Plastc Swiped $9 Million From Backers, Now It Plans To File For Bankruptcy and Shut Down

Plastc announced today that it is planning to file for bankruptcy and will shut down on April 20, 2017, after raising more than $9 million through preorders and shipping to no backers. "Plastc launched in 2014 with the promise of shipping a single card that could digitally hold 20 credit or debit cards that a user could switch between," reports The Verge. From the report: With that, all backers' money is lost, and no Plastc cards will ship. Plastc announced the news on its website today along with the fact that all its employees have been laid off. Its customer care and social media channels have also been shut down. The company explains that it thought it would close $3.5 million in funding in February this year, but that fell through. Another possible investment deal of $6.75 million fell through, too. What's not clear is how more than $9 million wasn't sufficient to get backers their orders. Backers will likely have questions and want their money back, but with no one to turn to from Plastc, they'll likely be out the cash.

will shut down on April 20, 2017

[fustakrakich]

Uh, guys? You check the calendar? You're a little late with this story, don't you think?

Re:will shut down on April 20, 2017

That's how language of news actually works - not everyone will be reading the story the same day.

The announcement is they will cease operations on the 20th, so that's what should be reported.

Re:will shut down on April 20, 2017

April 20th is Adolf Hitler's birthday.
Coincidence?

Re:will shut down on April 20, 2017

[GrumpySteen]

To be fair, /. got the story up within 24 hours, which is actually faster than average for them.

The company didn't announce their shutdown in advance, so nobody could have reported it before yesterday afternoon when the message went up on the site and all their social media shut down.

Re:will shut down on April 20, 2017

[Austerity+Empowers]

It's also 420...duuuude... Coincidence? Totally!

Re:will shut down on April 20, 2017

[dgatwood]

So basically, you're saying that backers' money went up in smoke?

Re:will shut down on April 20, 2017

[Austerity+Empowers]

Yes, it was a pipe dream.

Re:will shut down on April 20, 2017

[BarbaraHudson]

You could say their plastc cards hit their credit limit.

No chip and no near field transactions - why carry this around when you already carry around a smartphone that can mimic a credit or debit card?

Re:will shut down on April 20, 2017

[networkBoy]

True, in other news:
"Plastic executive staff now being used for sniper practice"
Details at 11:00

Gret

Bettr thn gret, fantastc!

How to copy?

I don't think it is possible or legal to move the information from your bank card to another. The chip is a small computer, it can run programs, do encryption, store keys. Just impossible.

Re: How to copy?

Er, no. That would require the reader to get a copy of the private key in order to do the encryption. The cards are designed so that the private key can't be read, otherwise it's trivial to skim them. The chip on the card does the encryption.

Re: How to copy?

no, you're a fucking idiot that doesn't understand hsms or fips and how it works

the chip has no power and is not readable,it just acts as the signing agent when its key has been decrypted by the owners pin

Re: How to copy?

[sexconker]

Welcome to America. We don't have chip and pin, we have chip and sign, but actually, fuck signing most of the time.

The chip does NOTHING in the USA except make the whole process take longer. Cloners have been available in the US for these cards for years. And you can still run the, as mag swipe (or even phone-in/ "offline" transactions) at a whole bunch of exempted places that don't have to get their act together anytime soon.

Re: How to copy?

uh, way to move goal posts idiot

Re: How to copy?

> Cloners have been available in the US for these cards for years

Prove this statement because it smells like bullshit to me.

Point me towards a cloner (or even an article that describes how to) for chip & pin cards or stfu with your hyperbolic bullshit. HINT: incorrect implementations of emv. (ie: using non-random UN's) aren't clones.

Re: How to copy?

Oh come on, don't be a dumbass. It does have power - stop being so silly. It gets it either from RF or from the card reader's contacts. You're right that it's 'only a signing agent', but think about what that means. TO be that signing agent, it has to have a secret key (private/public or some other pre-shared secret) that only it, and maybe the bank, knows.

That secret does not leave the card - ever - although is used by the on-card processor to 'sign' transactions. It is an active processor to BE that signing agent.

That's why 'plastic' could never mimic a chip card; because to mimic the behaviour and 'signing capabilities' of such a card would require knowing that secret information along with associated algorithms.

And seriously, HSMS are computer specific. FIPS is rather irrelevant to me; being a USA standard and all; we've been using chip and pin for years..

Re: How to copy?

[stephanruby]

Technically, you're actually both wrong. The chip has both an encrypted part and a public part.

Re:How to copy?

[AvitarX]

I had a Coin (basically the same idea), it worked OK for about two months, then chips became a thing.

I assume that's what actually killed these guys too. Not that it was a scam, but that they couldn't deliver.

Re: How to copy?

[AvitarX]

Fun fact, call ins and internet orders happen everywhere.

I'm also not convinced the chips are clonable.

Re: How to copy?

[stephanruby]

The chip does NOTHING in the USA except make the whole process take longer.

I agree with you, but just to clarify.

It's not the chip that makes the process take longer, it's the US regulation that comes with the US chip that makes the process take longer. And the American regulation requires that the chipped card checks the bank balance and do all the handshakes between multiple networks in real time before it allows the transaction to take place, hence the extra delay.

As opposed to Europe, where the European chipped card could work in a place with no phone reception and no network access, the balance would be kept on the card, and the balance would later be reconciled in a central ledger at the end of the day, or at the end of the week (I'm not sure which). But this of course made the card super fast to use.

In other words, let's say you have one thousand dollars in your checking account. In the US, a cloned card could effectively steal that $1,000 from you. But in Europe, let's say you have 1,000 Euros in your bank account, you make 1,000 clones, and you ask 1,000 criminals to all use the card at the same time by sending them the pin via text messages all at once, then it would mean that the bank could potentially lose 1,000,000 Euros by the time it adds up all the transactions of 1,000 Euros when it finally reconciles everything.

Of course, I'm skipping over some technical details, but that's basically the gist of it. Also, I should mention that it's much easier to crack one card in a couple of weeks and clone it 1,000 times than having to crack 1,000 separate cards to clone them once. And also, some chipped cards are allowed to be used without the pin, because not everything on a chipped card is encrypted, and that's ok for some businesses because they'll limit the amount of the transaction when the pin is not used, and also they can take other security measures, like video recording the person, or video recording the car of the person who used it, or something else entirely. And in the end, no system is perfect, and that's ok. A security system just needs to be difficult enough for criminals to crack and low reward enough to make the risk too high for most criminals to want to take.

Re: How to copy?

[sexconker]

> Cloners have been available in the US for these cards for years

Prove this statement because it smells like bullshit to me.

Point me towards a cloner (or even an article that describes how to) for chip & pin cards or stfu with your hyperbolic bullshit. HINT: incorrect implementations of emv. (ie: using non-random UN's) aren't clones.

Again, we don't have chip and pin in the USA. We have chip and LOL. It's a farce. Cloners have been available for years.

Re: How to copy?

It isn't that I'm saying that chip and sign is a farce (it is), but I'm fairly sure it's the same chip as elsewhere, and the signature requirement is an option set by the issuer. If that is the case (same chip), and if cloning devices are available (not for mag stripe, for chip) then EMV is broken.

Can you point us to that (serious question)?

Re: How to copy?

AFAIK In Europe connection generally IS made to the banks (on occasion this can be slow, or fail and need to be retried, which have both happened to me), but provision is made for disconnected terminals. For your hypothetical attack people would need to find unconnected POS terminals, which are pretty uncommon now. Contactless is another matter, but there is a low transaction limit.

Re: How to copy?

Why is it a farce exactly? Works fine in europe and asia.

Re: How to copy?

[Dog-Cow]

Possibly because you're a fucking moron who can't comprehend the written word.

Re: How to copy?

[stephanruby]

Or they would need to do a ddos attack on the relevant phone lines or networks, or cut an underwater fiber cable to a bunch of islands, or blow something up, or wait for a semi-predictable natural disaster to occur, or even find ways to affect the power grid because many handheld POS systems in Europe are portable and battery powered.

Re: How to copy?

[jawtheshark]

From my understanding, in Europe, the chip and pin does make a connection. Terminals generally do have a connection. For a while a lot of them were GPRS or POTS, so you can guess how long this has been used. I remember a few restaurants that had horrible cell reception, and you were pretty much asked to come chip and pin at the counter where reception was acceptable.

I do think that below a certain threshold amount, making the connection isn't mandatory. That's usually when it goes quickly and it doesn't say "connecting". I've only seen it happen on small amounts. Do note, that this is what I conclude from the behaviour. It would be better if someone who actually knows how this works to chime in.

If anything, I do not think that it's the card that stores the transaction. It would not make any sense at all. Imagine I do a 1000€ purchase, and it would be store-on-card. At that point, I destroy the card or never use it again. My card never gets the chance to "synchronize" with anything. Now, perhaps I misunderstood what you meant with "the balance would be kept on the card", but it definitely doesn't involve storing anything on the card. It's the terminal that must store and forward the transaction. Granted, it doesn't change anything in your scenario, but given European chip 'n pin do connect, I doubt you attack would be feasible (ignoring the fact you need a 1000 unconnected terminals, which is doing to be very hard to find).

