Somewhere, right this minute, some ad agency people are working on a credit card or retail store account creating ads touting the benefits of new credit cards that you don’t have to swipe through a machine.
Here’s hoping they don’t sucker too many people into believing that these are secure transactions. From The New York Times:
The card companies have implied through their marketing that the data is encrypted to make sure that a digital eavesdropper cannot get any intelligible information. American Express has said its cards incorporate “128-bit encryption,” and J. P. Morgan Chase has said that its cards, which it calls Blink, use “the highest level of encryption allowed by the U.S. government.”
But in tests on 20 cards from Visa, MasterCard and American Express, the researchers here found that the cardholder’s name and other data was being transmitted without encryption and in plain text. They could skim and store the information from a card with a device the size of a couple of paperback books, which they cobbled together from readily available computer and radio components for $150.
They say they could probably make another one even smaller and cheaper: about the size of a pack of gum for less than $50.
And because the cards can be read even through a wallet or an item of clothing, the security of the information, the researchers say, is startlingly weak.
Michelle Jun says
Did you know that credit card companies can change the terms of your contract at any time? That’s just one of the credit card traps that can trip up consumers and lead to spiraling debt. Consumers Union, the nonprofit publisher of Consumer Reports, has put together a lighthearted animated holiday-themed satire about abusive credit card fees and practices. Check out “It’s Always Christmas Time (for VISA)” at http://www.creditcardreform.org. Be sure to take action after viewing the animation!