Slashdot Mirror
DoCoMo Starts Cell Phone Smart Card Trial
virtualXTC writes "The Japanese phone company NTT DoCoMo and electronics giant Sony will begin a trial of cell phones with embedded smart cards with speed pass-like capabilities that will allow the user to purchase anything from travel passes to movie tickets just by placing their cell phone near an electronic reader. Potentially the smart card 'can serve as an ID card, travel pass, or login for a corporate computer network, all at the same time'. If they'd just attach a money clip to it, I could get rid of my wallet entirely."
Sure, electronic payment is convenient, but nothing says anonymous like cash.
serve as an ID card, travel pass
behold, they know your every move
#
#\ @ ? Colonize Mars
#
Most cell phones already have more memory than this.
Guy 2: Sure, why not. My night minutes are free anyway.
Guy 1: *Swipe* Thanks.
Guy 2: Hey, did you just buy movie tickets?
Slashdotter are stupid and biased.
My wife loses/destroys cell phones like crazy. Much less her wallet... I would not like this one for her...
...remember good 'ol times when IP used to mean Internet Protocol....
Will make it easier for thieves to steal but limit and possibly track them as well. All the thief would have to do is walk up to the register and the victims card is charged. KA CHING It becomes a race, how long can the thief use it before it's discovered stolen and they have to leave it in the submway? Do the police keep the phone running and charges piling up but use the phone to trace the thief to his residence? Is the encryption used by the phone/wireless any better than the encryption used by standard wireless cards (ie how easy is it to sniff for credit card numbers).
The world of thievery just got more interesting
AngryPeopleRule
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
who grabs your phone from using to purchase lots of things all on your dime until you can properly report it stolen (assuming you're not in a coma from the blows to your head)?
Nothing says 'anonymous' more than cash, and cash still goes places where American Express/Visa/whatever have not been, and probably never will be. Bills still talk a lot louder than plastics...
And it doesn't cost anything for the 'privlege' of spending your own damn money when you use cash...
Kinda tells you something, when the world of 'credit' is starting to favor people who the creditors know will default and be indentured for years upon years to come......
There's no wrong way, to eat a Rhesus...
On the upper west side of manhattan, they tried a "money on a card" program. Chase and Citibank. You could put it on an ATM card with a smartchip or, like I did, just ask for a card, give them cash which value they xfer'd to the card and leave. No names, no signing anything, etc.
It was a huge P.I.T.A. to use it, but I put that down to testing where clerical help are not necessarily the brightest sticks in the bundle :)
However I never renewed mainly because this was cash equivalent. Exactly. With no PIN on the card or ANY protection, you swipe my card, you have my cash and can use it. The minor addition of a PIN would have made the better than cash in that it's not a theft target.
A friend who did this on his ATM card played with it and said: "Oh wait, my ATM card now has value to a mugger? Great."
So in the end, its big feature was what a friend called: "Just like cash, only you can only use it in certain places and it's a pain in the ass." Pathetically, their only marketing point was "you don't have to dig for the right change anymore." (as using currency is really hard for people to handle after 3000 years.)
I'm going to presume that with DoCoMo, you have to AUTHENTICATE the transaction. That someone with a reader can't walk by you or sit in front of your seat and transact your money to them.
There is an opportunity to do it well: anonymously and correctly.
A GSM chip needn't be attached to a phone or an ID (so the guy whose wife kills phones would be fine - all european phones I've used are chipped.) Move the chip to another phone and it's "your phone" immediately.
Do that with a cash chip, and I can send money from one phone to another.
I can rePIN it and pass the chip to Mom and just tell her the (new) PIN.
I can do this all untracably, but verifiably. This isn't new. Electronics help, but it's been doable for quite some time. Again, David Chaum has done good writings on this topic.
So let me get this straight:
I carry around an object that broadcasts what is functionally equivalent to my credit card info to any reader within close proximity?
And so the guys that usually pull credit card numbers out of the garbage, or from lost/stolen card, or from bank records, and make dummy cards that they use in stores* will now be able to set up a portable reader, put it in a pocket, and wander through a crowded subway car picking up credit card numbers without anyone noticing?