Re: How to copy?

[stephanruby]

Well, I was at a restaurant at a ski station really high in the mountains, the prices were really expensive, and the handheld POS device didn't have a connection.

And yes, I do realize that many ski resorts in Europe have ok cell phone coverage, I remember seeing the billboards of cell phone companies advertising that fact on top of the mountain itself, but I don't remember seeing those billboards at all the ski resorts I've visited and like I said, at least one restaurant at the top of a telepherique didn't seem to have coverage and yet the European chipped cards still worked.

But then again, it's been a few years since that happened, so maybe the security of chipped cards in Europe has been upgraded since then. I don't know.

Re: How to copy?

Er,it is possible,I found a chip n pin writer + blank cards and its software in a skip !!
Cannot remember if skip was at bank or at what was meant to be secure re-cycling unit,it was over 8 years ago,once I realised I had everything I needed to produce new cloned or ghost cards I very rapidly destroyed the lot,I could have sold on to the criminal market for lots of cash or used myself,but didn't fancy the jail time I would have got if caught.
Banks etc pay lip service to security still,I could probably take you round a few regular skips in this area and give you a stroke at what can still be found.
The best one are complete pc's thrown out because of power supply fail,when some power back up,you find everything in plain text because encryption keys are still on the drives..
You name it,I have found sensitive data about it on thrown out hardware..
Unless parts are smashed/chipped,ordinary so called safe disposal is no such thing..
The data owners/generators only care if they get caught,the disposal firms are even worse,they just don't care full stop,no reputation to lose for most of them,go bankrupt and start again with a new name..

Re: How to copy?

From my understanding, in Europe, the chip and pin does make a connection. Terminals generally do have a connection.

Normally, they have a connection, yes. Real-time banking is not instantaneous, but usually faster than counting out change for cash. If the connection is down, they usually fall back to printing receipts that you have to sign to validate use of the card.

If anything, I do not think that it's the card that stores the transaction. It would not make any sense at all. Imagine I do a 1000€ purchase, and it would be store-on-card. At that point, I destroy the card or never use it again. My card never gets the chance to "synchronize" with anything.

Doesn't work that way. Of course any offline transaction is stored in the sellers terminal - at some point the seller go online & synchronize with the bank, and then the money is pulled out of your debit card account. (Or charged to some credit card you will be billed for.) It won't matter if you destroy your card. If you want "free stuff", you have to destroy the sellers terminal or backend computer. The seller will likely object to that, it is equivalent to taking the money back after paying.

They may store a copy of the account balance on the card. This is only for your convenience - so the card can report "out of money" and reject the offline transaction. This protect you from overdraft fees. Getting around such protections may be possible, but it will only let you go a bit deeper into overdraft debts. Doing that is usually not very interesting, unless you're financing something like a suicide attack and therefore don't care about ruining your own economy & credit rating.

Re: How to copy?

[jawtheshark]

Last time I was in Val Thorens (basically the highest ski resort in France, maybe Europe), I could use my cellphone everywhere... including Internet. Hell, the *first* time I went there, I surfed on the internet using my Psion Revo connection using IR to my Siemens 35i using GRPS. Given the hardware, you can basically guess when exactly that was.

Besides, all it needs is a phone line.: Classic POTS for the terminal base to be connected (the handsets can be wirelessly connected to it), and if those people had a phone, they had a connection.

Re: How to copy?

[jawtheshark]

Doesn't work that way.

*of course* it doesn't... That's was the whole point of the thought experiment.

They may store a copy of the account balance on the card. This is only for your convenience - so the card can report "out of money" and reject the offline transaction.

That would be a reasonable assumption. I wouldn't count on it... Overdraft fees are the bread and butter of banks ;-)

Re: How to copy?

[jawtheshark]

Correction, it was a "Siemens S35i" and a "Psion Revo Plus". It's been ages, I even thought of that setup.

Re: How to copy?

[Applehu+Akbar]

Why is it a farce exactly? Works fine in europe and asia.

Because Europe and Asia don't use chip and sign. Chip and sign is for Americans getting odd looks from retail personnel when we present a credit card in those areas.

Re: How to copy?

[deKernel]

How your comment currently sits a a number 3 considering you have very little truthful information in your statement if quite interesting.
First, the "speed" has nothing to do with the US regulations. The initial speed has everything to do with the conversation that happens between the card and the terminal (ATM and POS). This is what unlocks the card to allow the transaction selection process to continue. In Europe, the PIN of the card is entered to actually unlock the card, in the US, the card is just "unlocked" automatically. Now, please don't confuse the PIN of the card with the PIN of the transaction: they are two very different security items.
Second, this network balance traffic is not true. There is typically a single message that is sent out from the terminal that has all of the needed information. If the transaction is authorized, that is when the account balance (which is NOT a network or EMV requirement) is sent down to the card.
Third, there is no bank that I am aware of that actually allows for offline transactions. There could be some arrangements between particular banks and merchants, but it is not a generally accepted practice within the industry. Banks love to avoid risk whenever possible.

Re: How to copy?

[DrXym]

As opposed to Europe, where the European chipped card could work in a place with no phone reception and no network access, the balance would be kept on the card, and the balance would later be reconciled in a central ledger at the end of the day, or at the end of the week (I'm not sure which). But this of course made the card super fast to use.

I haven't seen any chip and pin device in Europe that DOESN'T require an authentication / authorization step. If it's allowed at all it would only be on small transactions - train tickets, snacks etc. The same is true for contactless transactions which don't require authentication on small payments but will still authorise payment usually by asking a server.

It also doesn't make the process any slower in my experience than paying by swipe. If chip and pin is slow in the US it's probably more to do with people being unfamiliar with the process, inconsistencies between different stores / banks, or people forgetting their pin etc.

Re: How to copy?

[DrXym]

How do you know it didn't have a connection? Handheld devices can talk remotely to a base station at the counter in the restaurant. It would either dial up on demand over a telephone line or it would be connected over a data network. Even a restaurant on a mountain can get a network - probably easier than some other places since it's probably line of sight with a mast.

Re: How to copy?

[bluefoxlucid]

Actually, they haven't. You can clone the mag strip, but most cards now register that they have a chip. The bank won't authorize it by mag strip if a smart card is present; you can still copy the mag strip and use it for offline attacks (e.g. use it to buy crap through Paypal).

A smart chip--the type of tool embedded in an EVM card--is a miniaturized computer with an I/O protocol. When attached to the reader, it's powered up and accepts commands. It doesn't release the key, and only performs digital signing within its own memory space and returns the result.

Some implementations in early chips used DES, which has cryptographic weaknesses. It's possible to crack DES in a few hours and recover the key by analyzing signed known-plaintexts, allowing for cloning. Most early implementations used 3DES or RSA at a currently-unbroken level, making this attack impossible.

Amusing: SD cards are also microcomputers and communicate over an I/O protocol. Direct access to SD card NAND is not possible; loading an operating system onto an SD card and making it perform computations is possible.

Re: How to copy?

[nightfire-unique]

Easiest answer here is for the US gov't to mandate minimal acceptable response times for chip banking transactions. There's precisely no reason why it should take longer than a second or two to authenticate any consumer debit. If it takes longer than that, the bank's systems are broken and should be fixed before they're allowed back on the network.

Everywhere else in the world, chip transactions (including a roundtrip to the bank) happen very quickly.

Re: How to copy?

[jittles]

And the American regulation requires that the chipped card checks the bank balance and do all the handshakes between multiple networks in real time before it allows the transaction to take place, hence the extra delay.

That is not typically the reason for the delay. The fact of the matter is that the US region required online processing for EMV because at least 90% of the transactions in the US were already online only. There are some significant attacks against offline EMV that are entirely mitigated by online processing. There are no known attacks on Online EMV with card present. Even without a PIN, you cannot duplicate someone's card or skim it. You can steal someone's card and use it, but you cannot create a cloned copy of the card and use it.

The problem in the US is entirely with poor implementations. The most inexpensive terminals manually check a list of supported brands against the card's brand(s) one at a time. The brands have IDs that can be incredibly specific. A lot of the processors I've worked with want to manually add each and every ID to their configuration basically saying "I support North American MasterCard. I support Australian MasterCard. I support European MasterCard..." for basically every region in the world when they could just say "I support MasterCards of all types." So the card terminal sits there for a solid 10- 20 seconds just going through its list asking the card "Are you this brand?" Literally. Regulations in the US require you to support "US Common Debit" if you're going to allow debit transactions. There is literally one additional ID that is required to be supported in the US versus other regions. Furthermore, you'll find that transactions go online and receive approval in Europe somewhere on the order of 70+% percent of the time and are still faster than US transactions. I'm working on a project right now for a company halfway across the world from me and, when I have control of the terminal flow, I can run through the entire process from the US, 8000 miles, back to the US for issuer authorization, then back that 8000 miles to the processor and back to me in about 300-400ms. With a processor who lives in the same city, I can complete a transaction in 100-200ms on a slow day.

When I say that, I'm obviously excluding transactions that require prompts, but one where I have the terminal flow set to run the transaction from end to end the instant the card is inserted into the terminal with no further human interaction required.

