Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Amex to deploy Internet card with embedded chip

Hemos posted more than 15 years ago | from the i'll-be-like-bloomies dept.

The Almighty Buck 107

ajlaw writes "American Express with be deploying a new blue card the contains an embedded chip for use when making purchases on the Internet. The card's chip will be used for security in shopping on the Web. The company will distribute free card readers for customers to hook up to their computers. " Wierd-they have no details, but apparently the card swiping is supposed to be more secure then typing it in-but I'm not sure how.

Sorry! There are no comments related to the filter you selected.

Re:Already here in Germany (1)

mcolin (14379) | more than 15 years ago | (#1691532)

So what does the black one do?

we have had that in holland for years (3)

jilles (20976) | more than 15 years ago | (#1691533)

In holland and sweden (where I live now)most bank cards are equiped with embedded chips. One of the applications of it is as an electronic wallet.
i.e. you go to a bank machine, withdraw some money wich is then put on the chip in the form of credits. Then you go to a shop and pay by sticking the card into a machine that subtracts some credits from the amount on the card. (this is not the same as paying with an ATM card since there's no communication with the bank at the moment you pay) you can also use the card to phone in a telephone cell. In addition to that insurance companies can store some information on the chip as well.

One of the reasons this has never really worked well in Holland is the fact that there are two groups of banks in holland, each pushing their own smartcard, each requiring a different machine in the shops and each offering slightly different functionality. It took nearly three years for them to figure out the card would never become popular unless they started cooperating (which is what they are doing since a few months).

As a consumer I think, the chip cards don't really offer much value. The whole concept of taking your card to a machine and adding credit has always seemed a little rediculous to me and I can pay in a shop using my ATM card or my credit card.

The reason that banks push it anyway is that a chipcard is probably cheaper for the banks: ATM cards require communication to verify whether there's enough money on your account and credit cards require some other administration to be done which makes both of them unsuitable for small purchases (from the banks point of view). What's also nice for banks is the marketing info they can collect from payments done with the chip card.

This bank seems to be pushing the card for webpayments. Unless they manage to convince all other banks that their particular cardformat should be used for online payment it won't work. The card only works if the ecommerce websites have the software to deal with these cards and I don't see that happen just because one bank is pushing a card.

A second problem is that you can't just stick the card into your floppy drive: you'll need a cardreader.

BTW. For the same reason (no standardization) I don't see biometrics becoming popular anytime soon.

So in order for this to work:
- banks will have to agree on a cardformat (preferably international)
- banks will have to provide their clients with cardreaders (also standardized) for free because noone will be interested in buying one
- there will have to be some added value for the card users (discounts?)
- there will have to be some added value for ecommerce sites in order to get support for the card there

Basically this card doesn't fullfill the requirements listed above so its a guaranteed failure.

Re:Mondex? (Correction) (1)

Paul Johnson (33553) | more than 15 years ago | (#1691534)

Correction: the Amex "Proton" system is not an electronic cheque system, its an electronic cash system which works in exactly the same way as Mondex.

Paul.

What I wonder is... (1)

Enoch Root (57473) | more than 15 years ago | (#1691535)

...will these these readers run on Linux?

No, but seriously!

I bet it won't be long before someone takes the reader apart, figures it out, intercepts secure communications from other users (I mean, it might be a card, but unless it's timestamped by an outside authority you can reproduce it all you want) and empty someone else's account before they have time to realise it.

They're very short on details, and if this thing doesn't use strong encryption to work, it's gonna be crackable, card or no card. Having a reader at home is like having an ATM hooked up while you're able to play with it. What makes ATM secure is that it's physically secure. Not so with a little plastic peripheral.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:More secure: SecureID card (1)

MacJedi (173) | more than 15 years ago | (#1691536)

I imagine this could work much like SecureID cards work for Citrix. It is the challenge and response method (I think some one else mentions this further up in the thread).

SecureID cards generate a [pseudo]random number that changes every 60 seconds. This is number in sync with whatever you are trying to get access to. The cards that I have seen have an LCD where you can read off the number and punch it in. This way you must be in posession of the card at the time of the transaction. A card reader would just add a further layer of abstraction.

As for how the card is kept in sync with the main server, I can only guess. The card likely encrypts the clock time modulo some granularity with a secret key that is stored on the card. The server performs the same encryption using its clock, then applies a skew based on the last time the card successfully authenticated, with a sliding window to allow for greater drift latitude over time. Just a guess, though. :)

I think that a side affect of this is that the cards must be changed fairly frequently. Or at least more frequently than most people get new credit cards.

hand-held special crypto device (3)

Booker (6173) | more than 15 years ago | (#1691537)

They're made by Security Dynamics. See 'em here [securitydynamics.com]

Paper on how they work, and how they might be cracked is here [homeport.org]

Mail order fraud... (1)

??? (35971) | more than 15 years ago | (#1691538)

Mail order fraud is more challenging than you describe. Most credit card companies require that products purchased by mail order must be shipped to the billing address for the card. Admittedly, this does not apply to pr0n sites ;-) and other situations where the product need not be shipped. As a result, if I get your card number and expiry, I can buy something and have it shipped to you, I can subscribe to some pay website, or I can try to change your billing information so that I can actually get product shipped to me.

I would imagine that changing someone's billing address is quite easy... Whenever I've moved, the only authentication they've tried is phone numbers, birthdate, card number, name, old address. Would I do this? No - it leaves a trail pointing at me.

More of an illusion of security... (1)

uberslack (5984) | more than 15 years ago | (#1691539)

Statistically, according to Merchant Service Providers (businesses that set shops up with merchant numbers so that they may run credit cards) and the credit card companies themselves, swiped transactions are less likely to be fraudulent charges as opposed to charges typed in... plus swiping the cards through will allow the merchant to get a lower rate on the transactions... non-swiped transactions cost more than swiped transactions... plus the rate of returns is lower on swiped transactions as well... to me, the real winner with this amex thingee do is the merchant accepting the transaction...

now... whether or not the card is actually more secure, i would not know... but a lot of times, credit card companies would rather give the image of being secure than actually BEING secure...

btw - i work for a credit card transaction software company... so i know a little of what i speak... =-P

Cool! (0)

Anonymous Coward | more than 15 years ago | (#1691540)

How long before I can get one of those chips embedded in my forehead or palm?

Re:Not true... (1)

RJ11 (17321) | more than 15 years ago | (#1691541)

If the customer is stupid enough to compromise their own card, it's all their fault and they deserve to go through the hassle of calling up the credit card company, which actually isn't much of a big deal. It's all natural selection.

What about CVV2 code? (2)

Anonymous Coward | more than 15 years ago | (#1691542)

Hello...I'm a credit card issued within the last two years.

Count how many numbers are on the front of the card...probably it's 16 if it's a MasterCard or VISA...or 15 for American Express...

Now flip me over and take a look at the signature area of the card. Chances are you will see a series of numbers printed there.

