In the mail today I received my new chase Visa card with Blink. My existing card doesn’t expire for a couple of more months, but I guess Chase wanted me to start using their new Blink technology right away.
What is Blink? It’s similar to a “smart pass” card some of you use at the gas station. For specialized readers, you can simply hold your card up to the reader and it will read your credit card information. You don’t even have to sign for anything. In fact, you don’t have to take your card out of your wallet. Isn’t that nice?
See, they’ve embedded an RFID tag in the card. That way any merchant or technology savvy hacker can glean your credit card information just by being in proximity of you. Isn’t that special? And since you don’t have to sign for purchases over $25 they can use that card all they want before you probably realize it’s been duplicated.
Oh! Now, I almost forgot! They do tell you that it works just like a normal credit card in that you have the same type of theft protection. So if someone did rip off your credit card then all you have to do is tell them it wasn’t you…..provided that they don’t ask you to prove that it wasn’t you. I mean, you didn’t sign anything, right?
Needless to say that because I work in the wireless space I am not too keen on RFID tags with this type of information in them. I called chase to get a normal card, without an RFID tag:
Me: Hi, I just got my new credit card with the Blink RFID tag.
CSR: Great! What can I do for you.
Me: I’d like you to cancel it and send me another card without the RFID tag.
CSR: Can I ask you why you want to do that?
Me: Because I work in the RF space as well as IT and I don’t think it’s secure.
CSR: It’s very secure. You don’t even have to swipe it like a regular credit card. In fact, you don’t even have to take it out of your wallet. (I don’t bother to explain this is what bothers me. I guess they haven’t seen the articles, forms, and videos of hackers stealing credit card info just by sitting on the subway train next to you.)
Me: I see. So you’ve seen all the youtube video’s of people hacking these things, right?
CSR: Uh, no. [silence] Let me see what I can do to get you another card.
What is Blink? It’s similar to a “smart pass” card some of you use at the gas station. For specialized readers, you can simply hold your card up to the reader and it will read your credit card information. You don’t even have to sign for anything. In fact, you don’t have to take your card out of your wallet. Isn’t that nice?
See, they’ve embedded an RFID tag in the card. That way any merchant or technology savvy hacker can glean your credit card information just by being in proximity of you. Isn’t that special? And since you don’t have to sign for purchases over $25 they can use that card all they want before you probably realize it’s been duplicated.
Oh! Now, I almost forgot! They do tell you that it works just like a normal credit card in that you have the same type of theft protection. So if someone did rip off your credit card then all you have to do is tell them it wasn’t you…..provided that they don’t ask you to prove that it wasn’t you. I mean, you didn’t sign anything, right?
Needless to say that because I work in the wireless space I am not too keen on RFID tags with this type of information in them. I called chase to get a normal card, without an RFID tag:
Me: Hi, I just got my new credit card with the Blink RFID tag.
CSR: Great! What can I do for you.
Me: I’d like you to cancel it and send me another card without the RFID tag.
CSR: Can I ask you why you want to do that?
Me: Because I work in the RF space as well as IT and I don’t think it’s secure.
CSR: It’s very secure. You don’t even have to swipe it like a regular credit card. In fact, you don’t even have to take it out of your wallet. (I don’t bother to explain this is what bothers me. I guess they haven’t seen the articles, forms, and videos of hackers stealing credit card info just by sitting on the subway train next to you.)
Me: I see. So you’ve seen all the youtube video’s of people hacking these things, right?
CSR: Uh, no. [silence] Let me see what I can do to get you another card.
No comments:
Post a Comment