As opposed to Europe, where the European chipped card could work in a place with no phone reception and no network access, the balance would be kept on the card, and the balance would later be reconciled in a central ledger at the end of the day, or at the end of the week (I'm not sure which). But this of course made the card super fast to use.

They have not done this in Europe or anywhere else in a long time. I think the last card issued that behaved in this way was around 2007. Some of them haven't expired in their countries of origin and you still have to support this capability in some regions, but it's being phased out. You cannot trust a balance from an offline transaction. The terminals all have a transaction ceiling which, when hit, a transaction is forced to be processed online. In the US that limit, from a liability standpoint, is $0. For most European merchants, they use somewhere on the order of 20-40 pounds/euros/whatever. Basically a high enough limit that you can recharge your metro card. That limit is also based on the type of merchant as well. The majority of card fraud occurs at gas stations and the industry has completely different rules for unattended gas pumps.

And also, some chipped cards are allowed to be used without the pin, because not everything on a chipped card is encrypted, and that's ok for some businesses because they'll limit the amount of the transaction when the pin is not used

Re: How to copy?

[Austerity+Empowers]

It's not clear, but speculated that with chip and sign, it is entirely possible:
https://www.wired.com/2015/09/...

However, what has actually happened is that most fraudsters, who are as technically capable as your average script kiddie, have just found other ways of defrauding you rather than try to solve a hard technical problem. The most popular method now, and which I personally know many people have been facing, is opening a credit card in your name and using your potentially great credit score against you. This is ALSO because credit card companies are dropping the ball.

This is why we should not let idiots with MBA degrees use statistics to make decisions. "If I make this one change, I will fix 60% of the problem! I'm done!", and a month later the mole pops up another hole. So no doubt they will try to close this new hole, and the criminal element will look elsewhere, perhaps back at cracking EMV and it's known weaknesses, one of which has been identified:

http://blog.unibulmerchantserv...
(TL;DR: It's not guaranteed and work for some uses, but it's a crack in the wall)

Re: How to copy?

[Enigma2175]

Why does the balance need to be sent to the card at all? POS terminal sends "I need to authorize a $30.47 charge", bank sends back "Approved" or "Denied" along with a transaction ID. Why would the POS terminal ever need to know a balance associated with a card?

Re: How to copy?

For those who do not know. Chipped cards identify themselves as chipped by a code in the mag strip that the terminal sees when you swipe the strip. It is entirely possible to read the mag strip off a chipped card, modify the code that says hey i have a chip and then write it to a non-chipped card. When you then swipe this at a terminal it thinks you are using a legacy non-chipped card. The whole chip-pin setup deployed in the US is a complete farce.

Re: How to copy?

[DarthVain]

Ahhh, I suspect that is why my "tap" functionality has a limit (found that out a couple weeks ago). Makes sense, as I think the cap is like 100$, so sure someone might run around with a bunch of cloned or stolen cards, however at 100$ per tap, they would have to use it a LOT to actually steal any amount of money (in a relative sense from a bank). Using it so much, probably means they get caught also.

That said, the whole business plan for the service seems to be flawed in so many ways.
1st of all, most people I know want to use LESS cards, not more to take advantage of the rewards program.
2nd with VISA/MC already having a monopoly why would they want to participate?
3rd with card companies why would they want you to be able to use other cards, again why participate?
4th while consolidating might be useful, that would likely break terms of contract, or they would re-write the contracts so that it does.
5th people with 20 credit cards are likely the ones that are highest risk to default in the first place, making the service undesirable.

In all, I can see why no one wanted to invest, and it failed. How they spun it to get the initially 9 million is a a mystery to me (unless they got significant buy in from MC/VISA and/or a number of banks etc..).

Re: How to copy?

[David_Hart]

Why is it a farce exactly? Works fine in europe and asia.

Because Europe and Asia don't use chip and sign. Chip and sign is for Americans getting odd looks from retail personnel when we present a credit card in those areas.

Canada has chip-and-pin and have for a long while. I don't know what's wrong with the US banks and why they want to do their own, less secure option. Perhaps they plan on going to chip and pin once a certain percentage of card readers have been upgraded to support chip. There are still about 40% of the vendors (restaurants, etc.) that I deal with that have the chip part blocked off because their system doesn't support it.

Re: How to copy?

[jittles]

> Cloners have been available in the US for these cards for years

Prove this statement because it smells like bullshit to me.

Point me towards a cloner (or even an article that describes how to) for chip & pin cards or stfu with your hyperbolic bullshit. HINT: incorrect implementations of emv. (ie: using non-random UN's) aren't clones.

Again, we don't have chip and pin in the USA. We have chip and LOL. It's a farce. Cloners have been available for years.

Can you point us to a resource that shows that you can clone a chip for online processing? To my knowledge, you cannot. Since the US has a floor limit of $0, all transactions go online and you cannot use a cloned card. Not to mention that Chip + PIN is completely possible in the US, and is expected to roll out in the next year or two. In my experience, it's actually the US based credit card processors that don't want to support PIN right now, and not the issuing banks.

Re: How to copy?

Maybe you should move out of the sticks. In every major city in the US, I have used my chip and PIN cards endless times.

Re: How to copy?

[stephanruby]

While Val Thorens is not the most expensive ski resort in Europe, it still ranks pretty high up there because of its altitude. If you're going to have the benefit of not needing artificial snow when other ski resorts do, then many of your customers during the late season are going to be top government officials and CEOs, and cell phone networks (not to mention the NSA and the Russian FSB) will do everything in their power to make sure those types of people have the illusion of perfect coverage and perfect service wherever they are.

Re: How to copy?

[stephanruby]

If chip and pin is slow in the US it's probably more to do with people being unfamiliar with the process, inconsistencies between different stores / banks, or people forgetting their pin etc.

Yes, it's some of that, but not only that.

I have experience using both kinds of cards, both in the US and in Europe, and in the US, the process of using a chipped US card with a pin is definitely a lot slower than using a US magnetic-only debit card with a pin. For one thing, the system won't even let you enter your pin for a chipped card in the US until the connection has already been made, so there is no kind of caching that is even allowed.

And I guarantee you that if you ever come to the US and tried an American chipped card yourself with a pin, you would notice the difference in speed yourself. There is absolutely no doubt in my mind about that. The only part that I'm fuzzy about is the European system these days, because it's been a few years since I've used it.

Re: How to copy?

[david_thornley]

I've used chip&pin at Target, and it works well. Everywhere else that I've had to use the chip, my experience agrees with yours.

Re: How to copy?

[david_thornley]

Depends on whether there's fraud or not. I've heard of a case where the bank insisted that a guy who spent time in South Africa must have snuck into the UK again to use his chip&pin to withdraw money.

Re: How to copy?

[Applehu+Akbar]

In the US we have about the same percentage of new chip readers masked off because the software to run them is not installed yet. The difference between our systems is that when the US readers are all working, they will support the same crappy chip-and-sign that does nothing to aadd security. You will have real chip-and-PIN.

Re: How to copy?

[networkBoy]

my recently cloned card was *only* used at swipe terminals, they did not use the chip feature.

Re: How to copy?

[jawtheshark]

That has got to be the most silly explanation of why a place has good coverage, I've ever read.

Re: How to copy?

most people I know want to use LESS cards

FEWER, you gomer.

Re: How to copy?

because not everything on a chipped card is encrypted

I thought I read a long time ago that there was a problem with the system. You didn't need to break encryption or crack the pin, because the chip simply replied that the pin was correct. So you just needed a chip that said "yep, the pin is correct" no matter what was entered.

Re: How to copy?

[DontTrustWhatIType]

The chip does NOTHING in the USA except make the whole process take longer.

This.

I don't understand why more customers and retailers are not screaming bloody murder over this. Retailers are losing billions because they either have to staff more checkouts and have longer lines (and irritated customers). Customers should be pissed off since they wait longer, have to do more (insert, wait, pin or sign or do the hokey pokey, remove the card when you get that fart sound).

The United States is now the country of security theater that pisses everyone off (e.g., TSA) does nothing to increase security (read the DoD and Homland Sec's own reports) and everyone seems to accept it. God I love and hate my country....

Re: How to copy?

[stephanruby]

In all seriousness though, removing the part about the CIA and the FSB, the top ski resorts in France do have giant advertisement billboards on top of mountains in the middle of nowhere (reminding that a particular cell phone network still works there).

And this is in no small part due to the fact that some CEOs will see some of these billboards and that some of those CEOs control companies with 10,000+ employees (all possibly requiring a company cell phone).

Re: How to copy?

[stephanruby]

That would be a reasonable assumption. I wouldn't count on it... Overdraft fees are the bread and butter of banks ;-)

Yes, but in some European countries, like in France for instance, those kinds of fees are heavily regulated by the government.

Re: How to copy?

> you can only bypass PIN in Australia, Japan, India, and Russia

Here in Canada we regularly don't have to use the PIN if the amount is "small" -- which I think is around $100.

This is why we can't have nice things

[bferrell]

If one were to look at the long term history of the financial industry (going back to before wall street was wall street), you'd find bankers, stock brokers et al were inherently distrusted. Financial fraud is/was easy so they did it... Over and over and over.

This is why there has historically been heavy regulation and oversight.

