabled, works. It is a segment on National Public Radio and it is about 10 minutes long.

Kim Zetter, a reporter for Wired News, talks in the recording in layman's terms about the various security features of the new card.

RFID Journal has a rather substantive article about the new card, if you prefer to read rather than listen.

Hat tip to RFID Gazette for the NPR link.

Related Entries:
Point/Counterpoint Part 1: RFID Credit Card... - Jun 02, 2005
To a Single Card Solution... - Sep 27, 2004
Point/Counterpoint Part 2: RFID Credit Card... - Jun 03, 2005
If Your RFID MasterCard is Stolen are You Liable?... - Oct 19, 2004

Germany's huge mass transit system is getting an RFID-enabled ticketing system, according to a report in Wireless IT World:

"T-Systems International GmbH, the IT services and infrastructure arm of German telco Deutsche Telekom AG, has developed an e-ticketing system in collaboration with the German Mass Transit Authority (VDV), which represents hundreds of regional bus and train companies in the country, said Frankfurt-based T-Systems in a statement on Thursday.

The system consists of several components: the so-called "VDV core application," a semiconductor-based smart card equipped with a miniature antenna, RFID technology for retrieving data from the cards over the airwaves and sensor-based card readers.

The technology allows passengers to pass by a card reader without having to swipe or insert their cards into the device.

Customer data, such as identification number and pricing, are contained on a chip embedded in the smart card. "This is not an RFID chip, which essentially is dumb, but a chip that contains an operating and software application," said T-Systems spokesman Albert Hold. "All data is encrypted for secure transmission."

RFID is used in the process because the radio technology doesn't require the embedded chips to be powered in order to retrieve information, according to Hold. Also, the cards can be read remotely."

Sounds like an interesting technology convergence.

The article also notes that Germany is at the forefront of smart tag development in Europe.

Hat tip to Steve Rucinski for the link.

Related Entries:
RFID and Sports Ticketing... - Mar 02, 2004
RFID Enabled Clothing... - Jun 07, 2005
Yamaha RX-V557 XM-Enabled Home Theater Receiver Review... - Jul 12, 2005
WINMEC RFID Forum October 12, 2004... - Sep 09, 2004

American Express recently announced its first national rollout of a retail outlet using its contactless payment system called Express Pay. CVS drug stores will be accepting Express Pay at the register.

Personally I find the contactless payment systems to be one of the most exciting near-term uses of RFID.

Let's face it, moving inventory around is pretty boring stuff. There is a lot of money in the industry that will hinge on RFID in supply chains, inventory management, and asset tracking, to be sure. I am not minimizing the eventual financial and productivity gains from industrial RFID usage.

But for sheer mass appeal, RFID-enabled payment systems are much more interesting. These systems are likely to change our lives radically over the next five years. They are already in use today, in some cases in pilot tests, and in other cases in full commercial usage handling transactions each and every day.

These systems are accelerating trends that are already well underway.

The trends I am speaking of are our continued move away from using cash and paper checks. We continue our march toward using electronic transactions at the point of sale, faster and faster each year, as this chart from Epay News demonstrates:

The implementation of the Check 21 law in the United States at the end of October 2004, will only accelerate this trend. This law essentially eliminates the last benefit of using paper checks in a store: it eliminates the check float.

I think 2005 will see these contactless payment systems really heat up.

Related Entries:
Point/Counterpoint Part 1: RFID Credit Card... - Jun 02, 2005
Credit Card Minimums Set To Rise... - Jun 21, 2005
MasterCard Contactless Payment System Headed to Nationa... - Oct 06, 2004
RFID Credit Card - Blink... - May 30, 2005

Recently, on a tangentially-related post I made over at the popular culture blog, Blogcritics.org, the comments turned to RFID-enabled, contactless payment systems.

A reader there asked an interesting question about consumer liability for the MasterCard PayPass if it is stolen, etc. I thought readers here might also want to know the answer.

I reproduce the related thread here (for the rest, go over to Blogcritics):

• Comment 12: MasterCard is already in the process of rolling out a contactless payment system using RFID chips.

  The RFID chip could be embedded in a credit card, a key fob, or a cell phone. Then all you'd need to do is pass the card, fob or phone near an RFID reader and voila! Your credit card account would be automatically charged for the purchase. No swiping, no signing, no entering a PIN number.

  Check out this story about Mastercard's new payment system.




• Comment 13: And what if someone steals my phone, card, etc.? They don't even have to authenticate their use of my stuff to steal from me?




• Comment 14: BHW, I asked the MasterCard spokesperson your question, and got this fast response:

  "Hello Anita,

  MasterCard PayPass transactions are just as safe as, if not more safe than, traditional card payment transactions, as the PayPass feature incorporates special security technology to prevent "replay" fraud when a PayPass program is implemented as recommended by MasterCard. MasterCard PayPass also provides more consumer control, since the card doesn’t have to leave the hands of the consumer to be swiped by the merchant. Also, MasterCard PayPass provides zero consumer liability in North America, just like all MasterCard payment programs.

  Hope this helps."





Email it | Click here to leave feedback or comment on this post


Related Entries:
MasterCard Contactless Payment System Headed to Nationa... - Oct 06, 2004
Point/Counterpoint Part 1: RFID Credit Card... - Jun 02, 2005
RFID Credit Card - Blink... - May 30, 2005
Point/Counterpoint Part 2: RFID Credit Card... - Jun 03, 2005