J.P. Morgan Chase is about to offer a contactless credit cards (this CNN article is one of those commercial, hype generating ones with a lot of air and no meat.)
The “contactless” cards contain a special chip recognized by a merchant’s terminal when consumers pass the card in front of the machine. The reader beeps to signal that the transaction has been authorized.
The new payment method doesn’t require a customer signature, making it more convenient and time-saving for consumers.
The new cards are embedded with encryption software to prevent duplication and data theft, the bank said, noting there was less chance of losing a card if you don’t have to hand it to a store employee.
So:
1. No requirement to show the card to the teller.
2. No signature.
My interpretation is that the CC providers finally concluded that these steps are not major factors in fraud and they can eliminated. After all, we all know that the signature part is a joke and comparing the name/signature on the card to an ID just raises the difficulty bar by a little. Maybe.
There are legitimate concerns about the security of these contactless cards but I’d like to think that they covered their backs with this kind of money involved, but I might be unpleasantly surprised. Besides, it goes PING when the transaction is complete! I am sure they will milk that “cool” feature to the bone; who gives a crap about security when you have a machine that goes PING?
I’m not convinced. The incentive for credit card companies to actually do something ‘secure’ is at a bare minimum. When fraud occurs, they force the store to eat the charges, not the the lender. Then they charge ginormous interest, and then they get the feds to give them special legislation that allows them to repossess mom and pop’s store and property if they default on their payments. Why be secure? They’re no money in that.
So you wave your card in front of a machine. Whoopee. I do that everyday at work and believe you me, shit still gets stolen from our company by non-employees. How does the door-unlocker mechanism know it’s me? It doesn’t! This solves nothing and I’ll bet dollars to donuts that nobody adopts the technology.
Today the greatest source of ID theft and credit card fraud is due to credit card handling. The use of skimmers to ‘steal’ the credit card data is rampant. This solution seems to offer a short term way to stem the tide since ‘wireless skimmers’ will be rare.
As a consumer I see two distinct benefits:
1) The issuing company appears to be more concerned about security
2) I don’t like letting anyone take my card – especially waiters who disappear for a few minutes. I’d much rather wave it at a scanner.
Will it really affect me? The credit card company indemnifies me anyway. But I really don’t want the hassle of cleaning up after my ‘identity’ has been stolen.
I predict someone will VERY soon hack a card reader and install it in a crowded public area where it can “wave” your wallet and you can kiss your credit goodbye!