Re:This is why we can't have nice things

[amiga3D]

I'm thinking a bullet to a few heads would solve a lot of this. I know if someone had ripped me off for this kind of money I'd want them liquidated.

Re:This is why we can't have nice things

You're going to shoot someone over losing $155? You're not rich enough to have home internet service. Plastc isn't the only company trying to do this and failing. Actually, they're one of the copy-cat companies which jumped on the idea when the originating company published their idea. That company is still alive, though struggling. The biggest setback was chips. You're supposed to pay using your chip now, swiping is reserved for the restroom. These multi-card cards don't have chips.

I'd bet money the company was mismanaged too, but it would have died anyway. If you're going to invest in a new idea, invest in the guys who first came up with it, not the copy-cat companies.

Personally I'd never buy one of these because they won't work when the power goes out or the credit card network goes down. That still randomly happens. Some stores do still have carbon-copy card copiers which will work on real cards with raised numbers. These electronic multi-cards use e-ink or some other display that doesn't have texture so they can't be copied by the old copiers.

Re:This is why we can't have nice things

[tap]

Some stores do still have carbon-copy card copiers which will work on real cards with raised numbers.

When was the last time you used one? I recall using one at some sort of sale when I was in college, 20 years ago. I don't recall what the event was, but I do remember the card roller as, even twenty years ago, it was an archaic device and I hadn't seen one in years. Since then I can't think of single time I've used one. When the power was out or the network was down, they've always stopped accepting CC transactions.

Re:This is why we can't have nice things

Personally I'd never buy one of these because they won't work when the power goes out or the credit card network goes down. That still randomly happens. Some stores do still have carbon-copy card copiers which will work on real cards with raised numbers. These electronic multi-cards use e-ink or some other display that doesn't have texture so they can't be copied by the old copiers.

It must suck where you live where power cuts and network outages are so frequent you worry that a merchant will have to dust off the old manual imprinter to get your card details. What, do they also call your bank to verify your card is valid and your credit is sufficient, too?

Re:This is why we can't have nice things

[EzInKy]

You're going to shoot someone over losing $155

How else do you propose we keep people from steeling $155 from others?

Re:This is why we can't have nice things

[athmanb]

I used one in a mountain hut in Taiwan in 2016.

Re:This is why we can't have nice things

Personally I'd never buy one of these because they won't work when the power goes out or the credit card network goes down. That still randomly happens. Some stores do still have carbon-copy card copiers which will work on real cards with raised numbers.

I have only seen the carbon things in movies - and I'm 47. Those stores are in America I guess?
The card network is rarely out, but they do fall back on signatures in such cases. Can't stop shopping. Power failures are rare; but if a shop blow a fuse, the terminal itself has enough battery to keep going for an hour or so. Power problems more than a few minutes is very rare anyway. Not every year.

Re:This is why we can't have nice things

[gsslay]

If you dropped $155 on ordering something that not only didn't exist yet, but hadn't even been shown to be possible, then you can either afford to lose $155, or are an idiot.

Re:This is why we can't have nice things

Last time I was on Stradbroke Island (2012?) one of the cafes still used them, because they could only get 3G signal at night for the electronic card reader.

They'd only just gotten the machines and the lady would wave it around high in the air to get a signal, until it failed and she whipped out the trusty slide copier.

I hope they've since upgraded the mobile towers on the island.

Re:This is why we can't have nice things

Used one at nothing but noddles in 2015 when their CC system died after an order was cooked.

Re:This is why we can't have nice things

You're going to shoot someone over losing $155

How else do you propose we keep people from steeling $155 from others?

By teaching them how to spell first.

Then, perhaps a quick lesson on investing (a.k.a. gambling, taking risks), to help dispel the notion that this activity should be considered "steeling".

Re:This is why we can't have nice things

[bickerdyke]

As much as I understood crowdfunding, you are not ORDERING anything but INVESTING. If your investment is doing well, you'll get a product as profit.

Re:This is why we can't have nice things

[DarkOx]

Well PF Changs did it recently after they were hacked! I can see that situation being relatively common going forward.

Re:This is why we can't have nice things

[GoChickenFat]

So murder as a solution is rated insightful? WTF is wrong with people.

Re:This is why we can't have nice things

This wasn't crowdfunding, it was pre-ordering. Thanks for playing.

Re:This is why we can't have nice things

[bluefoxlucid]

They're possible for the same reason Android Pay is possible.

Re:This is why we can't have nice things

I used a card roller last week at my dry cleaners when their credit card reader was broken.

Re:This is why we can't have nice things

[flink]

You don't understand crowd funding. Every single crowd funding site that doesn't want to get smacked down by the SEC will explicitly tell you, in no uncertain terms, that contributing to a crowd funded project is not an investment. You are making a non-tax-deductible donation to a private corporation in the form of the crowd funding administrator. This company will transfer most of your gift (minus their vig) to the project you donated to. The project may, at their discretion, offer thank you gifts at various donation levels. Think donating to your local PBS affiliate minus the ability to write it off.

Investors have rights, gift givers get a non-obligatory pat on the back.

Re:This is why we can't have nice things

When was the last time you got a new card? almost none of them have raised digits these days, all the info is printed on the cards. The only card i have in my wallet that still has raised digits is my AMEX

Re:This is why we can't have nice things

[amiga3D]

I'm saying I don't like getting ripped off. It brings out the very worst in me. Watching the rich bastards walk away from a scam like this with their golden parachutes leaves me in a rage. If the sons of bitches ended up living in the street living out of a garbage pail it would be different.

Re:This is why we can't have nice things

[david_thornley]

There are two cards I use. One is completely flat, with a printed account number, and one has very slightly raised digits for the account number, but on the back of the chip. I don't know how that would do with one of those carbon paper thingies, since my name and the account number are on opposite sides of the card.

Re:This is why we can't have nice things

[david_thornley]

A lot of this is reputation. I contribute to Kickstarter campaigns when either I generally trust the people and/or company involved or I'm willing to gamble the money on the chance of getting the product.

Re:This is why we can't have nice things

That distinction didn't help me get my money back when Keiji Inajune and Comcept never delivered the Mighty No 9 cartridges that I paid for.

Re:This is why we can't have nice things

[lactose99]

Last time I used one of these was two years ago, when the power went out in my local bar and I had to pay with a card before it came back. Ancient

Re:This is why we can't have nice things

the last card I got with raised digits was back in September this past year.

It happens

[eonwing]

I did not fund this one, but these guys: https://popslate.com/ took my money and still have that website up (though it does say that their models are "sold out"). Message this March that they would not be refunding or fulfilling orders.

Re:It happens

[locater16]

Yeah this is why you almost never back hardware on kickstarter. I mean software and goods that have a known manufacturing requirement and backing can and do still fail. But at least there the barriers to success are well defined. Once software is done distribution is post scarcity in all practical terms, and already known manufactured goods have no unknown design problems and well defined paths towards manufacturing. But hardware that doesn't exist yet needs to be designed to work, then the manufacturing of this thing that's never been made before has to be worked out, and only then are you on your way towards getting an actual product out.

Re:It happens

For hardware I really recommend crowdsupply. They do much more vetting than kickstarter. So far I haven't been burned *knocks wood*.

Re:It happens

[JaredOfEuropa]

It's not always the unknowns and setbacks in turning new hardware into a product that trip up these projects, often it simply comes down to inexperience with the process. Time, effort and cost to go to manufacturing are underestimated, and sometimes entire steps are missed. "It costs how much to have an injection mould made?". "Oh right, we need FCC, EC and GOST certification to sell in these markets... how do we get these?" Even making a simple product like the Plinth turned out to be a struggle (the guy posted every single bit of progress (or setback) back when this was a kickstarter project).

Re:It happens

But at least there the barriers to success are well defined.

Looking at the specs of the plastc card I can tell you that a software project with the same specs would be doomed to fail. Feature bloat and unrealistic promisses will kill anything, wether it is hardware or software. It looks like they tried to put half the feature set of a modern smartphone into a credit card, even Apple on its quest for even thinner phones could not manage to come even near that.

There are two possibilities:

* they are scammers
* they have a hollywood based understanding of technology

Either way their supporters are in dire need of a physics crash course.

Is this a kick starter or some shit like that

Dumb ass millennials say "oh I am investing in this glorious business"

except it's just some idiot making promises that can't be met and then the idiot runs off with whatever money was pledged

Re:Is this a kick starter or some shit like that

[sexconker]

Dumb ass millennials say "oh I am investing in this glorious business"

except it's just some idiot making promises that can't be met and then the idiot runs off with whatever money was pledged

Yeah but how the fuck are you gonna say no to Waffles the Memory Foam Corgi?

https://www.kickstarter.com/pr...

Re: Is this a kick starter or some shit like that

And the baby boomers elected Trump based on false promises. Gen X FTW!

Re: Is this a kick starter or some shit like that

[Hognoxious]

You think he'll stop at 8?

20 credit cards?

Jeezuz, I've got one debit card.
Sign of the times I guess.

Re:20 credit cards?

[jabuzz]

There was a time when I only bothered with one card. Then I woke up and realized that this was a bad idea as all your eggs are in one basket. Mostly because I had my wallet stolen and it was a right pain and that was 20 years ago. It would be worse today.

