The Cache: Technology Expert's Forum
 
*
Welcome, Guest. Please login or register. September 17, 2019, 05:39:31 PM

Login with username, password and session length


Pages: [1] 2
  Print  
Author Topic: wallet phones: what could possibly go wrong  (Read 4978 times)
rcjordan
Lifer
*****
Offline Offline

Posts: 882


View Profile
« on: October 30, 2008, 04:34:13 AM »

ummm, yeah sure, i'm going to carry a transmitter/receiver directly connected to my bank account.

http://tech.yahoo.com/news/nm/20081030/tc_nm/us_mobiles_wallets
Logged
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #1 on: October 30, 2008, 09:00:54 AM »

It's coming man. My AmEx can now pay for gasoline by waving it in front of the pump. Although I agree with your sentiment (Hey! What's the worst that could happen?) I don't think that responsibility re. financial instruments is a hallmark of the population... convenience is.

Personally, I still send paper checks to my vendors every month. I assume you'll find me taking a drink in those wonderful "ponds" at La Brea soon...
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #2 on: October 30, 2008, 10:16:49 AM »

I have NO fear when it comes to a CC as long as there is no identity theftable stuff on it. If they can steal money, who cares. You are only legally responsible for $50 bucks, and most CCs dont even charge you for that, like Amex for example. (at least in the US)

The paper vs plastic vs checks and now vs device argument is interesting to me.
paper is anonymous, though you can lose it.
plastic is not anonymous. But you are protected against loss.
checks can be forged, and have identity info on them. Always been the least secure method in my opinion.
devices are new, and an interesting one. I think that they CAN be very secure, because you can control what goes in and out from within the device. However, all software is hackable, and all communication is insecure by nature.

devices interest me because it can be two things. Money and access. Money can be stored on the device, if you lose it, you lose the money, like a wallet. Access can be achieved by the device being able to access your money elsewhere, like a bank. The problem is security. Money ON the device can be uber secure for the owner, but can be forged on the device of a criminal. Access has the problem of communication, which is, any time your device communicates with your bank, someone else can hop on that bus and rob all the passengers, regardless of how many passwords and fingerprints you use. A shared comm system is insecure by nature. The only really secure telephone is two phones connected ONLY to each other, ever.
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #3 on: October 30, 2008, 11:00:40 AM »

inductive hack man, that's hardly secure. The only really secure way to do things is to never share shit with anyone at any time.

::faintly here's the words "Julia...." in his memory LOL::
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #4 on: October 30, 2008, 11:12:32 AM »

true. I meant to add "where the line is being watched the whole time." lol
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
rcjordan
Lifer
*****
Offline Offline

Posts: 882


View Profile
« Reply #5 on: October 30, 2008, 11:41:22 AM »

>responsible for $50 bucks

Some years ago, while I was a director of a bank chain's local board (still one of the nation's strongest, most conservative banks), I asked a bank VP to clarify whether that $50 applied to business cards since the legislation was written for individual 'rights.' The answer was a resounding slap-on-forehead, "DAMN! We never thought of that! Maybe your business card is wide open."  To date, the answer is still pretty much "we'll get back to you on that."  So, I shut down all my business cards and now have the businesses reimburse me.

BTW, while on the subject of liabilities, I believe debit card transactions are not subject to the $50 legal limit ...so if you use them, your money is wide open.  I don't use them.

>$50

I once took a course (offered as an alternative to Statistics) called "Decision Theory."  I still cite it as one of the best courses I ever took re practical applications. In short, you assigned monetary values to each fork in a decision process. Sometimes the value was derived by assigning how much you'd pay NOT to have to go down that fork.  Several times in the past, I've actually paid more than $50 just to IGNORE the problem caused by a small, fraudulent billing on my personal CC. I value my time.

>never share
I just paid to invoke a voluntary security freeze on my credit with TransUnion, Equifax, and Experian.