Count how many numbers are in the signature box. Hey...there's 18 or 19!

The first 15 or 16 are the credit card number from the front. The remaining two or three are the CVV2 code.

What is this CVV2 code? It's a PIN number. Just like a PIN number in a debit purchase, the CVV2 code is NEVER echoed anywhere in the transaction record.

One of the best security systems is "somthing you have, something you know." Lets say you crack some ISPs CC database and steal a whole bunch of credit card info. Well, when you go to purchase something on an Internet site, you are screwed because you don't have the physical card in your hand to get the CVV2 code. On the other hand, let's say you pick someone's pocket and take a physical card complete with CVV2 on the back. Well, when you go to purchase something, you are screwed because you don't know the billing information like address, ZIP, phone, etc.

As long as customers are aware they should treat the CVV2 code like a PIN code and NEVER give it out to anyone they wouldn't trust with their PIN code, then this system will work.

Next time some business cries about how much they lose due to credit card theft...tell them it's their own damn fault for not using the tools that are already availabe to them.

http://secure.logicom.com/cvv2.htm

- JoeShmoe

Re:Not the first smart Amex card (0)

Anonymous Coward | more than 15 years ago | (#1691543)

Um, maybe you should have blurred out your Dad's credit card numbers. His next statement will probably have a few pieces of computer equipment charged on it.

what does the black card do (1)

Jeremy Erwin (2054) | more than 15 years ago | (#1691544)

If you have to ask, you can't afford it.

Re:"random" pin number (1)

Falrick (528) | more than 15 years ago | (#1691545)

>> ... password is a combination of this randomly generated number (shown on a neat little LED), ...

Not nitpicking either, just showing :)

The LED would not be necessary. The less that the user has to do, the more they will like it (Sad but true golden rule of user interface design). In this case, they only need to Swipe the card into aforementioned card readers. The reader would read the "random" pin number from the card, in what I am assuming to be, a method not completely unlike a smart card (some of which are said to have a processing power equivalent to an Apple IIe).

Re:what does the black card do (1)

mcolin (14379) | more than 15 years ago | (#1691546)

Someone moderate Jeremy up please. Good answer.

Re:Not the first smart Amex card (1)

nhw (30623) | more than 15 years ago | (#1691547)

Actually, I did blank out the last five...

If you can figure what those are, you're in luck!

Nick.

Re:Smart cards for secret keys (1)

ucblockhead (63650) | more than 15 years ago | (#1691548)

I doubt they actually do this, but one very good way to prevent the above would be to embed the shipping address in the card and then refuse to ship elsewhere.

Unfortunately, that would probably fail because of "inconvenience", the bane of all security.

Not likely (2)

Kaa (21510) | more than 15 years ago | (#1691555)

It's more secure for one reason only--you have to actually physically have the card to order with it.

Ahem. You mean I have to physically generate the stream of bytes that gets send to the serial port or wherever the card reader gets plugged in?

I thing the suggestion that this is just a way for people to have/use long passwords/keys in a convenient fashion. You know why PINs have only four numbers (9999 key space!), right? Because the average Joe Schmoe cannot remember more than four numbers.

Kaa

All info on this smartcard on this URL (2)

xs4all (26083) | more than 15 years ago | (#1691556)

Have a look at http://www.protonworld.com or http://www.proton.be

It gives all info who/what is behind this initiative.

Readers on Linux (Re:What I wonder is... (1)

DannyKumamoto (4636) | more than 15 years ago | (#1691557)

You can find many readers supported at:

www.linuxnet.com

I won't be surprised if AmEx reader is already supported. (I'll find out as soon as I get mine.)

Danny

Re:we have had that in holland for years (0)

Anonymous Coward | more than 15 years ago | (#1691558)

Yep, sounds like the Belgian Proton system as well. On chip stored credits, payed/transferred without any online transmissions. In fact I've heard about Proton releasing small mini-ATMish machines that hook up to the serial port (or USB or whatever) and remove credits on demand from the PC, sending back an encrypted "done", so basically that's a combination of on-chip-credits and the security device posted about earlier... sounds reasonably secure to me. BPeers

Re:Amex, could you please... (1)

MidKnight (19766) | more than 15 years ago | (#1691559)

This feature is actually something that the new Sun Ray terminals offer. A lot of people've bashed them for being expensive xterm's that Sun is trying to use to get people to buy more servers (which may or may not be true), but it has a smart-card slot built into the front of it.

Walk up, pop in your card, and your saved desktop (bookmarks & preferences & environment, oh my!) is readily available to you. On a large campus (educational or otherwise), this seems like a good application.

My guess is we'll start to see a lot more apps using Smart Cards. I'm sure the wallet people are already designing the uberWallet, for all your smart card needs ;)

--Mid

Re:More secure (0)

Anonymous Coward | more than 15 years ago | (#1691560)

it's sent straight over a web site, which is also readable, unless you're using HTTPS (then it's only semi-secure... c'mon, 40 bit encryption? Ha!)

Of course it will use HTTPS.

Are you nuts? You're still using the 40 bit version?

Maybe I am in the wrong discussion, if people using 40-bit Web brower are talking security in it.

Re:More secure (0)

Anonymous Coward | more than 15 years ago | (#1691561)

The chip prevents bratty kids like Mitnick from piling your Credit Card info into his heap of stolen numbers. It prevents a usable version from being passed around by criminals who traffic in that sort of stuff.

Those are worthwhile goals.

Re:hand-held special crypto device (1)

cancrman (24472) | more than 15 years ago | (#1691562)

My roommate works for MCI/Worldcom and he has one of those little buggers on his keychain. In his case the number it generates is used as the password for windows dial up networking. I might just be uninformed here but it seems a little extreme to use something like that for windows DUN. All I know is that the hyper-security of the thing makes his Internet really-really slow. But hey, I've got a cable modem. What do I care?

Pete
I'm not a media planner but I play one on TV

Re:Mondex? (0)

Anonymous Coward | more than 15 years ago | (#1691563)

You think they're going to publish the specs on something like this in an RFC?

Uh, OK, Mr. Magic Swipe (2)

Quinn (4474) | more than 15 years ago | (#1691564)

The article states a person can either enter his card number as usual, or if he wants "extra security" he can swipe it through a reader.

Because it works with /or without/ the reader, I don't see how this can be any more secure that existing methods, and that's ignoring the issue of /how/ the reader "secures" the transaction.

Assuming it isn't just a sexy lady in a black box cooing "Your transaction is secure," there has to be some server-end software. Shopping carts will presumably have to receive and process the data.

How many carts are going to support this new protocol? My (educated) guess is /very few/. Maybe the big guys who can afford to jump on every hype bandwagon the credit card cartel sends thundering by, but not the little guys and the small business merchants they support.

Am I worried about the little guy? Not really. Wallet software has been notoriously unsuccessful in the e-commerce industry, and I don't see this gizmo faring any better.