Now I have one debit card, and two credit cards. I hardly use the debit card other than to withdraw cash from an ATM. Almost every card purchase is done with a credit card and I *NEVER* use the debit card on the internet. I only carry one of the credit cards with me, the other is heat sealed in a shielded bag between two pieces of cardboard. It's linked to my Amazon account and PayPal so it keeps ticking over with transactions. This card is for physical use in the even my primary card is lost, stolen, cloned, broken or the bank is having issues. It lives in a draw in my house, and when flying on holiday it travels in my suitcase separate from me, in case my main card has any of the above problems. Being heat sealed in a bag I can tell if it has been tampered with.

Further one of the credit cards is Visa and the other is Mastercard and they are issued from different banks. Finally I keep in a safe place in the house 150GBP in new notes (10*10GBP and 10*5GBP) for emergency use should both banks have issues at the same time.

Re: 20 credit cards?

My boss has three cards. He has limits on them to reduce the damage when one gets missused, so he needs others when he hits the limit himself.

Re:20 credit cards?

[Jeff+DeMaagd]

Lose your wallet all the cards and IDs in it are at risk.

Sad that so many backers thought this was something. NFC can do this job. I just don't see a viable future for a separate digital card.

But then, if you lose your phone you've lost a lot.

Nice scam you have there...

... be a shame if anything happened to it.

Re:Nice scam you have there...

Yeah, but I'm sure they will release the full accounts of what happened to the $9 million. Wait $9 million wtf?

Re:Nice scam you have there...

[bjwest]

Not only $9 million, they were seeking an additional $10.25 million and are going bankrupt because they couldn't get it. I'd really love to see the financials on this company. Nine million dollars in 5 years for no product is quite the haul for the officers.

GoFundMe, the new get rich quick scam

A fool on GoFundMe and his money are soon parted.

Stupidest product spiel of all time

"It'll be like a universal remote, but for all your credit and debit cards." Anybody who invested in that deserved what they got.

ISWYDT

Plastc Swiped

I see what you did there.

Of all the problems that needed $9 million...

[Powercntrl]

...having too many credit cards in your wallet was not one of them. Can't say I'm surprised it turned out to be a scam. The latest crowdfunded crap I've seen being promoted on Facebook: some shysters trying to convince investors that a Samsung Tablet with VNC installed on it is a novel invention.

These days, crowdfunding seems to be less garage/backyard tinkerers, and more already wealthy con artists using it as an easy source of income. Can't say I blame them - if I had the means to promote and profit from some idiotic "invention", I'd probably do that shit too. Anybody want to invest in my solar powered vinyl player which automatically uploads your music to the cloud? I swear, it's going to be the next big thing!

Re:Of all the problems that needed $9 million...

[JaredOfEuropa]

That's one of the nice things about Kickstarter: you can pitch your idea and gauge the market before spending or raising a dime, but those who say they'll buy it if you build it will have to put their money where their mouth is. And apparently thousands of backers did think having a lot of cards was a problem worth solving. Ages ago I too had a thought that it would be nice if I could clone all my cards onto a single one, but over here things have been moved to chip & pin for years now.

Re:Of all the problems that needed $9 million...

[david_thornley]

Arguably I'd be better off with fewer cards in my wallet, but only three of those deal directly with money. I've got a car insurance card, health insurance cards, a card good for a discount at Holiday gas stations....

sadness.

I am sad that this didn't make it to market, the technology looked cool. I was planning to frame one instead of using it.

Re:sadness.

It looked cool, but I'm cynical enough to state the technology did not exist, merely an artists rendering of what they "hoped" to build.

The question is whether they're scammers (never really expected or planned to deliver), deluded (they believed it was possible when it wasn't) or merely over-optimistic.

Normal practice in Corporate America

[Required+Snark]

This is the de facto business model in the US: steal from somebody. To prove my point all I have to do is say "Wells Fargo".

The three types of suckers are investors, clients and workers. The most profitable form is to steal from all three and keep the fraud rolling along indefinitely. That is the fundamental model for the financial industry. All the top banks, investment houses, hedge funds, etc skim the wealth generated in the country and put it in their own pockets. That's, along with regressive taxes, underlies the ever increasing wealth disparity between rich and poor.

So what do you think will happen to the scam artists who pulled this off? Will they suffer any economic or reputational damage? No way. They all got out fat and happy, and their business reputation will be enhanced because of their successful raid on a gullible public. I expect they will get better positions with larger companies because of their proven track record of theft.

I expect no change, although it might get worse. I just wish they would stop calling it capitalism.

Re:Normal practice in Corporate America

[kubajz]

I am surprised you were seriously modded as "interesting", since I find a number of your claims dubious.

1. I am not sure about US banks, but in my country banks earn money by transforming the maturities and amounts of deposits and spreading around risks to give loans, as well as providing other services such as card payments. Competition forces them to work relatively efficiently.

2. In my country, people who do not display "due care" when acting as officers of a limited liability company can be sued.

3. I very much doubt that being publically dragged through the dirt for wasting $9m of customers' money will look good on their CVs, let alone help them get better jobs.

I do admit that sometimes scams and fraud happen but I do not share your conviction that the whole environment we live in is built on it alone.

Re:Normal practice in Corporate America

Why should they stop calling it capitalism? This is the logical outcome of lassez-faire.

Re:Normal practice in Corporate America

I very much doubt that being publically dragged through the dirt for wasting $9m of customers' money will look good on their CVs, let alone help them get better jobs.

Are you kidding? Their resume starts with "Some guy came up with a terrible unworkable idea and I managed to persuade people to part with $9m which he and I have a large chunk of. Would you like me to persuade people to part with millions for your company, too?

Re:Normal practice in Corporate America

[swb]

3. I very much doubt that being publically dragged through the dirt for wasting $9m of customers' money will look good on their CVs, let alone help them get better jobs.

Depends on how they spin the story and how well their alternative facts get accepted.

I'd wager that failure is very common in entrepreneurial circles and some kinds and amounts of failure may be seen as merely good experience or even some kind of requirement.

So unless this was a particularly notorious example of fraud, once the details are forgotten this is one more didn't-quite-take-off entrepreneurial story to tell.

Re:Normal practice in Corporate America

In the US, that model of banking where bankers were considered boring is long dead. Instead US banks make money by speculating and devising fraudulent schemes then having the government return them to solvency when they fail. Where have you been? Please reference recent history before lecturing people in a country about the institutions of their own country.

In the US the courts are not particularly accessible through means other than cash and arrest. It is very easy to skirt responsibility by lawyering up and stalling all forward progress indefinitely. Lawyers regulate their own behavior so dragging things out while making the courts essentially useless to provide reasonable protections for honest people is just fine with the lawyers and judges as it means more and more easy money. Efforts to remove the bar association control of attorney oversight have been unsuccessful. Those who have suggested such have found themselves lambs among wolves.

In corporations and other fraudulent cooperatives you have front men and you have the rest of the organization. Corporations are more than happy to hire abusive and dishonest people. Corporations just avoid using them as the front men until they wish to be particularly brutal in demonstrating their ability to do harm without retribution.

Re:Normal practice in Corporate America

[GoChickenFat]

when you're young and broke, $9 million sounds like a lot of money but its not going to give you a very comfortable life for long these days. Middle class now needs a nest egg of about $2-5 million in retirement just to maintain their middle class lifestyle. This company may very well be a sham but I wouldn't assume the folks running this won't be more damaged than enriched.

Re:Normal practice in Corporate America

You, along with most of the world, misunderstand how banks make money. The bulk of all financial institutions money comes from borrowing at short term interest rates and lending at long term interest rates. They pay you a low short term rate on your checking and savings accounts and you pay them a high long term rate on your five year car loan or thirty year mortgage. Anything else they do is just icing on the cake.

Re:Normal practice in Corporate America

As for #1, don't know the details but my understanding is that's how banks in the USA used to operate. That's why the interest rate on deposits used to be decent. That isn't how it's done anymore.

Re:Normal practice in Corporate America

[jeff4747]

1. I am not sure about US banks, but in my country banks earn money by transforming the maturities and amounts of deposits and spreading around risks to give loans, as well as providing other services such as card payments. Competition forces them to work relatively efficiently.

That was the case in the US from the Great Depression until the 1990s. Then we repealed the law that required banks to be so boring.

Now banks can invest in derivatives and all sorts of interesting and exciting things. When those exciting investment vehicles turn out to be garbage, we get the 2008 recession

(The 2008 recession in the US was primarily caused by bundled mortgages. Banks and bank-like entities would make a mortgage loan to any vaguely human-like entity that could demonstrate they were alive. Since a large portion of these loans were garbage that would obviously go into default, the banks and bank-like entities bundled them together and then sold "shares" of the bundle. "An individual loan in this bundle may go bad, but surely they won't all go bad!!". To further reassure investors, the bundlers took out insurance policies that were based on other bundled securities not failing. So when the housing market boom inevitably busted, all those bundles turned to shit. And since they were insured via other bundles that had turned to shit, the entire banking sector of the US was in trouble.)

A post-recession law added requirements so that a large enough bank has to have more reserves to theoretically withstand such a calamity in the future, but we did not make banking boring again. And good news! There's banks and bank-like entities that are selling bundles of car loans now.....

2. In my country, people who do not display "due care" when acting as officers of a limited liability company can be sued.

US law makes this extremely difficult. The executive would pretty much have to sign and notarize a document detailing his plans to screw over everyone as well as periodic updates on that plan showing he was aware that the screwing was actually happening.

Re:Normal practice in Corporate America

[tlhIngan]

That was the case in the US from the Great Depression until the 1990s. Then we repealed the law that required banks to be so boring.

Now banks can invest in derivatives and all sorts of interesting and exciting things. When those exciting investment vehicles turn out to be garbage, we get the 2008 recession

(The 2008 recession in the US was primarily caused by bundled mortgages. Banks and bank-like entities would make a mortgage loan to any vaguely human-like entity that could demonstrate they were alive. Since a large portion of these loans were garbage that would obviously go into default, the banks and bank-like entities bundled them together and then sold "shares" of the bundle. "An individual loan in this bundle may go bad, but surely they won't all go bad!!". To further reassure investors, the bundlers took out insurance policies that were based on other bundled securities not failing. So when the housing market boom inevitably busted, all those bundles turned to shit. And since they were insured via other bundles that had turned to shit, the entire banking sector of the US was in trouble.)

Actually, that happened in the 70s. Mortgage bundling started around that time too, but of course, they only bundled AAA class mortgages together. Which worked until the late 90s or so, when all the AAA mortgages were all bundled together. Banks were happy because this made those investments less boring.

Then someone created a formula that told you how you can combine a bunch of less-than-perfect mortgages (subprime mortgages) and weigh them as if they were AAA mortgages, and banks became happy again because AAA mortgage bundles were boring, and now if they could include AA, A, and lower class mortgages but still value them as AAA mortgages, then it's exciting again.

Until people realized that such mortgage-backed securities, under closer scrutiny were crap because they were backed by crap.

Hell, people were signing up for mortgages that didn't deserve them - there was a nice acronym called NINJA - No Income, No Job Application. Of course that mortgage is going to get defaulted on.

Re:Normal practice in Corporate America

[david_thornley]

In my country, people who do not display "due care" when acting as officers of a limited liability company can be sued.

The Wells Fargo workaround is to insinuate to their workers that they can make fake accounts, and then put enough quota pressure on to make sure they have to. Then, when this is found out, the poor saps on the front line get thrown to the wolves, while the management that forced them to break the law or lose their jobs gets to claim innocence.

Re:Normal practice in Corporate America

[david_thornley]

I was working in the industry at the time it started to go down. I was a contractor implementing predictive models. I learned that bundles of mortgages were sold in "tranches", where the first of four tranches got all the money collected up to a fourth of the bundle, and the second, third, and fourth got what was left.

The model dealt reasonably well with rising property values. The possibility that property values could fall seems to have never occurred to the modelers (nor did they have the data to build that into the model even if they'd been smart enough to realize it). The database columns that frightened me were STATED_INCOME and STATED_ASSETS, meaning the mortgage issuer had not asked for income and asset verification. (I think NINJA actually meant No INcome, Jobs, or Assets, or it may have had different meanings in different places.) Obviously, if someone getting a NINJA loan had verification, they could have gotten more favorable terms, so it was a pretty fair bet that the mortgagee wasn't going to pay off the mortgage.

The reason mortgage companies liked the bad loans is that the interest rates were so high, so there was lots of profit if the guy did pay the mortgage for a while.

The idea that the companies were selling people who don't do this finance thing very well was that they'd get the house, live in it for a while, and even if they defaulted on the mortgage the house would be worth more than the value of the mortgage, so they would at least be able to walk away without debt or even with some profit. The idea that they were selling other companies was that the lower tranches were actually worth money.

When you're dealing with probabilities and expected values, the expected value of all the bets in a group is the sum of the expected value of all the bets. This means that a liars' loan (another commonly used phrase for NINJA) with negative expected value was going to make any bundle containing it less valuable. The only way to make money off NINJA loans was to sell them to someone who was a bigger sucker than you were.

Re:Normal practice in Corporate America

[jeff4747]

The idea that the companies were selling people who don't do this finance thing very well was that they'd get the house, live in it for a while, and even if they defaulted on the mortgage the house would be worth more than the value of the mortgage, so they would at least be able to walk away without debt or even with some profit.

The secret was refinancing.

You take out your NINJA loan (also known as a Liar's Loan) because you can't qualify under normal conditions. After 3 years or so you refinance. And you keep that pattern up until the loan-to-value on the property is low enough that you can qualify for a normal loan.

It worked great until property values stopped shooting up, and thus you couldn't pull off your next refinance.

Annoying for small projects

[spiritplumber]

Kickstarter and Indiegogo exist for funding, well, indie efforts or attempts to start a business. These high-profile failures (these guys, Fontus, Juicero) make it hard for those who play by the rules to do well.

Three years ago I did a small crowdfund for a solid state laser cutter; we got 300% funded, delivered our backers' orders in 120 days, and everyone was happy. Small problem: I tell people this now, and nobody takes me seriously because "oh, crowdfunding? must have been a scam of some kind".

I'm ready to go with my next product and since my last one was "too small scale" investors won't talk to me.

As usual, a cool new ecosystem was ruined by parasitoids and saprophytes.

Re:Annoying for small projects

[GeekWithAKnife]

I think you got one thing wrong. The "cool new ecosystem" was not ruined by 'parasitoids' it was ruined by a lack of accountability.

Look at the Skully-AR1 funding on Kickstarter. This was a product with genuine potential, had working prototypes etc.

It's not that the founders were running out of ideas or their project was jeoperdised by scope creep or the like. They were blatantly using the money they got from backer for buying cars, last minute flight tickets to vegas, hotels, strip clubs and when the product did not arrive and there were delays they eventually filed for bankruptcy and made excuses.

Look at the shit they bought on campaign backers' money:

Rent for the brothers' personal apartments in the Marina
Security deposits for an apartment in Dogpatch used by the Wellers
Weekly apartment cleanings
Personal grocery bills for the Wellers
All restaurant meals for the brothers
Mitchell Weller's Dodge Viper, which was claimed for insurance following an accident, as well as the new Viper purchased by the company to replace it

Check here -> https://www.buzzfeed.com/nitas...

On the back of that, at the time, I pulled out of a major indiegogo funding campaign because I no longer had faith in the model. When I signed up to to it it had a large "back out at any time" message on the page. After considering the matter of Skully I decided to back out and was confused as to how this is done from my backers page. I read the FAQ and it simply said that I go to my backers page and hit the "Refund order" button. So simple except THERE WAS NO REFUND button.

I asked and I was told that SOMETIMES there is no refund button and that funds have gone to the campaign owner. So I cannot get a refund from Indieggo because they do not have the money. I emailed the campaign owner and got no response for two months. As I had no other information to go on I researched the campaign, backer and related company and sent them letters threatening to sue as they are subject to EU law (Luckily because US law is really shit on these sort of things). After some haggling I got my funds -12% for various fees, 2% were to Indiegogo...and you know what I was lucky to get anything at all.

They have since clarified their refund policy further -> https://support.indiegogo.com/...

Simply do not believe ANYTHING a campaign page says. It might very well say "hassle free refund." but really should say "limited refund options occassionally available, terms and conditions apply. If you believed this was honest and bought based on that assumption you're a sucker hahahaha"

Now ask Skully-AR1 backers if they got anything yet? Helemt? Refund? An apology? - There is ZERO accountability.

We MUST convince Indiegogo and Kickstarter - basically crowd funding in general to do more.

Firstly I would like FULL DISCLOSURE expense reports of backers money. There is NO excuse not to let backers of your porject know how you spent their money.
Secondly I want the crowd funding site to review sufficiently large projects, say over $1 million with a third party registered accountant to check this is not all BS.

Lastly, for blatant misuse of funds amounting to fraud I would like for Kickstarter/Indiegogo to sue these people to the ends of the Earth on backers behalf. I will pay good money, more than my original investment to make sure fraudsters are dealt with as harshly as possible.

Without any safety checks and so on I tell you now I will never ever back any product that has not been released and review or a has a money back guarantee I can trust.

Re:Annoying for small projects

[serviscope_minor]

Thing is quite a lot of failures aren't scams either. Turning something into a physical product is much, much harder than most people realise, especially if you're aiming for mass manufacture. It's not even easy to hire people to do it: if you don't know enough about it then even figuring out if the engineer in front of you is good or not is incredibly difficult.

There are some successes like yours (and a few I've backed), some fail due to legit business reasons (one I backed), some fail due to wild optimism, incompetence and other things. And some are outright scams. The thing is, people often confuse the last two.

Re:Annoying for small projects

Good ideas.

Now, start your own crowdfunding company that promise to sue anyone who spend on "trips to Vegas" etc. If there is a market for it, you'll have more investors than indiegogo because of less fraud risk. And with more investors, you'll have your (honest) entrepreneurs too.

Re:Annoying for small projects

In this case it's a product that obviously would have never worked without the backing of every major banking organization. $9m is not even a scratch on the surface of the kind of money you need to get those guys to play ball with you. The people running the project were fools, and so was everyone who invested thinking it was just a technological problem.

Re:Annoying for small projects

[GoChickenFat]

So what you're saying is a system where people emotionally "invest" without any real information or due diligence, sometimes creates massive failures, is now broken because the inevitable has happened? I'm sure a massively larger population have been ripped off by ebay transactions yet it still thrives with both backers and skeptics. btw, congrats on your successful campaign. Why not just focus on promoting that positive experience.

Re:Annoying for small projects

That's all interesting, but most of us backers already understand that backing is not an investment. They aren't putting our money into a guaranteed product, there's always a chance that the project will fail. I've backed several on Kickstarter, and they've all been successful. Basically, it's better to think of these crowd-funding projects as donations. You aren't investing, you don't get shares or stocks or a vote at any shareholder meeting. You're not pre-ordering. You're not buying a product. You're donating some money to someone's retirement fund, and if you're lucky you might get something in return. You're more likely to get something in return if those people are reputable, but it's still always a risk.

Re:Annoying for small projects

[fyzikapan]

Pretty much spot on. I've worked in academia and high tech manufacturing. Cobbling together something only you will ever use is pretty easy. Making a single novel-ish transistor isn't terribly difficult either. Scaling either up to mass manufacturing is an entirely different story. I suspect that leads to a lot of startup failures. People who have never held down a real job are thinking that work will basically be like college except with a constant inflow of money. They've never had to deal with suppliers, troubleshoot weird issues that fuck up 1% of goods, write solid documentation that end users can understand, etc. Getting products to market simply requires an entire skillset that you're not going to get unless you actually have experience. Just getting the things made is a giant amount of work. Then you have to deal with chip support and work with banks if you want it to be anything more than a really fancy card-shaped decoration that doesn't actually do anything useful.

Can't deliver

Can't deliver, they'll shift their line of business into Pr0n, with that amount they can screw any teens who wanted cash.

Another pair of American cowboys

takes off with the loot. This is just one more in a long string of heists that Americans have pulled off using crowdfunging websites. It's the American business model I guess, find someone who is willing to pay or invest, then just make off with the money, knowing very well there was a clause in the contracts or agreements that allowed you to.

If you're an American, you may have some chances to recover your money or investment. Which also gives the signal to Asians, Russians, and Europeans: if the business is American, be very careful before you buy in, because you have 0 chance of getting money back if it fails.

case in point: Theranos!

... they're still standing though

lazy fools

I bet the boys had great fun spunking $9m,their mistake was that they could con another bunch of fools every few years to keep the con going.

Not copy authorized

[DrYak]

The way actually successful implementations of this idea work, is that the card is yet another chip with its own identity and keys, and you can register it as an authorized id at the other companies.

i.e.: you do not *copy* 20 different credit card on it, you ask your 20 credit companies to accept also the key inside this card as ID proof.

that works nicely because wireless NFC / RFID (and contact smartcards for the LUDDITES! still using that ;-) ) is standardized, meaning that in practice it really all boils down to "accept yet another key", there is no real need to modify hardware.

---

(And yes my second example is a plain watch which also has an RFID chip. Not a smartwatch with software controlled NFC. It completely predates the Apple Watch craze by a few years. And actually works with way much more different ski resorts accross europe than advertised).

1000 terminal attack

[DrYak]

Granted, it doesn't change anything in your scenario, but given European chip 'n pin do connect, I doubt you attack would be feasible (ignoring the fact you need a 1000 unconnected terminals, which is doing to be very hard to find).

That attack would definitely be feasible.
*BUT* the unconnected terminals would be limited to a small amount only.
So at the end of the day, the bank only loses a couple of thousands of EUR, (Well within something they can live with)
or bounces the transaction back and a thousands of shops are a few dozens bucks back. (Again, well within something they'll survive with)

Contact less payment are basically the same but even lower (only a few bucks are accepted without asking for a PIN)

Re:1000 terminal attack

[jawtheshark]

Granted: Feasibly. Perhaps I should have been more clear: it would be hard, and not really worth the effort.

Technically feasible... Practically, though... much less.

Not copying

[DrYak]

That's why 'plastic' could never mimic a chip card; because to mimic the behaviour and 'signing capabilities' of such a card would require knowing that secret information along with associated algorithms

Or, inversely, it could hold its own sets of secret information, and the plastc compagny would register these as an acceptable form of ID / as altenate accepted signing to the other companies.

(I.e.: when you "copy" a credit card or an access card to it, what actually goes behind the curtain, is that in the DB of the bank or some other company the plastc is added as yet another accepted form of ID for you next to whatever contactless card / RFID fob you were already using).

At lest that's how it is actually implemented in the realworld by other companies that didn't go bust like plastc.

Chip work too

[DrYak]

Actually, they're one of the copy-cat companies which jumped on the idea when the originating company published their idea. That company is still alive, though struggling. The biggest setback was chips. You're supposed to pay using your chip now, swiping is reserved for the restroom. These multi-card cards don't have chips.

Some do.
The idea is that you're not trying to *copy* the data from the source card's chip to the multicard's chip.
The mutlicard's chip has it's own private credential on the chip.
What you do is you register said credential as yet another acceptable ID at the other company.
(So the company isn't accepting only info of Card A - that also got copied on card B. But the company is accepting any of the private key on the chips of either card A or card B).
I can open a shared car with my train pass, because the carsharing company accepts to recognize the train pass as also identifying me.

This concept has been popular for ages for ski passes across european ski resorts : nearly all companies accept each others wireless cards (to the point that it even ended up in wrist watches).

But what do you do?

[monkeyxpress]

So what is the alternative though? Middle men who evaluate prospective investments and allocate your savings accordingly? That is basically how the financial world outside crowdfunding works, and the result has been that central banks have to keep bailing out the bad investments to the point where almost every asset class is detached from any fundamental valuation, and people are paying governments to borrow money from them.

I actually think we are closer to a working system in crowdfunding. Yes there are a huge number of scams and failures, but these quite obviously exist in almost every other investment market. Just look at how things like LIBOR were rigged to understand that an official regulated system is no protection against the same sort of people who might try to take you for a ride on kickstarter. The difference on crowdfunding sites is that it is relatively easy for someone who has done a bit of research into a business to figure out whether the idea is a scam (for example, using basic science). The other thing about these sites is that nobody is crying for the people who lose money on these things. This is how it should be. People waste money all the time. The main problem is when they waste money and then the taxpayer runs to the rescue to bail them out. That crowdfunding still has the notion of buyer-be-ware about it seems quite healthy.

I imagine as these things develop (and move towards micro-equity sites) a whole industry of third-party auditors will spring up who will be able to validate basic information about a business - such as whether the idea has plausibility issues, that the owners are who they say they are, and that the funds are being spent as stated. There are already a lot of these things in place, and I get a sense that many of the people losing money on these scams are actually not that bothered about it, and see it more as throwing a few dollars at a bunch of ideas to see what sticks. This is not necessarily unhealthy if people can handle the losses.

Re:But what do you do?

[spiritplumber]

An alternative could be "Okay, you got funded! Here's a google docs spreadsheet, accessible to all backers, that you can fill with - roughly - what you spent this week, and for what. You have to update it at least once a week. If more than X% of your backers vote to look more indepth, we will look more indepth."

What I did for my indiegogo was update the page with how far along I was ("Today the heat sinks came in! Today we finished machining holes in them! Today the PCBs came in! Today I bought a toaster oven to use for SMD soldering! Today I converted the oven! Today I finished SMD soldering! Today I finished soldering the through-hole parts by hand!"). People were generally happy. When there was a shipping delay because I didn't want to ship lasers out if they didn't have safety glasses included, and the glasses did not come in fast enough, I let people know and this made life a lot easier. Overall I had all of 2 people demand a refund (one was legitimately unhappy with the device, and one was basically trying to keep the laser and also get the money back).

https://igg.me/at/minilaser Here it is/was. You can see these all over the place now, made in china obviously, some even still use my circuit :) I've moved on to a much more powerful design, which I still sell. Not posting my current website since I'm not trying to advertise :)

I like to think that I did thing right.

Job killing regulations

[140Mandak262Jamuna]

All the people who used shout about onerous government regulations that kills jobs and deprives us of liberty will keep quiet now. They will pipe up only when people talk about doing something about fraud.

It is quite easy to steal small amounts of money from a large number of people. Most people will not pursue any serious legal action.

This is a limited liability company. All profits and assets will flow one way to the owners, all liability will stop with the entity that goes bankrupt. But corporations are people my friend. And the courts are ruling corporations have free speech rights, and have ruled spending money is speech, they also have free will, conscience and religious liberty, according to our courts.

It takes two real people and nine months to make a fresh citizen, and just a filing fee to create a corporate citizen. Real citizens can not dodge criminal liabilities of their actions, corporate citizens can. They are only assessed civil damages at best.

These corporations play one party against another and are going scot free. (scot was a kind of tax in old England).

Corporations are a great threat to our liberties. People who rail about and aware of the threat government power poses to our liberties are silent about the threat posed by corporate power.

Re:Job killing regulations

[david_thornley]

If you can prove fraud, you might be able to claw back unspent money from the assholes behind the corporation. In the US, it isn't going to be easy, and if the fraudsters have already spent the money you're SOL.

Venture Capital is always a gamble

The statistics I have seen suggest that 1 in 10 venture capital funded companies is a success. Venture capital investors expect a high failure rate, and build their payout to cater for it - that's why the "cost" of venture capital is so high - they need a massive payout to cover all the failures. And that's after they do all their "due diligence".

Crowd-funding involves no due diligence, so I'd expect a failure rate higher than 90%. I suspect that the only thing protecting investors is a healthy dose of skepticism :-) That, and a number of ventures that are far less ambitious than the average venture capital effort - the less ambitious projects could probably be funded by a small bank loan, because they are low risk.

The existence of scams in crowd-funding should surprise no one. Even experienced venture capitalists get scammed - witness the "water fueled car" type of schemes.

I'd strongly recommend treating any crowd-funded venture as a gamble, and I'd never invest any more than I could afford to lose on any other gamble (including lotteries, horse-racing, etc).

Sorry to hear about your problem, spiritplumber, but it was inevitable that crowd-funding would get invaded by the same scammers as venture capital - after all, they don't have to work as hard to scam the crowd-funding public. Maybe you need to talk to the real venture capitalists for your new project?

~sigh~ here we go again...

This failed because the card manufacturers are not going to allow a device that's essentially a credit card cloner!

(Also, to those saying CC chips can't be cloned, they can, all you need is an unlooper and a phoenix programmer or similar, it's not hard, the magnetic stripe only ones are even easier if those still exist anywhere, those are just three tracks containing a few hundred bits of data, usually the numbers actually embossed on the card)

The security and legal implications alone should have killed it long beffore it died.

That said I don't think there was malice on the part of the developers, I think like most projects of this type, they simply didn't understand the obstacles to what they were doing and gave it an honest try that failed.

Additionally, as I and many others have mentioned before, you are NOT buying a product when you contribute to a kickstarter or indiegogo campaign, you are making a contribution to someone else's work that /might/ get you a product if you're lucky.There are never any guarantees and if it fails, well, tough, if you can't afford to lose any money you contribute to these efforts you shouldn't get involved.

Crowdfunding Campaigns Should Be Regulated

I hope now the SEC will wake up and start regulating so-called "crowdfunding" campaigns as venture capital investments, requiring equity be issued to "backers" instead of just a promise.

Backers of these projects have absolutely no recourse whatsoever, and they should. Typically, venture capital takes preferred equity in the business they're investing in, and crowdfunded projects should be no different. Really, things like kickstarter and whatever were invented solely as a means to circumvent SEC regulations.

It's time to make it stop.

Re: Crowdfunding Campaigns Should Be Regulated

Actually, they're a response to the SEC regulations. They deliberately limit the size of the investment to be below the SEC limits. These limits are designed to keep unsophisticated investors from getting screwed. Basically, this is the only opportunity for the 99% to get in on any low level investment, and you want to kill it. Add SEC regulations and you'll destroy this market and people will be back to having to find about $20m in 2015 dollars to get to QVC with only access to angel money or selling out to big companies.

Citation or you're full of shit

Now, you're just full of shit, but go ahead and give a shred of credible evidence that the American chips can be easily cloned. I'm waiting.

Irony of ironies

[Zontar_Thing_From_Ve]

Of course, I'm skipping over some technical details, but that's basically the gist of it. Also, I should mention that it's much easier to crack one card in a couple of weeks and clone it 1,000 times than having to crack 1,000 separate cards to clone them once. And also, some chipped cards are allowed to be used without the pin, because not everything on a chipped card is encrypted, and that's ok for some businesses because they'll limit the amount of the transaction when the pin is not used, and also they can take other security measures, like video recording the person, or video recording the car of the person who used it, or something else entirely. .

Not your fault as your points are sound, but I find your statements to be a bit ironic. You see, you started your post because somebody bitched about how the chip does nothing in the USA except delay the whole process. I guess you don't know because you're not like this, but the people who say stuff like "The chip does NOTHING in the USA except make the whole process take longer." are also the super paranoid people who find everything to be an invasion of their rights, so they'd also never agree to your suggestions of videotaping their cars, the transaction itself, and so on.

Re:Irony of ironies

[dgatwood]

The chip doesn't do that much, really. Most attacks on credit cards for the past decade have been attacks on the payment terminals themselves, and there's nothing fundamentally preventing someone who has already compromised a bunch of payment terminals from setting up a C&C server, and using it to let them make purchases for free by making the payment terminals recognize their chip in some way and relay the request through a different payment terminal to somebody else's card.

The only thing that would truly increase security would be having a screen on the individual card that shows the purchase info and a button on the individual card that lets you authorize it. As long as the information display and the authorization keystroke are handled by a potentially insecure, Internet-connected device, the biggest security problem with these systems cannot be solved.

Re:Irony of ironies

[networkBoy]

I was under the impression that the chip signed the transaction with a challenge response.

transaction log:
-terminal sends transaction request to bank with card ID, trans amt
=bank responds with challenge OR declines if no funds (end of trans)
-card chip signs challenge
=bank validates signature and sends auth code to terminal OR bank fails signature and sends denial
(end of trans)

-nB

Re:Irony of ironies

[dgatwood]

Which is worthless if the payment terminal is compromised, because the card can't know it the payment terminal is sending out messages on its own behalf or on behalf of another hacked payment terminal on the other side of the country.

Transaction log:

• Terminal 1 gets a chipped card that it recognizes as "special". It contacts a C&C server and finds Terminal 2.
• Terminal 2 reads the card number from some poor sucker's card and sends it to Terminal 1.
• Terminal 1 relays the response to the card provider.
• The bank sends back transaction info.
• Terminal 1 relays that to Terminal 2.
• Terminal 2 sends it to that same poor sucker's card for signing, gets the response, and sends it to Terminal 1.
• Terminal 1 relays the signed response to the card provider.

As far as the card provider is concerned, the card physically present in Terminal 1 was actually used in Terminal 2.

A Fool and His Money

Are soon parted...

Re:A Fool and His Money

Shirley you mean a kickstarter/whatever and his money are soon parted.

Re: A Fool and His Money

[Zebaulon]

No, it's a fool and his money...

And don't call me Shirley!

Re: A Fool and His Money

[syn3rg]

I wish I had mod points.
You sir, win the thread.

Having worked with Verifone (POINT - US) and Ocius

[p4nther2004]

and lots of other vendors....

Third, there is no bank that I am aware of that actually allows for offline transactions.

You need to do more research. Nearly all vendors allow for offline transactions. They merely shift the liability for failed transactions back to the merchant and provide a floor mechanism to be specified by the merchant.

If the merchant wants to accept $5 sales and is willing to take the liability (most do), no problem. If the merchant doesn't want to accept liability....also no problem (the transaction will be failed).

ermm

How many credit cards does a person need? I will answer that for you, one! Two if your job requires you to travel alot.

Use Revolut

Use Revolut, it's great.

One Mastercard, one account, three balances - EUR, USD, GBP - currency exchange at the interbank rate with no fees. You can actually *watch* the real time exchange rate changing in the exchange page.

Ah - note it's not permitted in the USA, regulations.

You can get it when you're outside of the USA, and then keep using it once you're back inside.

USA seems totally fucked for banking. I had bank accounts there, closed them, the banks were staggering awful. I mean, OMG. I've only met one bank outside the USA which was as bad.

Sucker born every minute

[Chris+Mattern]

Because Lord knows I want to trust my financial transactions to a start up with no proven record of performance or trustworthiness, and pay for the privilege!

Not a preorder!!!!

[EvilSS]

The summary is wrong, these were not "preorders". This is the whole problem with crowdfunding and it's the reason I think they either need to either outlaw it, or require some sort of educational barrier to entry. Require new users to go through a course and take a test at the end so they understand WTF they are actually doing with their money. Most people do not understand that Kickstater and indiegogo are not storefronts to go preorder stuff, they are sites for FUNDING a company or product. That comes with a lot of risk. Fraudulent projects aside, it's entirely possible that it will fail for legitimate reasons. Inexperience, production issues, regulatory issues (oops, looks like we need FDA approval? RIP). Before these microfunding sites came to be there were some hefty barriers to entry, both financial and regulatory, for people wanting to invest in new companies. It was assumed if you could get over those barriers you at least knew enough to know what you were getting into, even if it didn't mean you would make wise choices.

Mother fuckers

Mother fuckers. Yes, I guess I'm out $500. My mistake.
Do you think I'll make the same mistake again? Back another company as such?
Nope. Steal from me once, shame on you. There'll be no shame on me.

And honestly -- $500 is nothing to me. I've made myself a millionaire.
You know -- the hard way. I worked for it. Paranoid enough though that this will be anonymous. :)

It's the principle. Mother fuckers.

Sucker

https://www.youtube.com/watch?v=hu0Bm_HfX-s

actually more secure

The card required your phone to be nearby to work and had some extra security features. If you lost the card, the only thing the thieves would have was an expensive piece of plastic. Actually MORE secure than the original implementation.