Why would anyone want this?
Oh, yeah. Because they want it to be more convenient to make purchases.
Sigh.
*this has happened to me THREE TIMES, including once by a ring of thieves that successfully used the dummy cards in three different airports in three different countries simultaneously, even as my bank's fraud department watched via computer with me on the other end)
So someone gets their hands on a reader for these devices. This can be done by borrowing/stealing a reader from a store that has one installed or by someone who works at the manufacturing plant. Setup a power source and stick it in a backpack. Run a cable down to the reader which could either be in the pack or, if small enough, palmed in your hand.
As you walk through the streets, wave your hand across the phones of people standing around or as they walk by you. A laptop or PDA could be hooked up to the read recording in all the information.
The protocol/encryption is taken care of by the stolen hardware. No need to worry about cracking it.
--
Now if this system is based upon it's own network, then the reader doesn't have to do any decryption of the data. It can just be forwarded down the line to the network's core. The readers essentially become dumb terminals.
But I doubt this is the case. Every smart-card reader system that has a core data store includes storage space in individal readers to store transactions in case the core goes down.
--
What this type of system REALLY needs, as do exsiting ones such as smart pass or that gas station token thing, is some sort of activation button that must be depressed in order for information to be transmitted from the card. This would make it much more secure.
This New Scientist article doesn't cover if such a function exists with these new phones but given past devices that we've seen, I doubt it.
one observation I had when I was in Japan (Tokyo, specifically), was how everything was mostly done in cash, and I never saw a single person using credit card. That's not to say it doesn't exist, of course, but it seemed to me, a visitor, that Japanese are much more comfortable using cash for transactions, and credit card usage is not nearly as common as in the U.S.
That being said, then I wonder if they will take to the "smart card cell phone for financial transactions" thing readily. Most people do have phones, and the large number of vending machines and pay phones, and rail ticket machines that uses cash makes it unlikely that the people will abandon cash at all. So, unless they get to use this on the ticket machines and the millions of "conveniently placed and available everywhere" vending machines, I suspect it will not fly.
Speedpass systems have a fixed ID. These will most likely read something from your SIM card to facilitate switching handsets, as many users do. With today's phone supporting SMS, GPRS, BlueTooth, etc, how long before someone finds a way to read your charging information from afar? 30' bluetooth range? Getting an SMS from Russia?
Before all that other tomfoolery. Look at your wallet: it has your ID cards, money, a Diners' Club credit card, and pictures of your family.
What the hell do you do if you lose it?
I believe the wallet is having too many eggs in one basket.. but people have been getting along with those fine for centuries. The simple solution is to not be a careless fop with things that are valuable to you.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
The big question is will this save retailers money? The grand allure of "digital cash" is that you can do transactions and they won't cost $0.70 each and the credit companies won't get 3% of the transaction value from the merchant. They're more or less free!
In the world of commerce this is what counts. If it was just about "consumer convenience" we'd all just have credit cards and the credit companies would be dirty rich. Wait, that is how it is. Sickening.
Doesnt cost ME anything for using my credit card either, so long as I pay the balance by the due date. Granted the buisness that accepts my card pays a small % to the card company (and/or maybe a flat fee as well), I still pay nothing. I actually GET money for using the card too. There is a big misconception of people who never use a card and always hear about the horrors of credit card debt. You wont accumulate the debt unless you spend more than you can afford to pay off once the billing cycle ends. You also do not get charged anything if you dont carry a balance and your card has no anual fee, and dont use it to get cash advance via ATM, and dont go over your limit (if you do, you need to re-evaluate your finances). Just pay off the balance in full, not just minimum payment, and you pay only what you spent. If you shop around for a good card, you even get "rewards" for using the card instead of cash, like a % back, or points/miles towards purchases/plane tix. In the 8 years or so of using ccards for payment the only time I had to pay more than what I spent was for a laptop I let half the cost ride the card for an extra month as I couldnt pay in full on the due date.
Tm
Support TBI Research: http://www.raisinhope.org