Slashdot Mirror
Driver's License to be the Next Debit Card
prostoalex writes "Your US driver's license has a magnetic stripe with unique ID in it, and your debit card carries a magnetic stripe with account information on it, so why not link the two together and allow people to use their driver's licenses as debit cards? That's precisely what a young company National Payment Card is doing in select locations, according to Business Week: 'Gas-station owners are pleased with the program too. Because NPC processes the payment as an e-check with the Automated Clearing House (ACH), a network most commonly used for direct deposits, participating retailers bypass credit card companies such as Visa and Mastercard.'"
Well it wont work everywhere, here in Massachusetts the magnetic strip was replaced with a digital barcode a few years ago.
Libertarian Leaning Political Discussion Forum.
Yeah, government and business working in collusion, more so than usual.
Just what I always wanted.
Oh, and now someone can make counterfeit licenses that double as fake debit cards.
Nah, no problems here.
A blog about stuff.
I'm sorry, you're going to have to take your place in line behind all the people who think RealID is a bad idea. This just isn't quite as bad, as yet. These ideas are all very much along the same lines. They are all about consolidation of your resources, identification, and risks, and that is a bad idea in general for your safety, your privacy and your liberties.
I've fallen off your lawn, and I can't get up.
What's the difference? For most people that'd mean stealing your wallet - they'll get both pieces of information anyway.
I want a card with my driver's license, my grocery store card, my debit card, my work ID, my AAA card, and every other damn thing cluttering my account all on one card. And I want an electronic device, too, that has my cell phone, my garage door opener, my car remote, my mp3 player, and any other little bullshit electronic device on it.
One early morning, back in the early days of debit cards, I inserted what I thought was my debit card into the ATM. It asked for, and accepted my PIN, gave me account options, then, after a short delay, said that there was no such account and returned my card to me. As I pulled the card out, I realized that I had inserted my Driver's License into the machine, instead of the debit card. I had always thought that the two should work together, as it appears that such interaction had been pre-built into the ATM software, even back then.
I refuse to use debit cards at all (as opposed to an ATM card or a credit card), because they draw directly from your account and they don't require an independent piece of verification (like a PIN) to use.
But this? This is even worse. At least a debit card can be cancelled in the event it's stolen, even though by then it may be too late. How are you going to cancel your driver's license when the DMV is only open Monday through Friday 8-5?
It's even worse if it makes use of the RFID chip that's embedded in some driver's licenses these days.
No way in hell will I ever opt in for something like this.
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
Michigan does not use privately assigned numbers for our drivers license numbers. Our drivers license numbers are calculated using a method that's not secret or random or anything.
_ mi
We use a system that combines soundex codes with date of birth. You can find anyones michigan driver's license number if you know:
First name, Middle Name, Last name, Month of Birth, year of birth.
If you're from michigan, get out your driver's license and see for yourself.
http://www.highprogrammer.com/cgi-bin/uniqueid/dl
There are only a few times where it might be a few numbers off. If you happen to share a first name middle name last name month of birth and year of birth, then the last 3 numbers will be off by 1. Besides that, this works really well.
This is great for catching fake ID's. None of the fake ID's bother to calculate the right number. Most bouncers who police doors are familiar enough with the codes to flag fakes quite easily.
I ran a great big magnet over my drivers license a long time ago. The data on it is not legally required (though IANAL). The only purpose it serves is to give your personal data to shops that want to "check" your ID (and add to their database).
Why do cops need bribes when they have tax and ticket revenue?
Aside from the obvious increase in identity thefts risks, I realize that there is a person who thought this up, thinking that one 'all purpose card' would be cool.
I don't think debit cards and driver's licenses should be combined simply because you usually don't carry that many of such cards anyway. What most of us hate is - this problem is applied to women in particular - all the shopping cards people collect. These are the cards that need to be combined into one configurable card, so that people can have only three useful cards. One for shopping discounts, one driver's license and one debit card. But combining them is kind of pointless.
Also, other side effects include situations like not being able to give your husband/wife/daughter/son/xyz your debit card to use at the ATM machine, simply because it is too risky to lend someone a driver's license AND a debit card.
Full Tilt
Too bad when they required "machine readable" they didn't specify "magnetic". Wisconsin has the super complex bar-codes on the back.
