Convenient RFID and Identity Theft at the ski hill

Zip down your jacket so that your ski pass can be checked.What a hassle. Carry money while you ski or ride, and forget which of the 27 pockets you put it in. Why bother? We want convenience, we want simplicity, and we assume security.

I shall go on record to say I love the “idea” of RFID on the ski slope. The pass around my neck or in my pocket without having to pull it out from beneath layers of clothing. Fantastic.  And if that was all it was I would be fine with it.  However, having  knowledge of the information to which the ski pass is linked, I am less enthusiastic.  Name, address, birthdate, billing information, etc is only 2 steps away from having the RFID code. This code can be easily skimmed.

Some of the largest ski areas in the world are doing it.  Under the banner of customer benefit and convenience.  And why not, even the top consumer financial firms are driving RFID and consumer tracking.  What they don’t share, is how the market data you provide adds to their customer behavior models.  Nor do they share how easily this information can be skimmed without your knowledge.  No need to worry about the bandits taking skis and snowboards off the racks at the bottom of the mountain.  There are much easier, and profitable endeavors to be had in the age of RFID. Read the rest of this entry

Credit Card companies move toward RFID

Convenience and perceived security is a primary concern for major credit card companies.  It is important to understand Mastercard and Visa earn fees by card issuance and per transaction charges.  These companies DO NOT incur credit risk, this lies with the the bank/card issuer issuer.  With that in mind, where is opportunity for profit derived?  Ease of use, quantity of use, and a perceived level of security by the consumer.

A bank can insure against their CC losses attributable to Identity Theft.  Although they may advertise that they are concerned with identity theft, and to a degree they are, they know more transactions through convenience will lead to more charges.  As a net result this leads to more revenue for the banks and the credit card transaction companies.  At present time these security measures are self-regulated by the Credit issuers.  (Didn’t we just go through these type of self-regulation issues with the mortgage lending industry?)  As we can hopefully see, the public’s perception is that these Credit issuers wish to eliminate fraud due to identity theft.

I shall offer an alternative case.  I submit that the card issuers wish you to use your card more, as they can collect more fees and interest charges.  There is nothing inherently wrong with this, this is their business.  However, they are making it more convenient and encouraged to charge while giving the consumer a mis-perceived level of enhanced security.  The Credit Cards company DO NOT want you to know what I am sharing with you.  Here is a quick video excerpt from Adam Savage from Mythbusters:

Read the rest of this entry