My signature card at the bank(s) explicitly deny electronic access by 3rd parties.  ....That one once saved one of my companies $9000 when someone coded the wrong routing number (and happened to match my account) and drafted away the $9k. The bank wanted me to fill in the usual forms and wait 2 weeks for the money. I told them to check the signature card and have the money back in the account by 2PM. It was back by 2PM.

Obviously, I do not pay any bills by electronic transfer, a.k.a. online banking.  Anyone who lets a 3rd party have a port to his banking accounts is simply trusting his luck.

>checks

Yes, there were (are?) magnetic toner cartridges than actually let you properly encode MICR numbers and -yes- a few years back one of my businesses was defrauded by someone conjuring up a fake payroll check and cashing it at the supermarket.  I believe the bank reimbursed us since it was their burden to check the signature card on file but I may be mistaken on that.  In any case, I'll take my chances with paper.

>convenience

You always pay for convenience. Low-doc mortgages were very convenient for those of us in real estate.
Logged
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #6 on: October 30, 2008, 11:55:11 AM »

@ $50 and biz cards: I'm confused RC - I've been slammed a couple times on my business cards and never forked up a dime... are you saying that I may have been fortunate and policy really shouldn't protect me along these lines?

@ bills / autopay: I've also had troubles there, and THAT one is a toughy to get rid of - really tough. I wound up shutting down all the affected accounts because there was no way to preemtively stop charges from <a particular vendor>. It was nasty. You're spot on there.

@ checks: we had a spate of crimes where mailboxes were getting raped, the checks inside (being sent to bills/vendors) were washed and then cashed at check cashing retail outlets. The number of ways that paper can also be defrauded is terrible, but IMO if you deliver your checks directly to the PO you have a pretty reasonable chance of them getting where they need to go. @ magnetic ink: we have a client that's got one. So I called my bank a while ago to see if I could be sliced into and they said yes, but they'd back me up for that sort of activity pretty much immediately.

I have my credit files auto-report on any activity at all, watch my bank accounts like a hawk and recon to the penny every month. Itemized CC bills keep the credit lines clean as well. I think the best way to take care of yourself here is supernatural vigilance. Tedious, but required.
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
rcjordan
Lifer
*****
Offline Offline

Posts: 882


View Profile
« Reply #7 on: October 30, 2008, 12:56:26 PM »

>I'm confused RC - I've been slammed a couple times on my business cards and never forked up a dime... are you saying that I may have been fortunate and policy really shouldn't protect me along these lines?

Yeah, I'm confused too, but keep in mind that even bank VPs are confused about this one. As I understand it, the original legislation was written specifically for consumer protection BUT banks are extending it to their business card customers as a matter of policy.  However, bank policy --should things get nasty-- doesn't give us much by way of legal rights.


>magnetic ink

Hhh! Want to have some fun? Show the micr toner box to your local bank head honcho and explain to him that anyone can order them and the check-making software. Watch his face as it dawns on him just what this means.

>wash checks

Oh yeah, I saw a demo on that once. Forgot about that one.

>deliver your checks directly to the PO

You might try cutting the number of transactions as well. I find vendors who routinely bill me for nominal amounts on a monthly basis AND can handle a credit balance properly (local utility companies, for instance) then I pay them for a few months in advance.  Works great on reducing nuisance check-writing.
Logged
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #8 on: October 30, 2008, 12:59:16 PM »

amex is pretty bulletproof from the customer end, biz or personal. I hever NEVER had any issues with amex. Citi is pretty damn good as well for both. never been charged by either, on both sides.
all the rest, are hit or miss.

autopay from BofA works outbound only, so vendors do NOT have any access to your account and I am pretty sure thats how all banks work. Of course if you set up the vendor to autodraw from your bank account, your a moron. "gee i'd like 5k this month..." I auto pay vendors with my CCs, which gets me miles, and then pay that from my bank via online bill pay. Puts all the onus on the CC.