--

Re:More secure (1)

ucblockhead (63650) | more than 15 years ago | (#1691565)

However, it would be nice if they offered the customers an option that would make it so that their card could only be used if it was swiped (I honestly don't know how they would do this, I'm just hypothesizing).

I work in the retail EFT industry. Currently, nearly all protocols aimed at retail transactions capture this information ("swiped" vs. "keyed"). Internet based protocols usually don't, as nearly nobody has a card reader by their machine, but one imagines that could be changed fairly quickly.

Of course, the problem that you are going to have is that someone who knows these protocols could fake it pretty easily.

Re:Smart cards for secret keys (1)

Get Behind the Mule (61986) | more than 15 years ago | (#1691566)

...one very good way to prevent the above would be to embed the shipping address in the card and then refuse to ship elsewhere.

Nah. What if you move?

Not more secure for the consumer! (1)

ucblockhead (63650) | more than 15 years ago | (#1691567)

One of the reasons that banks love these things (and why consumer acceptence might be slow) is that it passes off much of the liability to the consumer. Because the cash is actually "in" the card, the card becomes identical to cash. If the card is stolen, the card-holder is out of luck. As long as the account data is stored on the physical card, this pretty much has to be the case.

In contrast, if a debit card or credit card is stolen, the card-holder is typically liable only for $50. (Or $0 if they can show that the retailers using the card did not make an appropriate security effort, which they almost never do. Generally, if the signatures don't match your ID, you aren't out anything.)

It should be obvious why the banks would love to see everyone walking around with smart cards instead of credit cards. Their own liability goes down. The same goes for retailers. They barely check IDs now, can you imagine how little they'll do it if they have no liability in accepting stolen cards?

A similar thing happens with those "gift certificate" cards you can get at blockbuster video. These aren't typically smart cards, however, it is interesting that in most cases, name data is not stored either on the card or at the host where the data is kept. The reason for this is deliberate. Companies don't want to deal with lost cards and the like. By refusing to store name data, the card becomes just like cash, and all card security is the consumer's problem.

Re:More secure (1)

kevin@ank.com (87560) | more than 15 years ago | (#1691568)

It is more secure because it requires that you actually have the card itself, not just the number on the card.

The card is described as having an intelligent chip. I presume that means that it isn't a simple swipe, but a negotiation between the card and the authorization agency. Ideally it would additionally require a secret that only the card owner knows.

Something you know, something you have, and something you are are the canonical authentication mechanisms. Most systems use only one or two of the three since for example retinal scanners are a bit expensive.

Slashdot only uses the something that you know (your login and password) since the results of compromise are not disastrous, and the difficulty of getting people to properly protect other forms of identity keys is tricky.

Re:Smart cards for secret keys (1)

ucblockhead (63650) | more than 15 years ago | (#1691569)

That's what I mean. We give up security for convenience.

Personally, I'd take the inconvenience of having to be issued a new card when moving if it meant that the card would be utterly and completely useless if stolen.

But then, some people complain when the cashier wants to see an ID with a credit card. And then they wonder how the guy who stole their card managed to charge it to the limit without getting caught.

"Wierd" (0)

Anonymous Coward | more than 15 years ago | (#1691571)

How long before Hemos know how to spell weird?

Re:More secure (0)

Anonymous Coward | more than 15 years ago | (#1691572)

I have seem a lot of idiocy on this subject.

Now as a smartcard security consultant I Will tell you how this (should) work.

Sorry if I oversymplify thungs for purists.

First you go to a site and buy something. The site will send a message asking your CARD to authentificate. (Indeed readers are just dumb and can just send plain ascii).

The CARD will then ask you your pin. (in case it was stolen).

Then the card will negociate transaction KEYS with the server for the encryption. Then the shop and the CARD will transmit infos like card number exp etc in encrypted form.

So you don't need a smart reader or SSL via HTTPS at all.

Actually, for real security the shop should have a reader too with a special vendor card.
(The system we use has a TWO cards reader). The admin card and the user card. So even if you steal the admin computer, no way to get the codes)


Indeed some people will say you can emulate the whole protocol. But please tell me how you took the secret codes of the card, I would soon be rich, phone for free, take as much money as I want from the bank etc.

Credit Card Security (1)

RJ11 (17321) | more than 15 years ago | (#1691573)

All these attempts to make the internet "safe for shopping" and the like are all futile and pathetic. No matter what the security measures, there will _always_ be people who are able to steal tihngs online.

Everytime that someone accidently gives out their CC info online to a malicious person, it could have been prevented. Instead of creating new security methods to try and make it harder to steal CC info, we should be educating consumers on how to safely shop online. If you follow some simple rules, you will never lose your credt card info to anyone who wasn't supposed to get it. For instance, only make purchases from reputable merchants, only make purchases using ssl, never email CC info....

Re:"random" pin number (1)

dantes (89932) | more than 15 years ago | (#1691574)

The nice thing is that if you wanted to steal the credit cards information, you couldn't just snag the creditcard number. You would have to know the algorithm for generating these numbers, as well as the pin (which could be snagged from the transmission)! So you would have to watch these purchases over a period of time, and only then would you be able to pretend to be the card owner.

Acutally, the secureID also requires you to synch the card with the secureId server. Even if you could discover the algorithm, you would need to monitor sufficiently many transactions to ensure that your implementation was reasonably synchronized with the server (or convince the sysadmin to synch your app). See this [vpnsolutions.net] for details from the vendor

More secure (2)

wangi (16741) | more than 15 years ago | (#1691575)

Card swipping will be more secure for the simple reason that more information will be stored on the chip than the existing card number and expiry combination used the validate a card.

More data == more secure? Well at least not as easy to defraud. Perhaps.

Mondex? (2)

mindslip (16677) | more than 15 years ago | (#1691576)

How does this relate to the various Mondex / Electronic Cash projects that are underway?

The Mondex system, which is in a fairly strong Beta phase in Canada, uses a smart-card chip (you know, the 6-pin ones on phone calling cards) and a bit of encryption to store cash amounts and personal data.

I wouldn't be surprised if the card readers weren't just readers, but also did some encryption before they spat it out their serial ports to the computer, to the browser, to the server, etc. down the chain.

Anyone on the inside have any tech details? RFC specs? Anything?

Even a yearly fee amount or an interest rate amount?

What would be really cool is a PCMCIA card reader so you could use this in your laptop without lugging something external. I know there are PCMCIA adapters to read standard smartcards...

mindslip

P.S. first? (yay.)

Uh-oh (2)

sporty (27564) | more than 15 years ago | (#1691577)

Ok, how many people wager that idiots will put their card in a floppy or zip drive when trying to use it?

On a more serious note, those that are aware that it is possible to copy the contents of this chip (and/or the entire card) might not feel as safe as the uninformed. So it might be a bigger success than the pesimistic existing slashdot'ers may think.

