As I was reviewing my checking account statement the other day, I discovered two charges that I didn’t recognize, both from the same business and for the same dollar amount. I did a Google search to see if perhaps I was just forgetting a transaction or two, which happens from time to time, but Google was unable to give me literally any information on the company. I looked up the telephone number and even called it, but the guy who answered didn’t seem to have any idea what I was talking about.
As a result of all of this, I had to call my bank to dispute the charges. Annoyingly, because it was a debit card-related transaction, my debit card (which, coincidentally, I use for literally all of my daily purchases) had to be cancelled; a new one will allegedly arrive in "seven to ten business days."
Are magnetic cards really the best medium to use for financial transactions? Newer cards include "PayPass" or similar tap-and-go technologies that utilize a short-range RFID tag embedded in the card, but those are troubling, as theoretically someone unscrupulous with a RFID reader could discreetly scan the posteriors of passersby and collect all kinds of information that they would have previously needed physical access to.
I tend to think, at least upon initial consideration, that biometrics are the future of this kind of application. It’s laughable to think that someone would attempt to make a transaction in a store using a severed human hand or with an eyeball stuffed in a plastic bag. The back-ends of biometric databases are the problem–we’re still living in an era where laptops are misplaced and hard drives are stolen and suddenly the personal identifying information of thousands is compromised.33 So while a retinal scan may be virtually impossible to forge, we’re going to need to see some major advances in data security before I think such scans can go mainstream.3
- I even had this happen recently. Several years ago I had to visit the emergency room after accidentally slicing into my finger while making dinner. I visited the hospital in question once and only once, and yet several months ago I received a letter from the hospital saying that a laptop that, for some reason, contained my personal information–including my Social Security Number–had "gone missing." The hospital assured me that they didn’t think my personal information was in danger, but just in case , they provided me with several years of credit monitoring for free.333
3
Muhammad Rahim | 07-Jul-08 at 10:10 am | Permalink
Fraud is everywhere. RFID technology work almost same with magnetic card, instead it is transmitted the data wirelessly. Depend how the back end process that data.
Ryan | 08-Jul-08 at 1:14 am | Permalink
It’s certainly true that the back ends of current data storage systems are at risk, but so are the front ends. I believe that with biometric systems the front ends would be far more difficult to compromise, meaning that there would be only one major facet in need of major protection.