The good thing about cash is that no identifying information is shared during the currency exchange. The reason this anonymous transfer works is that cash is hard to counterfeit and easy to trace.
When you move to an electronic system that relies on transferring 'secret numbers', it becomes much harder (impossible?) to guarantee security of all parties involved. Think of the public key cryptography system. You have to have a "trust" party in the equation who work as an escrow agent and can guarantee that the cash is both valid tender, and has been copied to the new location, and removed from the old.
So what is the ideal currency system?
1) Anonymous transfers with no identifying information shared
2) Escrow of currency during the exchange
3) No counterfeiting possible (or at least very hard)
4) Portable and usable in disaster zones with no electricity, gadgets, network connections
5) Allows anyone to setup their own "bank"
Is all of that even possible outside of "paper money" currency?
The university that I attended issued student IDs that were usable as ATM cards with a bank that the school had set up to do that with. It worked fine but that was with just one bank that they had worked out some deal with. Its probably more difficult to work it out for multiple banks and allowing fair and equal access to all banks.
Debit cards suck. If there's a fraudulent or otherwise disputed transaction, the other party has your money. Getting it back is a major pain in the ass. My friends have had issues where it's taken them months to get something resolved and, in the mean time (it bears repeating), they have your money. Credit cards companies are generally much easier to deal with - the money is still in your pocket, so the burden is on the merchant to prove the transaction is valid. If (like me) you want to avoid credit card debt, use American Express charge cards (green, gold, platinum, or black). These basically work kind of like a net-30 account for your purchases. AmEx has always been great to me when there's a problem with a charge.
Help save the critically endangered Blue Iguana
Even better. I've had an ATM eat up my debit card before due to mechanical problems with the machine. So by combining the 2, I would have been driving illegaly without a license for 2 weeks while a new card was sent to me. Yup, real brilliant!
It's better to burn out than to fade away
As for what information goes on there, I'd like to follow security "best practices": the principle of least authority. If you need to check if my face goes with the name I give you, you can take a look at my license (or other photo ID). If you need my credit card number, you can get it from my credit card. If you need my contact info, I'll tell you how to contact me. I'm sure the convenience of a one-stop-shop appeals to some people; I personally prefer this partitioning.
"The use-mention distinction" is not "enforced here."
I would much rather have my cell phone be my:
RFID Entry key (With an actual battery it can be truly secure)
Debit/Credit Card (Same deal, different implementation)
Driver's Liscence/ID
Etc. Etc. Etc...
I should have to type in a PIN or something to spend money. You can already deactivate phone immediately if they are lost or stolen, so that's not really an issue. I'm sure this is the way things are headed.
--The universe will not be altered by forum threads, even those which are very wry. --Tycho Brahe (Penny Arcade)
The University of Minnesota already does this with their student ID cards. Not quite the same, but I still don't like it, as it makes the ID itself less useful. Policies then restrict what can be done with the card, and you end up having special cards for other functions (like, say, checking out a music practice room key card) because no one is allowed to keep the student ID because it's an ATM card. So, it really doesn't even result in fewer cards.
If Montana weren't so fscking cold and remote I'd move there in a heartbeat. Gorgeous landscape, pristine outdoors, and a freedom loving people that is still unafraid to tell the federal government who is boss.
Well, couple this with the REALID Act. And with the fact that the government is already monitoring financial transactions. The only real difference is that using this system, your REALID becomes a key in their existing databases tracking all of your purchases.
So, you're correct. This really doesn't give the government any more data than they are looking at already. In the short term it just makes it easier for them to use the data they already have. But, in the long term I could see this as additional motivation to say, mandate contact-less REALID readers into the card processing infrastructure. Now that could give them information which they currently find difficult to gather, and they can shift much the cost of building their surveillance infrastructure onto private businesses. A widely distributed network of wireless readers would also add a lot of value to the RFIDs they're putting in the money and will be putting in the REALIDs.
Seriously, are you that lazy that you can't provide an ID when you use a credit card? You've already gone into your wallet to get the card, why not pull out your license while you're at it?
I like it when stores require ID to make a purchase via credit card. Makes me feel a bit safer at very little cost -- though it would help much more if every merchant did so.
Interestingly, I was in a pharmacy when someone tried to use someone else's credit card. The cashier asked for ID, and the customer (unwisely) handed their own ID... Cops were called, I don't know what happened after that since I left once I'd paid for my own goodies.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai