Slashdot Mirror
Plastc Swiped $9 Million From Backers, Now It Plans To File For Bankruptcy and Shut Down (theverge.com)
Plastc announced today that it is planning to file for bankruptcy and will shut down on April 20, 2017, after raising more than $9 million through preorders and shipping to no backers. "Plastc launched in 2014 with the promise of shipping a single card that could digitally hold 20 credit or debit cards that a user could switch between," reports The Verge. From the report: With that, all backers' money is lost, and no Plastc cards will ship. Plastc announced the news on its website today along with the fact that all its employees have been laid off. Its customer care and social media channels have also been shut down. The company explains that it thought it would close $3.5 million in funding in February this year, but that fell through. Another possible investment deal of $6.75 million fell through, too. What's not clear is how more than $9 million wasn't sufficient to get backers their orders. Backers will likely have questions and want their money back, but with no one to turn to from Plastc, they'll likely be out the cash.
Uh, guys? You check the calendar? You're a little late with this story, don't you think?
“He’s not deformed, he’s just drunk!”
The chip does NOTHING in the USA except make the whole process take longer.
I agree with you, but just to clarify.
It's not the chip that makes the process take longer, it's the US regulation that comes with the US chip that makes the process take longer. And the American regulation requires that the chipped card checks the bank balance and do all the handshakes between multiple networks in real time before it allows the transaction to take place, hence the extra delay.
As opposed to Europe, where the European chipped card could work in a place with no phone reception and no network access, the balance would be kept on the card, and the balance would later be reconciled in a central ledger at the end of the day, or at the end of the week (I'm not sure which). But this of course made the card super fast to use.
In other words, let's say you have one thousand dollars in your checking account. In the US, a cloned card could effectively steal that $1,000 from you. But in Europe, let's say you have 1,000 Euros in your bank account, you make 1,000 clones, and you ask 1,000 criminals to all use the card at the same time by sending them the pin via text messages all at once, then it would mean that the bank could potentially lose 1,000,000 Euros by the time it adds up all the transactions of 1,000 Euros when it finally reconciles everything.
Of course, I'm skipping over some technical details, but that's basically the gist of it. Also, I should mention that it's much easier to crack one card in a couple of weeks and clone it 1,000 times than having to crack 1,000 separate cards to clone them once. And also, some chipped cards are allowed to be used without the pin, because not everything on a chipped card is encrypted, and that's ok for some businesses because they'll limit the amount of the transaction when the pin is not used, and also they can take other security measures, like video recording the person, or video recording the car of the person who used it, or something else entirely. And in the end, no system is perfect, and that's ok. A security system just needs to be difficult enough for criminals to crack and low reward enough to make the risk too high for most criminals to want to take.
As opposed to Europe, where the European chipped card could work in a place with no phone reception and no network access, the balance would be kept on the card, and the balance would later be reconciled in a central ledger at the end of the day, or at the end of the week (I'm not sure which). But this of course made the card super fast to use.
I haven't seen any chip and pin device in Europe that DOESN'T require an authentication / authorization step. If it's allowed at all it would only be on small transactions - train tickets, snacks etc. The same is true for contactless transactions which don't require authentication on small payments but will still authorise payment usually by asking a server.
It also doesn't make the process any slower in my experience than paying by swipe. If chip and pin is slow in the US it's probably more to do with people being unfamiliar with the process, inconsistencies between different stores / banks, or people forgetting their pin etc.
And the American regulation requires that the chipped card checks the bank balance and do all the handshakes between multiple networks in real time before it allows the transaction to take place, hence the extra delay.
That is not typically the reason for the delay. The fact of the matter is that the US region required online processing for EMV because at least 90% of the transactions in the US were already online only. There are some significant attacks against offline EMV that are entirely mitigated by online processing. There are no known attacks on Online EMV with card present. Even without a PIN, you cannot duplicate someone's card or skim it. You can steal someone's card and use it, but you cannot create a cloned copy of the card and use it.
The problem in the US is entirely with poor implementations. The most inexpensive terminals manually check a list of supported brands against the card's brand(s) one at a time. The brands have IDs that can be incredibly specific. A lot of the processors I've worked with want to manually add each and every ID to their configuration basically saying "I support North American MasterCard. I support Australian MasterCard. I support European MasterCard..." for basically every region in the world when they could just say "I support MasterCards of all types." So the card terminal sits there for a solid 10- 20 seconds just going through its list asking the card "Are you this brand?" Literally. Regulations in the US require you to support "US Common Debit" if you're going to allow debit transactions. There is literally one additional ID that is required to be supported in the US versus other regions. Furthermore, you'll find that transactions go online and receive approval in Europe somewhere on the order of 70+% percent of the time and are still faster than US transactions. I'm working on a project right now for a company halfway across the world from me and, when I have control of the terminal flow, I can run through the entire process from the US, 8000 miles, back to the US for issuer authorization, then back that 8000 miles to the processor and back to me in about 300-400ms. With a processor who lives in the same city, I can complete a transaction in 100-200ms on a slow day.
When I say that, I'm obviously excluding transactions that require prompts, but one where I have the terminal flow set to run the transaction from end to end the instant the card is inserted into the terminal with no further human interaction required.
As opposed to Europe, where the European chipped card could work in a place with no phone reception and no network access, the balance would be kept on the card, and the balance would later be reconciled in a central ledger at the end of the day, or at the end of the week (I'm not sure which). But this of course made the card super fast to use.
They have not done this in Europe or anywhere else in a long time. I think the last card issued that behaved in this way was around 2007. Some of them haven't expired in their countries of origin and you still have to support this capability in some regions, but it's being phased out. You cannot trust a balance from an offline transaction. The terminals all have a transaction ceiling which, when hit, a transaction is forced to be processed online. In the US that limit, from a liability standpoint, is $0. For most European merchants, they use somewhere on the order of 20-40 pounds/euros/whatever. Basically a high enough limit that you can recharge your metro card. That limit is also based on the type of merchant as well. The majority of card fraud occurs at gas stations and the industry has completely different rules for unattended gas pumps.
And also, some chipped cards are allowed to be used without the pin, because not everything on a chipped card is encrypted, and that's ok for some businesses because they'll limit the amount of the transaction when the pin is not used