More info on blue... (2)

Jonny Royale (62364) | more than 15 years ago | (#1691578)

avaiable here [americanexpress.com] from American Express web site. Not much, some pretty pictures, some "offers", etc, but it's the "official" home.

Re:More secure (2)

mindslip (16677) | more than 15 years ago | (#1691579)

"Card swipping will be more secure for the simple reason that more information will be stored on the chip..."

Yes, but that's missing the point. That's like saying "It will be more secure because it's written down and stored in your pocket..."

How does that create security? If, for instance, there is no encryption or even scrambling going on, it's still sent from the card reader to the serial or keyboard ports... That's how card readers typically work, they spit ascii to their port.

Not only is that readable, but it's sent straight over a web site, which is also readable, unless you're using HTTPS (then it's only semi-secure... c'mon, 40 bit encryption? Ha!)

Ah well. Still, I trust web purchases more than I trust the 15 year old with an attitude behind the counter at most CD stores! ;->

mindslip

Blue web site (2)

Mithy (30439) | more than 15 years ago | (#1691580)

(Not directly linked from the original news article - irritating)

http://home4.americanexpress.com/b lue/splash.asp [americanexpress.com]

Nothing unfortunately in the way of technical information to speak of.

--
This isn't the post you're looking for. Move along.

Already here in Germany (2)

mcolin (14379) | more than 15 years ago | (#1691581)

In Germany the blue Amex is already marketed for quite some time now. As far as I know, it's some "you're too young/poor/different to qualify for our real green credit card, so we're giving you a blue one instead, so everyone can see, how young/poor/different you are"-thing. No one wants to be seen with one of those.

Increased security from ChipCards (4)

jabber (13196) | more than 15 years ago | (#1691582)

The embedded chip in this new card will probably allow it to work a lot like a SecureCard.

It has a pseudo-random number generator, which essencially functions as an ECB. Your PIN and the ECB value for that moment in time are both required to perform a valid transaction. This way, either just the card (if lost), or just your PIN (if overheard?) are individually useless, since they only work jointly.

A ChipCard, for online shopping, is probably not a very good application. An ATM card would make more sense, but since Amex has more clout, it's easier for them to introduce the tech.

Then again, I might be completely wrong, and the chip might simply store data such as encryption certificates, and facilitate another layer of security. This makes much more sense for online transactions.

Perhaps a built in ROM capable of Diffie-Hellman?? But then why bother to hook it up to a PC, a simple acoustic coupler between the phone and the card would do... Uhoh, starting to think... Should get back to work.

Re:Mondex? (2)

Yarn (75) | more than 15 years ago | (#1691583)

I've had a Mondex card for 3 years now, its my student ID card for my Uni. Originally it was a smartcard which could be charged up (ie, out money on) in any of the university payphones, which was convenient. Now it can be charged in special mondex points around campus, and its also used to register unix passwords and gain access to computer labs.

Some info here:The University of Exeter Mondex Project [ex.ac.uk]

Won't work (1)

rde (17364) | more than 15 years ago | (#1691584)

Dissing a new technology before you've the slightest notion how it works is never wise. But neither am I, so here I go.
Doesn't matter a damn what sort of hardware you've got, you're still sending stuff over the web. Therefore it can be faked. You won't need a reader; you just need to wait for an issue of phrack that contains the spec then you can spoof away.

A false sense of security (1)

Matthew Vernon (87796) | more than 15 years ago | (#1691585)

I don't see having more Data on the card will cause an increase in security (tcpdump or similar will still make fraud relativly easy for those who are that way inclined).
More worryingly, it may make people think their card reader is secure, and so send their credit card details to less secure sites - so this impression of security might actually lead to more fraud. Maybe I'm just paranoid.
It would be more useful if there was some form of encryption used by the chip; The card could contain a secret key, and encrypt transfers - there would be a database of the corresponding public keys. Unfortunatly, the infrastructure for such a system would be expensive. It might reduce fraud though...

Smart cards for secret keys (3)

Get Behind the Mule (61986) | more than 15 years ago | (#1691586)

If I've understood it correctly, smart cards at terminals are intended as a medium for storing secret keys. They're not really supposed to be more secure in any cryptographic sense, but they're expected to be more easily understood by naive users. A lot of people don't know what a secret key is and how you're supposed to manage it, and they don't like long, complex passphrases and tend to choose weak ones. But everybody is familiar with a credit card, and everyone knows that you're not supposed to lose one; so the effect in the end is that people will tend to be more conscientious about key management (although they don't realize that that's what they're doing).

That's the theory, so far as I understand it. Of course, if somebody does swipe your card, they could shop up a department store on the Internet before you get a chance to report the theft. Then again, it's still pretty hard to benefit from a stolen card, because the goods have to be delivered somewhere, so it might be possible to trace the thief by finding out where the stuff gets sent.

"random" pin number (2)

Falrick (528) | more than 15 years ago | (#1691587)

Total hypothesis here, but it could work similar to my SecureID card. The card has some sort of imbedid processor that does nothing but generate numbers twice a minute. The "randomly" generated numbers are seeded by some other set of numbers known by my dial-in server and my card. Basically what happens is that when I dial in, my password is a combination of this randomly generated number (shown on a neat little LED), and a pin number that I set on the dial-in server. You can't get connected without knowing both the pin, and the number that is currently showing on the LED. If this CreditCard has a similar setup, users would be required to type in their credit card pin, and then swipe the card. If the number sent by the card (generated off of some known seed of course) and the pin don't match what our faithfull credit card company says they should be, then the transaction would be denied.

The nice thing is that if you wanted to steal the credit cards information, you couldn't just snag the creditcard number. You would have to know the algorithm for generating these numbers, as well as the pin (which could be snagged from the transmission)! So you would have to watch these purchases over a period of time, and only then would you be able to pretend to be the card owner.

Re:Mondex? (1)

IQ (14453) | more than 15 years ago | (#1691588)

I believe it competes directly with Mondex. Check out: Smart Card Solutions [sc-solutions.com]

Re:More secure (1)

wangi (16741) | more than 15 years ago | (#1691589)

Indeed. Even if the chip on the card added another security level to the transaction things, would not be more secure.

The card could still be stolen and used by any Joe Fool.

Now if those readers had an iris-reader on them it could add authentication to the transaction...

Amex, could you please... (3)

Markee (72201) | more than 15 years ago | (#1691590)

While they are at it, they could extend an existing browser to storing the user specific data on the card as well. This way, you could just walk up to any terminal that supports this feature (and remember, they give the card reader away for free), insert your card and off you go surfing with all your bookmarsk, cookies etc. AT&T Labs who developed VNC [att.com] used a technology like that to make your home session appear on any terminal you walk by in their office. Cool.

Re:No use (1)

heh2k (84254) | more than 15 years ago | (#1691591)

the real question is, does the card reader run linux? :P

Why this is more "secure" (1)

Anonymous Coward | more than 15 years ago | (#1691592)

I think you're all missing the point.