BTW. I just won 2.5 million pounds from the African National Lottery. They only want this info from me:
1. REFERENCE NUMBER:
2. BATCH NUMBER:
3. FULL NAME:
4. GENDER;
5. PASSPORT OR ID NO:
6. COMPANY NAME:
7. FULL ADDRESS:
8. TEL:          FAX;
9. YOUR BANK NAME;
10. ACCOUNT NUMBERS:
11. BANK DDRESS:
12. BRIEF DESCRIPTION OF COMPANY /INDIVIDUAL:

I will let you know how it turns out...  
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #9 on: October 30, 2008, 01:22:07 PM »

Wow, congrats NBs! That's awesome! I didn't even know you played the Nigerian Lottery!

@ Amex / Citi : Most of my recurrent bills are Amex for this very reason. Also, I get miles for all bills I'd pay every month in any case. And unlike an autodraft type charging mechanism, AmEx is big on the customer side. Citi a bit less-so, but still pretty good. The mechanism also addresses your reduce-transaction-count point RC.

@ Autopay: true also, I just haven't taken the time to integrate that, since I have my QuickBooks/manual system so tweaked. Not as satisfying as seeing all my bills lined up like little soldiers either Wink

Download Transactions tip: if you have a BofA account and you want to download personal account transactions into QuickBooks format... you can't. Have them change the profile of your online account to "business" and you can download in the correct format. This does not change the nature of the account from personal to business, just the DB profile that provides you dynamic HTML page.
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #10 on: October 30, 2008, 01:26:26 PM »

ah didn't know that. my profile is biz anyway so all my accounts are linked from one interface. I gave up on QB about 4 years ago. It got too anoying. So now I have a little custom access database which I use. Each year, I just start a new one up. Been thinking of going back to QB though, especially considering some recent news J just got regarding a very very big prospect... I keep telling her that I am her full time accountant!
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
rcjordan
Lifer
*****
Offline Offline

Posts: 882


View Profile
« Reply #11 on: October 30, 2008, 01:40:14 PM »

>QB

I've been using Q/QB since Quicken 1.  Can't live without it.

>also addresses your reduce-transaction-count

Yeah, but come audit time the taxman doesn't really like CC statements even if you do manage keep all the receipts.  OTOH, give him a canceled check and chant the magic words "paper audit trail" and he might cut you some slack.
Logged
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #12 on: October 30, 2008, 07:08:03 PM »

and now your analog security is crap...

http://gizmodo.com/5071377/software-can-duplicate-your-keys-using-a-photo-taken-from-200-feet-away
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
dink
Expert
****
Offline Offline

Posts: 349


View Profile
« Reply #13 on: October 30, 2008, 08:45:49 PM »

Dink shreds three cc's.

Waves lodestone above the checkbook.

Devises a photo proof key protector.

You guys are a real barrel of fun.   Wink


Interesting fun though.
Logged

[quote Nutballs]
the universe has a giant fist, and its got enough whoop ass for everyone.
[/quote]
rcjordan
Lifer
*****
Offline Offline

Posts: 882


View Profile
« Reply #14 on: October 31, 2008, 10:10:17 AM »

>Interesting fun though.

In a paranoid sort of way, it is, isn't it?

>security is crap

All security is crap. Security depends solely on a mix of ignorance and inconvenience.

Take Medeco's ultra-high security locks used on government installations....
http://blog.wired.com/27bstroke6/2008/08/medeco-locks-cr.html

OR

Massachusetts Bay Transit Authority's subway passes
http://hackaday.com/2008/08/09/defcon-16-mit-boston-transit-presentation-gagged/

OR

hi-tech Passports
http://arstechnica.com/news.ars/post/20081002-rfid-passport-hack-has-scanners-seeing-visions-of-elvis.html
Logged
Pages: [1] 2
  Print  
 
Jump to:  

Perkiset's Place Home   Best of The Cache   phpMyIDE: MySQL Stored Procedures, Functions & Triggers
Politics @ Perkiset's   Pinkhat's Perspective   
cache
mart
coder
programmers
ajax
php
javascript
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks


Valid XHTML 1.0! Valid CSS!