Money- Financial information and advice for finance, insurance, mortgages and loans. Commercial Equity in investment management groups. Credit Card accounting and dept consolidation for credits or bankruptcy. How to buy and sell with the best stock and funds prices to get profits.
|Chase Deploying Touchless Credit Cards -
J.P. Morgan Chase, the US' 2nd largest bank, is working out to create 'contactless' credit cards, presumably using RFID technology.
The new payment method doesn't require a customer signature, making it more convenient and time-saving for consumers. |
Pleople have to wonder if the next crime wave of the future will be criminals walking through crowds with readers to grab customer info. Chase says, however, that 'new cards are embedded with encryption software to prevent duplication and data theft' but since RFID has been cracked before, and the criminals are usually more clever than the vendors.
|Smart Cards to secure money transactions|
|Smart cards are actually little processors or small computers included in a card. |
With current credit cards, all the mag stripe has is your info repeating over and over. You swipe it, the reader gets the number and contacts your bank (indirectly, they actually talk to an auth network who talks to Visa/MC and so on) to see if you have the necessary funds. If so, it places a hold on those funds and the transaction goes through.
The problem is that the information isn't encrypted in any way so all someone needs to do is copy it.
A smardcard is more secure than a credit card because use encrypted information
The reader on the terminal is then able to talk to the microprocessor on the card,
usually sending information that is then verified using encryption technology (public key encryption).
As a result, it's not possible to just run around and collect the info from cards,
because they'll never give out secure information.
They only give back cryptographically secure results in theory. |
An example for the smartcard in US is the American Express "Blue" card. SmartCards can use contact or contactless technology, and are in use for nearly a decade using RFID induction technology to communicate back and forth. Note that existing contactless technology is sufficient for this credit card, with a maximum range of up to 10cm.
A similar technology is already in use in Europe as well they have some the chip & pin way of using credit and debit cards at Point of Sale.
The smart cards are more secure because the only information on the card is your personal account number and how much money you have on the card. At the end of the day, on mobile fare collection systems anyways, the data is transfered at the depot to a server which updates the main account information. As to store systems, the data is retrieved immediately from the server and updated. If your card is stolen or lost, it is like loosing cash at least until you call the card issuer and they freeze the account.
Not the case with a smart card. What happens with those is a challenge is sent out be the machine and the smart card computes a response. It's public key crypto. So the bank gives or withholds authorization off of the correctness of the response to the challenge. So finding the correct answer to a given challenge is worthless, since they are always different. You can't copy the data off the card, they don't allow that.
In Japan where thre use of these type of contactless smart cards is wide spread and , which used this technology for fare collection. The bigest problem I had and still have with the system here is that you load up your card with virtual money. So in essence you pay before you play. The main supplier of the actual chip is sony sony felica and other good examples of the technology are Suica - Eurotechnology , Edy and others Smart Card Reader combines contact/contactless technology.
The black market for stolen credit card numbers and identities.
The internet have a the black market where stolen credit card numbers and identities
information are selled via online stores.
People can call them thugs or thieves, but on their follow their rules and have
own closed forums and referral-only Web sites, they value honesty and reputation.
They also have one #Cardz IRC channel and use anonymous internet connections.|
These credit card numbers and data are almost never obtained by criminals as a result of legitimate online card use.
|Frauds could be offline, when credit card number thefts take place is normal sites like restaurants,|
|Online frauds occurs when computer tapes are stolen or lost, or using 'pharming' sites,
which mimic a genuine bank site and dupe cardholders into entering precious private information.
Another source of credit card data are the very common 'phishing' scams,
in which an e-mail that looks like it's from a bank prompts someone to hand over personal data. |
Commerce must follow the FAIR AND ACCURATE CREDIT TRANSACTIONS ACT OF 2003 to ensure the privacy to their customers. In many restaurants or hotels, people made get reservations paying pay with a credit card using the phone, fax and even e-mail - to process a payment, all the information required is the card number and expiry date. Many people collect their receipts from us upon checkin and just throw them away, without any thought about the card details and information contained.
Wells Fargo have lost the data twice and shaked the lives of tens of thousands of poor people employed at HP, IBM and other places by losing personal data not just once but twice . It appears that someone who let unencrypted financial details of customers' employees on Windows laptop.
The staffer received a note this week from Wells Fargo, saying the financial institution had lost a computer packed full of sensitive data such as customers' names, addresses, Social Security numbers and Wells Fargo mortgage loan account numbers.
Wells Fargo has admitted the loss, telling us that it affected a "relatively small percentage of Wells Fargo customers." The company, however, has millions of customers, so it's pretty tough to tell what a "small percentage" means.
|Information for Lawyers, Private Investigations and Legal Research
Western Union is blocking money transfers to people with Arab names.
The offices and agencies have delayed or blocked thousands of cash deliveries and transfers
on suspicion of terrorist connections
simply because senders or recipients have names like Mohammed or Ahmed. |
For example, an Indian driver here said Western Union prevented him from sending $120 to a friend at home last month because the recipient's name was Mohammed.
Western union claims they are merely following U.S. Treasury Department guidelines that scrutinize cash flows for terrorist links. I agree that Western Union shouldn't allow anyone supporting terrorism to use their service, however I'm fairly certain there are millions of people named Mohammed or Ahmed who aren't terrorists.
If the US forcing any other financial companies such as banks to do the same thing nobody called Mohammed can open a bank account or change a check.