Of That

Brandt Redd on Education, Technology, Energy, and Trust

16 May 2011

How to Identify a Secure Payment System

Recently my debit card number was stolen. Three unauthorized charges totaling more than $500 were made in quick succession. Luckily I caught them almost immediately and contacted my bank which "launched an investigation" and credited the money back.

I presume nearly everyone with a card has had a similar experience. The credit card system is so abysmally insecure that there's no way it would get approved if introduced today. There are dozens of ways my card number could have been stolen. A waitress might have copied it down while away from the table at the register. An insider at a payment processing company could have taken it. I could have been part of one of the recent online retailer hacks. I don't think I was the victim of a card skimmer or a fake ATM because I'm pretty careful about such things. But it's still possible.

The "Chip and Pin" systems used in the UK are better. They are based on smart card technology which has an embedded processor chip on the card. To pay for something you insert a card into the payment device, enter your PIN number and approve the amount of the transaction. It's nearly the same as using an ATM card in the US except that you insert the card so that the chip can be accessed instead of swiping the magnetic strip. However, there's a big difference in how the transaction is handled. When you swipe a card, it simply reads the card number from the magnetic strip. There are even devices that can clone the magnetic strip. A smart card, on the other hand, uses a secret encryption key to digitally sign the transaction. The payment device never has the actual key so once the card is removed, no additional transaction can be made.

While better, Chip and Pin still has a fundamental weakness: You have to trust the payment device. A fraudulent device might ask you to authorize a charge of $25 but actually submit a charge of $250. Or, you might authorize one charge but while the card is still in the device it might process a dozen more.

A mostly secure system would have to have a display and keypad on the card itself. Or you might use a cell phone for payment as they do in Japan since the phone already has a keypad and display. Then the worry is that your smartphone might get a virus that steals all of your money.

I predict that before too long you will have some universal access device that unlocks your house, enables your car and manages secure payments both for online shopping and in person. But if that device is also your smart phone, they'll have to install some kind of hardware security to protect the security system from malware.