UPDATED 19-05-2013 – Coincidentally my favourite tech site www.the-gadgeteer.com ran an review today on StewartStand RFID-blocking Card Case
It wasn’t that long ago that we were happy to queue at the till and wait for the salesperson to fill out the credit card slip, imprint it with the card details and then get us to duly sign the carbon copies.
This process did us for years, and whilst fraud was possible it was rarer than it is today. However the need to authorise tranasactions and ensure that 1) the card wasn’t stolen and 2) sufficient funds would be honoured by the card issuer led to the advent of Point of Sale (PoS) terminals.
PoS terminals made possible by cheap modems and the ability to quickly (well quickly by those days standards) generate an authorisation code for a transaction, both sped up the till process and provided some improved assurance to both merchant and card issuer.
We were still happily signing away little slips of paper happy that the APACS (now the UK Payments Authority) protocols were dishing out the valid authorisations.
(Little side story: In the 90’s I developed a mobile PoS solution using a Verifone terminal and a Nokia phone that worked over GSM and provided APACS 30 authorisations in under 15 seconds!! – I can see you’re impressed – Click here for the proof).
Fraud was still rife and copying cards and their near simplistic magnetic stripes was easy, so the industry needed something more secure. We had started to get use to using PIN numbers in ATM’s to get at our cash, so a means to use that PIN out and about for card authorisations was needed. And thus we entered the era of Chip & PIN. The chip of course is the little embedded chip we have all come to know on our credit cards. This chip, also known as a Smart Card and yes it is pretty much the same tech as you get in your mobile phone SIM card, provided a means of validating the authenticity of the PIN code without actually carrying said code on the chip. This allowed the PoS terminals to validate the PIN’s authenticity before continuing with any transactions whether offline or online. Rolling out in full in the UK from 2004, this has become the near defacto method of processing card transactions in retailers. (Although when all else fails we can still wait and sign a piece of paper!)
However this was still not fast enough for the Generation Y & now Z populous, and a faster way of spending our dosh was needed.
Along comes Near Field Communication (NFC), a tech looking for a problem pretty much. Take a look at the link for the full gory details, but basically it is a mechanism by which two devices can exchange a small amount of data very quickly by being in near proximity to each other, say 4 inches. It’s a more grown up version of RFID, those smart tags placed on products so they can be tracked from manufacture to consumer – yes big brother is watching and knows what you like!
NFC offered a great opportunity to the payments industry to effect a faster way of authorising and processing a payment transaction than the old slow and kludgy Chip and PIN. Basically with NFC embedded in your credit card (or debit) you could merely wave your card at a terminal and pay and thus Wave & Pay (Not sure if anyone has trademarked it as such and variations on a theme exist, but you get the gist)
Slowly becoming more and more available across banks and card issuers, you can now buy your McDonalds or pay for your lunch at EAT with a mere flick of the wrist.
Payments are currently limited at the moment to around £20 per transaction, as the thought of someone nicking your card and walking into Currys and making off with a 50″ TV was somewhat of a worry.
However it seems that all is not golden in this new dawn. People’s anxiety about problems with the proximity of their cards to readers, whether genuine or rogue, seem to becoming to fruition. As the BBC Article today postulates, customers at Marks & Spencer who have rolled out contactless (wave & pay) PoS terminals, are having their cards erroneously charged.
In my mind these are early teething problems, and only the start of what the fraudsters may also come up with. Don’t forget the big stories of the PoS terminals being tampered with and recording all Chip & PIN transactions in the likes of petrol stations.
If however you are concerned about the rogue element of having a contactless card in your wallet and purse, can I suggest you bolster the coffers of the entrepreneurial people who have come up with the concept of RFID shielded wallets and purses. These items protect the contents, whether credit cards with NFC or indeed passports which now utilise RFID, from being read. UK companies are waking up to the revenue opportunities – RFID Protect and as ever the savvy Chinese manufacturing market has started to produce the goods – YAS Product.
So it’s now a case of wirelessly protecting your assets or Waving & Praying!!
UPDATED 19-05-2013 – Coincidentally my favourite tech site www.the-gadgeteer.com ran an review today on StewartStand RFID-blocking Card Case