This doesn't store a longer number, it's not doing one-time keys, it's not a SmartCard, it's not going to magically make your order uncrackable by the NSA.

It's more secure for one reason only--you have to actually physically have the card to order with it. That simple fact alone will tremendously reduce internet fraud.

because cards are more resistant to tampering (2)

bp (6031) | more than 15 years ago | (#1691593)

When you type in, your browser does the digital signing and encryption. A chipcard can store your account #, private key, sign and encrypt any data you want by itself. One can crack a computer and replace any software, but IC cards are a lot tougher. They have simpler data interface, and use strong cryptography.

Re:Won't work (0)

Anonymous Coward | more than 15 years ago | (#1691594)

Yep.

Your karma is showing, in that you've posted the message with a valid nick, yet it comes through as a zero, without sign of having been moderated down.

Re:Mondex? (1)

Cironian (9526) | more than 15 years ago | (#1691595)

I predict they wont be making the specs available to non-corporate people. If you are a hardware-making company they will send the technical details available to you, but if you are "just" an individual trying to see whether you really want to entrust your money to this, good luck getting the information. (I am not saying it is smart to hold back those specs; but many suits, especially in that not-really computer oriented area think so)

Re:More secure (2)

lost_it (44553) | more than 15 years ago | (#1691596)

Actually, it has the potential to solve one problem that I've often noticed about using a credit card over the Internet. In order to order over the Internet, you only have to have 1) the card number, 2) the expiration date, 3) the name on the card. That means I can place an order over the Internet for a card that isn't even mine.

If AmEx were to require that the card be swiped in order to be used to purchase something over the Internet, this could prevent this type of fraud. According to the article, they aren't doing this, probably because people freak out whenever they can't do something the "old way". So currently, the card doesn't seem to have any secuirity benefits.

However, it would be nice if they offered the customers an option that would make it so that their card could only be used if it was swiped (I honestly don't know how they would do this, I'm just hypothesizing). I realize that any system that they used to increase secuirity could be cracked. I also realize that any secuirity system can be cracked, the object is to make it more difficult.

And I don't know how often this particular type of credit card fraud happens, I just know that it should be possible (I haven't tried it). If anyone else has some more information, please share it.

Don't be silly - it's obviously more secure (3)

sde1000 (10806) | more than 15 years ago | (#1691597)

Provided that they implement the system correctly, it will be more secure than current credit card systems.

In a traditional credit card system, all you need to know to make a purchase with the card is the card number and expiry date (and possibly also the name on the card and the address at which it is registered). These are easily visible on the card, and readable from the magnetic strip. They are sent to the merchant whenever you make a credit card transaction of any kind.

The problem with this is obvious: you do not need the card to be present to make a purchase. Embedding a chip in the card enables us to be a little more clever.

If AmEx have implemented the scheme sensibly then the chip embedded in the card will be a small microprocessor. It will have some non-volatile memory for key storage, some volatile memory for working storage, and probably some hardware crypto acceleration (because implementing crypto in software on slow microprocessors yields poor performance). The chip will be designed such that it is difficult (i.e. expensive, time-consuming and obvious that it has taken place) to read out the contents of the memory.

When an online purchase takes place, the details of the purchase (merchant ID, amount of transaction, etc.) will be sent to the customer's computer. To complete the purchase the details must be sent to the card, which will perform some cryptographic operation and return some more data which must be sent back to the merchant. (The precise details will depend on the implementation.) The point of the whole scheme, and the reason that it is more secure, is that the data returned to the merchant depends on key material embedded in the chip.

It is still possible to attack systems like this, either by exploiting errors in the system design or implementation, or by physically attacking the smartcard. See this widely-cited paper [cam.ac.uk] for more information and references.

Re:Not likely (0)

Anonymous Coward | more than 15 years ago | (#1691598)

Yes,

It means you physically have to do stuff to make it work.

That makes it about ten times harder than a regular credit card.

Once everybody is using that technology it won't be as valuable as it is now. Remember: when you're running away from a charging bear, you don't have to run faster than the bear. You just have to run faster than the other people.

There is only one reason they're doing this (1)

gelfling (6534) | more than 15 years ago | (#1691599)

The only reason financial services firms bring new products or serivces to market. It's NOT to get more customers or expand market share - it's to extort more money from their existing customers and present the illusion that you're locked in to the service provider. Whatever the purported benefits of something like is are, expect to pay more for so called extra security. What happens next is that big online vendors like Amazon will either offer discounts to pay using this service or will attempt to terrify customers that their transactions aren't secure w/o the service. Upon the first advertised breach of the security they will install a new system that requires the smart card and a PIN code thereby rendering the entire system useless, moot and worse off from a security perspective. Also expect the smartcard to interact with your cookies and track everthing you do so that the service provider can whore themselves out and buy and sell your behavior, your indentity like you're a piece of meat. Imagine that your entire payment transaction history for year is stored in a card in your wallet and you lose your wallet is that not a strong enough motivation for someone to devote unlimited resources to figuring out how to break open these things?

ORL developed VNC (1)

Effugas (2378) | more than 15 years ago | (#1691600)

>AT&T Labs who developed VNC used a technology like that to make your home session appear on any terminal you walk by in their office. Cool.

nononono!

AT&T *bought* ORL, the research lab collaboration between Olivetti and Oracle(I believe). VNC was already an extremely mature platform at the time of purchase, thanks to the extraordinary labors of its core programmers. (Heh Wez.)

I'm tempted to agree with those who worry most about individual credit for projects being supplanted by corporate attention-mongering. Not that AT&T has done anything bad...well, yet.

AT&T did try to sue to get BSD back, if I remember correctly...

Yours Truly,

Dan Kaminsky
DoxPara Research
http://www.doxpara.com

Once you pull the pin, Mr. Grenade is no longer your friend.

Its a CHAP device for SET (4)

anticypher (48312) | more than 15 years ago | (#1691601)

These are one component of the new Secure Electronic Transaction group of protocols to protect financial details while transiting electronic communications facilities. It specs everything starting at the main credit mainframes out to banks, regional centers, and finally out to doing authentication/verification of individual retailer's POS registers. It is so complicated and assembled by a commitee of hostile interests it makes the whole TCP/IP suite look like childs play. People are making entire careers specialising in SET integration (second only to SAP/PeopleSoft programmers in europe for excessive salaries, ~350K GBP/year for one year's experience, ~500K for a project lead)

Similar chip cards have been used widely in Europe for years, and the French, Belgian, and German banking systems use them almost exclusively. In Holland they have an NVRAM/crypto function and you can load the card with some credit and use it at merchants without having to verify every transaction.

The chip (in the french Carte Bleu system) is an 8-bit processor with enough power to provide a challenge-handshake for a secret shared key, and the agreed upon result is used to encypher the additional details of the card. The machine reading the card then uses that coupled with the PIN the user types in to further encypher the communications back to a regional control center, providing a second level of authentication. The crypto used is not difficult to crack or spoof, but just by raising the bar a little has dramatically reduced fraud from the old system which was just like the american system of today.

