SoylentNews is people
SoylentNews
Arthur T Knackerbracket has found the following story:
Elements of the payment card industry have introduced a new contactless payment card security feature, designed to defend against relay attacks.
Relay attacks were first demonstrated nine years ago by a team of computer scientists Saar Drimer and Steven Murdoch.
The pair also suggested how the security flaw can be mitigated using a technique called distance bounding). Mastercard has taken up this defence, meaning its cards (at least) are protected.
“Finally the banks are now implementing this defence, though only for contactless cards (as they are more vulnerable than the contact Chip and PIN cards that were available in 2007), and so far only for MasterCard cards,” Murdoch told El Reg.
Murdoch says that although the relay attack is real it’s unclear whether or not fraud based on the security weakness has actually taken place.
“I’m not aware of any confirmed cases, other than academic experiments. However, unless this were a widespread fraud, I don’t think I would have heard about it even if it had happened,” Murdoch explained.
“There have been bank customers who have come to me or colleagues to say that they have been refused a refund for a Chip and PIN transaction that they said did not take place. In some of these cases it might have been a relay attack, but in almost every case it is never established what happened.”
“The banks have taken the position that a relay attack is unlikely and since the decision of whether a bank refunds the customer is based on the most likely explanation, the bank always presents another scenario as being the most likely (normally customer negligence),” he added.
(Score: 0) by Anonymous Coward on Friday August 05 2016, @05:31PM
- The bank statement become cleaner and easier to audit.
Does it though? You just see a big blob of "monies I took out of my account" as opposed to "I paid this entity X for Y".
- It's trivial to establish one's budget and stick to it. Visit the ATM once per week to get cash.
But that much harder actually tracking WHAT you spend it on. Sure, you stick to your 'I spend X per week' but once you start spending 90% of your X on booze, no-one will know.
- Internet connectivity is not necessary to see how much you've spent so far and how much you have left.
Neither is internet connectivity necessary if you have your statements mailed to you
- You can still buy stuff during power outages.
Actually you can't because the POS will be down. It's UPS will eventually run dry (I know you're going after the "but but but... sustained power outages I mean")
- Effectively spying on cash transactions would require monumental effort.
You get one internet point
- If I'm mugged, sure my cash is very likely gone for good, but that's better than having my checking account cleaned out.
What about getting stabbed in the face because you only had 25 USD on you and your mugger wanted more. With a credit card, I can file a fraudulent charge and recoup the money.
- No worries about $5 minimums.
5 USD minimum? Where the fuck do you live? Over here it's 1 USD minimum and that's reasonable. When was the last time you bought something under 1 USD?
- Trivial to pitch in for pizza or whatever on video game night while everybody else is fumbling around with IOUs and "I'll get it next week."
I have friends I can trust so the "IOU's" and "I'll get it next week" is not an issue.
- The utility for poker players and 4-player mahjong is obvious and probably doesn't need a mention.
I have no idea what this is about...
I'm sure there are many more reasons to use cash for everything except bills (and online purchases, but here's hoping bitcoin becomes more popular).
Oh $DEITY please fuck no... BitCoin is much more traceable than credit card transactions. Anonymous, sure, untraceable, no. And with traceability comes the destruction of anonymity (ever done any signals or pattern processing?).
Hand that internet point I awarded you earlier back in... with your geek card!
All in all, don't quit your day job, kid!
(Score: 0) by Anonymous Coward on Friday August 05 2016, @05:40PM
parent poster here, regarding this big
- You can still buy stuff during power outages.
Actually you can't because the POS will be down. It's UPS will eventually run dry (I know you're going after the "but but but... sustained power outages I mean")
I'm sure someone will say that with cash, you don't need a POS and you can just handle the transaction off-line, but I challenge you to find a place that will actually do this.
1) they won't know the price because the thing must be scanned with the bar-code reader, and like fuck do they know those prices by heart
2) Corporate headquarters will not allow them to do off-line transactions because it deprives them of real-time sales telemetry
3) Corporate headquarters will not allow them to do off-line transactions because it thinks that all their employees are thieves and will just pocket all the money
4) The till won't open because it uses electricity to unlock, you dipshit, they can't give you your change back
5) In sustained power outages, you'll never get past the lunatic with a 12-gauge trying to 'protect his store and warez'
People seem to forget how much stuff goes down when the electrons stop flowing.
(Score: 2) by jmorris on Friday August 05 2016, @09:20PM
You forgot:
6) They don't know how to calculate the sales tax. You probably don't either. No it isn't a fixed percentage.
7) Most cashiers can't manually make change. A phone's calculator can at least solve this one if you get one with at least animal intelligence.
But your 5) is just narrow minded bigotry. No shopkeeper is going to stop you if you are a cash wielding customer and he is in a position to actually take your money. Remember that the guy behind the counter is of one of two types. The first 'just works here' and doesn't give a crap, he is outta there long before the marauding hordes start roaming, probably carrying off the choicest loot himself. The second owns the joint and he is going to be the one you encounter with a shotgun defending what is his from the orcs. All you have to do is convince him you aren't a threat and that isn't generally difficult.
(Score: 2) by t-3 on Saturday August 06 2016, @05:46AM
5 USD minimum? Where the fuck do you live? Over here it's 1 USD minimum and that's reasonable. When was the last time you bought something under 1 USD?
Where the fuck do you live? $5 minimum is standard for small businesses where I live, and everywhere else I've been.