Friday, February 3, 2006

Contactless and Clueless

New York Times: Quote: "One new card, from Chase Bank U.S.A., is actually called Blink — and it raises financial red flags for me."

I have to agree. These so-called "blink" or "contactless" cards say it all. In most cases, using these cards does not even require a signature. That's how they "speed up the transaction!"

Question: Who does the bank "contact" if these "contactless" cards are used fraudulently? It seems to me that they will INCREASE fraudulent activity. If you don't have to sign or "verify" the transation, then how do they know it's you making the transaction? In addition, one can lose their "blink" card (or have it stolen) and ANYONE...yes ANYONE can use it.

On the other hand, I love the idea of Pay by Touch. I understand it uses a series of 40 algorithms to identify you during the "scan" (not the actual fingerprint) AND you need a PIN.

I saw a recent study that said a "Signature debit" transaction is 15 times MORE likely to be fraudulent than "PIN debit".

Logical dictates that a person must conclude that a "biometric signature" combined with a PIN would be immensely more secure than a contactless, signatureless, PINless transaction.

Yet Visa and MasterCard charge the higher "card not present" rate (higher because of higher fraud risk) to PBT merchants....which, frankly, is illogical. (I think it's ill-advised as well, considering the potential ramifications of this suspiciously anti-trustworty act.)

For future payment systems, my money is on Pay by Touch. More secure, just as fast, can't forget it at home, and for those who will argue that I can lose my finger or have it stolen, let me make you aware of the fact that biometric sensors "sense" both pulse and warmth.

For privacy advocates, I'd argue that you haven't really read up on how biometrics work. (The Pentagon uses biometrics to prevent unauthorized access. Unauthorized access is intrusive, not the other way around. Checks have ALL your information imprinted on them, Cards have names and account numbers which cell phone camera's can "snap" a shot of in the "blink" of an eye.

Although nothing is 100% fool-proof, what are the chances of reverse-engineering 40 data points to come up with a correct algorithm AND knowing the PIN number?

Pay by Touch partners, IBM, NCR, Accenture and Discover have "fingered" biometrics as the "wave" of the future. So don't be "waving" cards I say as I wave my finger in warning.
Oh, did I mention that merchants pay the same Interchange Rate on blink/contactless cards as they do on magnetic strip cards? So what's the benefit to merhants again? A faster checkout? With increased risk? At the same rates? Hmmm.

You undoubtedly have seen all the retailer lawsuits against Visa and MasterCard based on their Interchange Rate. The potential liability from these merchant lawsuits are impelling MasterCard to IPO (in order to raise enough money to pay the settlements...) I hope the SEC makes potential investors aware of this.

Pay by Touch transactions cost merchants up to 70% LESS than Interchange by utilizing the ACH network for debit tranactions. Who needs Visa/MasterCard for debit anyway? Aren't they "credit card" companies?

So take the money you would've given to MasterCard's IPO and save it for Pay by Touch's. (The say it'll likely happen in the next 12-18 months. They're more likely to earn you a return whereas MasterCard will use the money raised from their IPO to pay fines and attorneys.