I'm glad to see Amex doing this. I think they announced this system about 2 years ago, and its been an oft delayed vapor promise since.

If you read the small print on the bottom of the page, they guarantee you against all fraud when you use this system. There isn't even a $50 deductible for each fraud. That in itself is pretty amazing.

Its obvious this is only for win95/98/NT4, since there is some software you have to load on your computer which is always running and will ask for your PIN when you insert the card. And the software somehow stores some "electronic cash" in your "wallet" on your system, and only uses the card and PIN to unlock it.

Hmmm, I have an idea that anyone smart enough to crack the system is not stupid enough to bring the wrath of the law on their heads by actually spoofing a transaction (unless it was their own). But I can see a day soon when someone releases a script-kiddie and howto package and suddenly the system gets taken offline for a few months of "maintenance" after a passing lightning storm :-)

But if it increases security even a little bit, then its a good thing. I just hope slashdotters remember there is no such thing as perfect security, just continuing improvements.

the AC

Re:More secure (0)

Anonymous Coward | more than 15 years ago | (#1691602)

The setup up they are using is a "something you have (the card) & something you know (a PIN)". Read more about it here: http://home4.americanexpress.com/blue/about_chip_r eader.asp

Blue has many good things going for it (3)

DannyKumamoto (4636) | more than 15 years ago | (#1691603)

Disclaimer: Although I work for one of the biggest smart card makers in the world and the inventor of Java Card (Java on smart card [slb.com] ), as far as I know AmEx is not using our cards.

As for Blue, Frost and Sullivan's analysis [cnbc.com] is a good place to start. Personally, I think it is a good thing: get consumers used to idea of smart cards and making everything free at first really helps. And if they use Java Card based smart card, they'll be able to roll out new features in the future. Besides, free card, free reader and 0% APR are hard to beat (unless they start cutting checks, I guess). At least I've applied for the Blue card.

Linux support probably can be found at: http://www.linuxnet.com/ [linuxnet.com] (I say probably because AmEX is highly likely to use one of the well known readers, much of them supported by MUSCLE project)

As for security: much of the first 40 posting I've read are either wrong or misinformed. I'd recommed that you read some smart card introduction before posting here:

Smart card industry association: http://www.scia.org/ [scia.org]

Smart card forum: http://www.smartcrd.com/ [smartcrd.com]

Java Card (but lots of general smart card info) http://members.xoom.com/javacard/ [xoom.com]

-----
More misc.: AmEx are working on a web page: www.blueamex.com [blueamex.com] (www.blueamex.net, too)

Danny (shameless ad: Java Card was invented here: www.cyberflex.slb.com [slb.com] )

Re:More secure (1)

lomion (33716) | more than 15 years ago | (#1691604)

Yes, but that's missing the point. That's like saying "It will be more secure because it's written down and stored in your pocket..."

That's missing the point. You see by swiping the card you prove that the card was present. It's easy to have it so it knows the difference between the swipe and entry. That's part of why you swipe the card in retail. It proves card was present. That at least stop people who collect just numbers.

Plus it cuts down on entry erros probably.

could be very secure (2)

jetson123 (13128) | more than 15 years ago | (#1691605)

If they do it correctly, a card with a chip embedded can be a lot more secure than either a manual password or even a SecurId card.

Using zero knowledge proofs and bidirectional communications, the remote server can establish to an arbitrary degree of certainty whether the person at the computer is in posession of the card holding the chip. Even if the line is completely unencrypted and open, nobody else can impersonate the holder of the card, no matter how much they listen.

Of course, whether AMEX is doing this right or doing something lame remains to be seen.

The reason card swiping is more secure (0)

Anonymous Coward | more than 15 years ago | (#1691606)

has to do with the fact that there are two types of transactions as far as a credit card company is concerned: Card Present Card Not Present Typing in a credit card (i.e. card was not physically present at the time of purchase) number makes it easier to attempt fraud which is why the credit card companies do not offer much in the way of protection to merchants who do card not present transactions. If the customer even hints at complaining, the card company will credit the holder back and debit the merchant. Card present (i.e. swiping) frauds imply a stolen card which then falls back onto the credit card company who must eat the loss.

Not true... (1)

DiningPhilosopher (17036) | more than 15 years ago | (#1691607)

You're assuming that anyone with the 16 digits can use the account. With smart cards this isn't necessarily true. Read some of the other comments - even with something as simple as a shared block of secret data, you can perform a challenge/response which can be used over an insecure channel and yet can't be exploited by a malicious eavesdropper.

Public key crypto is even easier to use - write out the transaction information and sign it. It doesn't matter who sees the information. They can't duplicate the signature so they can't make their own transactions.

We shouldn't just be educating people about how to use credit cards. We should be replacing them with more secure tokens which are harder for an ignorant user to compromise.

Re:It's a chip, so it's probably encryption. (1)

Pascal of S (23541) | more than 15 years ago | (#1691608)

The signatures in this case are merely meant as an identification. Meaning it just says 'it is truly me'. I agree with you that it does not solve the problem of the amount of money you transfer.
That would mean you need to create a trusted path. What you might do is:

Step 1:
The merchant wants to do a transaction with you. It tells a local web browser plug in (or whatever), please contact Amex, with my transaction ID and authorise US$50.
Step 2:
The local machine/plug in contacts the Amex server (using ssl?!?), with the transaction ID, 'please authorise US$50 for merchant ID#xxx.
Step 3:
Amex sends you a random number, that the chip on the credit card has to sign. You send that back.

Now it can go two ways:
A:
Step 4:
Amex sends you an digitaly-signed (this would then be an secure channel) payment authorisation.
Step 5:
You send this package over to the merchant.
Step 6:
The merchant verifies with its own 'secure' way that the authorisation is valid.

or B:
step 4:
Amex contacts the merchant with the authorisation over a secure channel.
step 5:
Merchant 'pushes' over the open HTTP connection the end result.

Final step:
Purchase has been completed.

Whoa... Not just Java Cards... (1)

DiningPhilosopher (17036) | more than 15 years ago | (#1691609)

Disclaimer: I work for a company which makes smart cards NOT based on Java. :-)

...if they use a Java Card based smart card, they'll be able to roll out new features in the future.

I must defend other cards here... LOTS of non Java Card smart cards are capable of being loaded with new applications after distribution. Any card with a reasonable processor and a reasonably flexible OS should be capable of supporting future feature additions.

Why are consumers so concerned? (0)

Anonymous Coward | more than 15 years ago | (#1691610)

I really cannot fathom why so many consumers are frightened senseless over the prospect of someone discerning their credit card number over the net. Should this unlikely event ever take place, you call up the credit card company and get it straightened out. I did it when I lost my wallet. It's no big deal.

AmEx is delusional if they think this is going to catch on, though. It's hard enough to find a retailer who'll accept their normal green card, much less this piece of gadgetry.

