RFID MasterCard

starburst writes "MasterCard introduces a RFID MasterCard called PayPass in Orlando Florida. They tout the convenience of no more swiping or giving your card to cashiers. They claim the card has to be within an inch of the reader to be read -- how long till criminals are walking the malls, or next to you in line with portable readers getting your card information?"

Tell me I'm wrong

[Exiler]

I'm haven't read much on RFID tags, but I thought the power came from the reader, so the only thing that would have to be more powerful for the cards to be read from more than an inch away would be the reader, not the card.

Really!

[_Sharp'r_]

How much more efficient is it really to put a card an inch next to a pad merchants will have to buy instead of swiping it through a card reader that already exists everywhere?

Look, the 5 seconds per month people will save with this aren't going to be worth the costs of embedding the RFID, so eventually this will go away based on simple economics.

Re:Really!

[Motherfucking+Shit]

How much more efficient is it really to put a card an inch next to a pad merchants will have to buy instead of swiping it through a card reader that already exists everywhere?

I really have to agree here. "They tout the convenience of no more swiping or giving your card to cashiers." What the heck? Swiping my credit card is supposedly "inconvenient?" I don't think so. I can't remember the last time I shopped anywhere that I had to physically hand my card to a cashier, every retail store seems to have the self-swipe card reader. Swiping my own card takes, what, 2 seconds? Entering the PIN (if I'm using a debit card) takes another 2 seconds.

What's the "inconvenience" that RFID is trying to solve here? Why can't some company concentrate on making it faster for Ms. Soccer Mom to write her $300 check at the grocery store, when she's one of 4 Ms. Soccer Moms in line in front of me?

I agree, this is a solution looking for a problem, and it's going to die a quick death.

Better idea - 2 accounts in one card?

[cygnusx]

This card is not about RFID, it's about making card use in scenarios like drive-throughs easier. Also, it's currently limited to <$25 transactions currently according to the FAQ.

Assuming one likes the idea of small plastic transactions at all, I wonder if it wouldn't be a better idea to _combine_ 2 accounts in one card: one account for the higher-value mag-stripe, and an RFID account with a low credit limit that needs to be constantly replenished.

Where is the security measure? (was: Re:How long?)

[beh]

It's nice to say "you have to be within one inch of the reader for the card to be read", but WHERE is this limit built in?

a) If it's the card itself (a "hacked" RFID that has a very weak response signal), we're on the "safe" side.

b) If it's in the reader (i.e. the reader sends out a weak signal, so that only cards within a few centimeters are capable to receiving to the signal), then we're in trouble.

Given - option B gives stores the "peace of mind", that they'll always read the "correct" card (i.e. the stores won't get in trouble for accidentally charging YOUR purchases to the guy next in line).

BUT - option B means, that crooks can use stronger readers that can scan your card from a few meters away (all that while the user thinks that even crooks need to make it to within an inch of their cards).

Before I'd go for such a card, I would most definetely like THAT question answered...

Even an inch is too much.

[Ungrounded+Lightning]

It's nice to say "you have to be within one inch of the reader for the card to be read", but WHERE is this limit built in?

Even an inch is too much. Pickpockets often have a "bumper" who distracts the target so he doesn't notice the touch on his wallet. Now the pickpocket can lift your card information by bumping into you in a checkout line.

Then a little careful observation as you enter your PIN and your account is toast.