Coin - New Gadget Will Replace All Your Debit / Credit Cards
63 replies, posted
[QUOTE=Downsider;42911350]You're underestimating the power of asymmetric encryption, though.. It's not like other types of encryption. Even with it going over the air, it's thousands of times more secure than storing a dumb value on a magnetic strip.[/QUOTE]
Instead of relying on encryption which can likely be flawed or equipped with a secret backdoor, how about we rely on that they'd need to actually have physical access to the card?
Then the only issue is skimmers.
Unless you're dumb enough to hand a stranger your card when paying at something like a restaurant instead of asking the waiter/waitress to either bring their mobile pay terminal or to show you where their stationary pay terminal is.
I've read through the FAQ here's a run down:
- It costs $100 US.
- It has a battery that cannot be recharged or replaced and lasts on average use 2 years.
- If it breaks or runs out of battery you have to buy a new one.
- There are additional security features:
-> You can set it up to deactivate if it is too far from your phone for too long
-> You have to manually enter your card details and then swipe it, if the details don't match up it won't store the card
-> The app uses 256-bit encryption for it's communication with the "Coin"
-> Only cards under your own name can be added
- Does not support chip or pin (EMV) and only has plans to incorporate EMV somewhere down the line.
- The card can only hold up to 8 cards, the details for more can be saved into the app.
- Their FAQ has stupid joke QAs like:
[quote]Q. Which is better; Tiger or Monkey style Kung Fu?
A. Depends on the terrain.[/quote]
- A lot of QAs make it sound like a scam, very poorly designed FAQ.
[QUOTE=Pat.Lithium;42913458]
-> You have to manually enter your card details and then swipe it, if the details don't match up it won't store the card
-> Only cards under your own name can be added
[/QUOTE]Can't this be easily changed by modding the app?
[editline]19th November 2013[/editline]
[QUOTE=Pat.Lithium;42913458]
- A lot of QAs make it sound like a scam, very poorly designed FAQ.[/QUOTE]
They're probably just trying to seem hip and random
[QUOTE=Van-man;42912648]Instead of relying on encryption which can likely be flawed or equipped with a secret backdoor, how about we rely on that they'd need to actually have physical access to the card?
Then the only issue is skimmers.
Unless you're dumb enough to hand a stranger your card when paying at something like a restaurant instead of asking the waiter/waitress to either bring their mobile pay terminal or to show you where their stationary pay terminal is.[/QUOTE]
Have you seen some of the skimming methods for magnetic swipe cards? You can attach a device to an ATM and skim information off it, or even just by running the card over a certain surface.
I'd wager you've never taken a crypto class or haven't looked into/understand the math behind cryptography. Conversely, I frequently work with crypto for my job and my Dad works for a security company that implements smart cards.
EDIT:
i mean yeah someone could totally add a backdoor, but if that person has access to the cards on that level he could just as easily add a backdoor to the database and get all the information directly without having to access any card at all.
Sorry, you need to Log In to post a reply to this thread.