Shops requiring smart cards (1)

Indomitus (578) | more than 15 years ago | (#1691611)

Swiping the card is cool because it requires that you have the card, not just the number. I think it would only be worth it online if shops would say "We're only going to accept SmartCard transactions" so they could make sure you are who you say you are, or at least you have the credit card of the person you say you are. That would require mass acceptance of those cards though, which won't happen for awhile. Maybe if all the credit companies get on the SmartCard bandwagon as a way to increase security. Good possibilities here I think.

Banks don't pay interest on money in smart cards (1)

Colin Simmonds (4017) | more than 15 years ago | (#1691612)

Because the cash is actually "in" the card, the card becomes identical to cash. And for the same reason, since the cash is no longer "in" the bank account, the banks don't have to pay interest on it. If many people used smartcards instead of ATM cards, this would save the banks a lot of money.

It's a chip, so it's probably encryption. (1)

Pascal of S (23541) | more than 15 years ago | (#1691613)

I don't think the guys over at CNET mean 'swipe' as in magentic strip, but more like 'insert your chipcard'.

Chip cards are far more usefull, as the embedded chip might be able to do (3)DES, Public-key-signatures or more advanced stuff.

For example, the american express computer might issue a number that then gets encrypted/signed by the card, send back the result et-voila, Amex now knows for sure it's your personal card.

ibuttons (1)

chrystoph (89878) | more than 15 years ago | (#1691614)

This url might be pertinent www.ibutton.com

Not 'Secure' Just Authorized (0)

Anonymous Coward | more than 15 years ago | (#1691615)

It's more likely that a swiped card is being used by the actual cardholder, than a number typed in to a terminal. Look at your Credit Card recipts. How many of them have your full card #?

If you are a web-based business, you are at best, setup with your processor as a mail-order, 0% swipe(you take Credit Card order over the phone and manually put in the card #, AND have no cardholder signature) That means your more likely to have your money held until the cardholders bank can verify that charge with the cardholder. When you are 100% swipe, it's viewed as a MUCH less chance for fraud, since you have BOTH the cardholders card, AND their signature, to prove they purchased something from you, and you aren't being fraudulant.

At least with that AMEX system, you can have the swipe. At least until digital signatures are accepted by VISA/MC/AMEX... hmm maybe there is some extra data to show that you used a special PC -Card Swiper.

Extra info means more secure for them (2)

stienman (51024) | more than 15 years ago | (#1691616)

Well, if the chip contains more info than is printed on the card, it is less likely that someone will say, "But I didn't buy that!!" The extra info transmitted will show that that exact card was used. If they still have the card, bingo, they used it.

I had a website ask for my 'security' number on my credit card once, explaining that there are an additional 3 digits printed on the signature strip of my card. I looked, and sure enough, there they were. If you look at the microsoft licence keys you have to type in for windows, the win98 is HUGE! I imagine as people ask for more secure credit cards, cc companies will change to using more info to verify that someone is using a good card. An automated process of entering a large amount of info is needed (like the bar codes for ms keys).

-Adam

It's just challenge and response, surely? (4)

Simon Tatham (66941) | more than 15 years ago | (#1691617)

It doesn't seem to me that it's difficult to see why this is more secure than the current scheme.

Your average credit card is insecure because an eavesdropper has got all the information they need to fake further transactions. With this system, one imagines that what would happen is that the transaction site sends you a challenge (e.g. a bit string) and the card swiper responds by preparing a response (e.g. encrypting the bit string using a private key stored on the card). By embedding a time stamp or unique identifier in the challenge, you ensure that an eavesdropper can't fake a transaction because they aren't allowed to use the same challenge/response pair and aren't able to manufacture the response to a new challenge to create a different one.

Better still, you can embed the amount of the transaction in the challenge too, and then the transaction site itself can't try to claim you authorised more money than you actually did.

This has been done before; I knew somebody once who worked for a company with a severely paranoid firewall. He could connect into the inside of the firewall from the outside, but only by using a little hand-held special crypto device. He'd telnet to the firewall machine, which would give him back a bunch of digits and he'd punch them into the device. The device would supply a response string of digits, which he typed back into the firewall and then it let him through.

What is new here? (2)

JPS (58437) | more than 15 years ago | (#1691618)

Clearly, AMEX is good at Public relations, but what is new here? It seems to me that this card is just a basic smartcard, like they have been used, for example in France, for many years. This card shouuld be able to store some data and perform computations. Smartcards for crypto tend to have a regular chip and another one dedicated to specific task (like modular exponentiation), so they can perform complex operations such as digital signatures. Hence, one possible use, (which by the way), as already been started by VISA, is to plug a little reader in your computer, then when a query for paiement is made, the reader displays it, you are then asked to type your pin, which unlocks your private key, with which you can actually _sign_ the paiement. And no more credit card fraud.. Cool, isn't it :)

It could be a cock-up... (1)

elvum (9344) | more than 15 years ago | (#1691619)

I reckon the AMEX engineers said "we'll implement a 'numberless' card that'll work a bit like GSM authorisation - there will be a secret number on the chip that gets hashed with a random number sent out from the transaction server, which compares it with the same hash sent from the AMEX mega-secure servers. There'll be no way to read the secret number from the card or the mega-secure servers, and you'll need to snoop six gazillion transactions to work it out."

Management said "It's an AMEX card. Put a number on it."

:-)

Re:More info on blue... (1)

cicatrix (58686) | more than 15 years ago | (#1691620)

There's a little bit of information a bit deeper in:

about the chip-reader [americanexpress.com]
about the "wallet" [americanexpress.com]

Just to save people some time hunting...

Re:Already here in Germany (0)

Anonymous Coward | more than 15 years ago | (#1691621)

I think that you are talking about the Optima card. It is blue, sort of. This card is actually called Blue, not just blue in color. Plus, the regular American Express card does not allow you to carry a balance. The Optima and the Blue do.

Probably yes on Linux (0)

DannyKumamoto (4636) | more than 15 years ago | (#1691622)

See my posting above/below.... Danny

Security.. (1)

Kitsune Sushi (87987) | more than 15 years ago | (#1691623)

At times like this I have to ask myself: Just what does security mean to people when the average end-user seems to choose passwords such as the name of their husband, wife, child, or favorite pet? Talk about some "strong encryption".

An 'Exclusively Secure' Option (1)

Matt Booth (68378) | more than 15 years ago | (#1691624)

All of these options would presumably require the web site to support the system. The chances are that for a significant period of time most would not. Or of course it might never take off and they never will.

This means that the user will still be sending credit card details by the old 'insecure' method for at least some purchases, or at least it will not be unusual for a single account to regularly use both methods. Also the old method is open to the simple attack of jotting down the details of the card having merely seen it.

Would it not make sense for a user to choose to only allow transactions on the account using the new secure method. Surely if this isn't possible, much of the security is made irrelevant.

Re:"random" pin number (1)

_Spirit (23983) | more than 15 years ago | (#1691625)

SecurID cards have little lcd screens. Led would probably use too much power. These cards usually run for 3 years, then the battery runs out. If I've been informed correctly (not bloody likely with the &*(*& we buy them from) the battery cannot be replaced so you need a new card after the battery runs out.
There are two varieties of this card, one where you type your pin on the SecurID card (the pin will be verified by the card), and one where you combine your pin or password with the code generated by the card (pin will be verified by whatever security system on the server side (radius is what we use)).

I would think the first option would be safer (inputting the pin on the card)

(Not nitpicking, just trying to clarify the comment)

Message on our company Intranet:
"You have a sticker in your private area"

Re:Mondex? (1)

Aqualung (29956) | more than 15 years ago | (#1691626)

You take money out of your account and put it on the card. You no longer earn interest on that money. You don;t spend it for a week, and the bank pockets the cash! Multiply this by the ~20000 students and hey, thats a tidy profit.

True, but do you really worry about the interest you make in your *checking* account? Even in Scotland, if memory serves, the interest on these types of accounts is so negligible that it barely covers account maintennance fees.

As for the new cards, I'd have to say that if implemented correctly, this could take a big chunk out of credit card fraud. Adding even a simple digital signature routine to CC transactions will make fraud and/or forgery that much more difficult to pursue.

----
Dave
All hail Discordia!

Probably yes on Linux (1)

DannyKumamoto (4636) | more than 15 years ago | (#1691627)

See my comment above/below for details... Danny

Re:Mondex? (1)

Paul Johnson (33553) | more than 15 years ago | (#1691628)

That might be the case for small scale trials, but for real use in a national roll-out the situation would be different. When you put cash onto your Mondex card the bank does not "keep the money", it transfers it onto your card.

The Amex system seems to be an "electronic cheque" system: your card creates a signed docucument instructing Amex to transfer money from your account to the person you are paying.

Mondex, in contrast, is an electronic cash system. The total value in all Mondex chips in circulation (including those held by the bank) is kept constant. When you move money from one chip to another the system is designed so that one chip has to be debited before the other can be credited. The system is enforced by digital signatures and certificates signed by the bank: in order to persuade a Mondex card that it can accept money from you, you have to produce a digital certificate signed by its issuing bank.

Your objection is akin to saying that if you give the bank five pound coins and get a five pound note, then the bank is keeping your money and giving you a paper token in return.

Paul

Re:It's a chip, so it's probably encryption. (0)

Anonymous Coward | more than 15 years ago | (#1691629)

Well that is all fine and dandy, but it doesn't solve the trusted path problem. How do you know what it is you are *really* signing ? You have to trust what the CRT reads ... but with javascript ActiveX and the like there are all kinds of ways to spoof the display. Make it possible for merchants to defraud you - and leaving you without any defence or posibility to prove that what you signed isn't what you thought you signed ....

The data can still be captured and reused (1)

nahdude812 (88157) | more than 15 years ago | (#1691630)

no matter what data is on the chip, if it's done on http (not https) or I crack the encryption on the https, I still have the original data, and it's not too far to resend that exact same info to another site. Of course, then there's an electronic record of where the goods went, so they can know at least geographically close to where I operate from, even if I use a PO box. This different info cannot be used in a store (given that the chip contains different info than on the face of the card, if it doesn't, then it's just plain a stupid idea), so it's that much more secure. But if there is different info on the chip, do e-commerce sites need to change the way they operate to incorporate this? If they do, then AmEx is being foolish not to have involved everyone else because soon everyone will have their own way of doing it.

Re:we have had that in holland for years (1)

_Spirit (23983) | more than 15 years ago | (#1691631)

Actually the Dutch cards are very different. Chipper or Chipknip cards, as they're called, are the electronic equivalent of cash. When you charge them, money is taken from your account, and put on the card. The only security in this card is designed to stop you from charging it yourself, which would be the same as printing your own money.
It was created to eleminate the high transaction costs of "traditional" ATM payment where a connection with the bank would need to be established to authorize a transaction. The cards in this story are more "traditional" cards, just used to authorize transactions, not to actually "contain" money.

Message on our company Intranet:
"You have a sticker in your private area"

Re:Mondex? (2)

robbieduncan (87240) | more than 15 years ago | (#1691632)

We have this at our Uni [ed.ac.uk] too, but it is a subtle rip-off. Not only can you only use the "cash" in very select places but the bank running the scheme [ed.ac.uk] (the Bank of Scotland [bankofscotland.co.uk] ) makes a fortune. It does this in a way which most people don't notice. You take money out of your account and put it on the card. You no longer earn interest on that money. You don;t spend it for a week, and the bank pockets the cash! Multiply this by the ~20000 students and hey, thats a tidy profit.

Re:Already here in Germany (0)

Anonymous Coward | more than 15 years ago | (#1691633)

The blue card is a credit card the classic green is not, it's a charge card. And the latest,greatest card is black.

Re:Why this is more "secure" (2)

Dr. Evil (3501) | more than 15 years ago | (#1691634)

I think you're missing the point.

If the system is not cryptographically secure, you can still copy the card, you can still use man-in-the middle attacks, there are all sorts of things you can do.

What if some sad little program like happy99 was designed to double-swipe your card? We don't know if that kind of attack or others are possible. Unless they say exactly how the system works, it is best to assume that it is not secure.

Not the first smart Amex card (1)

nhw (30623) | more than 15 years ago | (#1691635)

This is not the first American Express smartcard, I don't think.

There is the so-called Charter Card, which is black, and comes with a pocket smartcard reader which is designed to access some of the data stored on the smartcard chip - details of foreign exchange rates, cardmember discounts, insurance, benefits and so on.

Just in case any of you think that I'm making this up, I happen to have a photo of one right here.

American Express Charter Member card [ox.ac.uk] .

Cool, huh?

Re:Won't work (1)

hoppy (21392) | more than 15 years ago | (#1691636)

Not really, cause the smart card incorporate public key algorithms (generally RSA) and secret key algorithms (DES or other). When you ask for a transaction there is a challenge to your card (you must at this momment enter your pin code). Your secret key is stored on the smart card and there is NO WAY to read it.
So you send only encrypted stuff on the web, and you can not easily fake it. The only way is to be able to crack DES in less time than duration of the transaction.

Re:Won't work (0)

Jimhotep (29230) | more than 15 years ago | (#1691637)

ok I'll "flame" this post
I have to
I've been baited!

What is wrong with you man? Don't you know
the web is secure.

Credit cards are secure man. Get your head out!

my karma is showing

Re:Why this is more "secure" (0)

Anonymous Coward | more than 15 years ago | (#1691638)

I was wondering how many comments i would have to read before somebody said this. Well done. I suppose i shouldn't be surprised most /. ers seem to look for the most obscure/difficult/paranoid answer first.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?