|Philip Andreae would like to make a statement to the US card industry. You are implementing PCI compliance for Pin Pad and Data Security. Please insist that all new terminals always require the EMV interface to a ISO 7816 Smart Card. Consider the antenna as table stakes to play in the low value contactless world.|
USA adds financial incentives, fines to PCI program
New carrot-and-stick approach aims for better compliance
December 14, 2006 (Computerworld) --
Visa USA is adopting a carrot-and-stick approach to help drive merchant compliance with the Payment Card Industry (PCI) data security standard that it -- along with other credit card companies such as MasterCard International and American Express -- is pushing.
Earlier this week, the company announced that it has created a new $20 million incentive program under which it will monetarily reward "acquiring" financial institutions if their members are fully compliant with PCI requirements by Aug. 31, 2007. At the same time, acquiring banks that fail to ensure compliance by Sept. 30, 2007 will be assessed fines starting at $5,000 a month for each non-compliant merchant. The fines increase to $25,000 per month for each non-compliant merchant after Dec. 31, 2007.
Until now, fines have only been assessed in cases where actual data breaches occurred.
Acquiring banks are those financial institutions that grant retailers and other entities the approval they need to accept credit cards. Under PCI, it is these banks that are contractually responsible for ensuring that merchant members meet PCI requirements.
Visa's new Visa PCI Compliance Acceleration Program is designed to spur entities that are covered by PCI rules to comply in a speedy fashion, said Jennifer Fischer, a director with Visa USA. "This program is part of our larger strategy for protecting card holder data and to ensure that we are doing everything we can to protect it from compromise," she said.
It targets the financial institutions responsible for the largest 1,200 merchants -- known in PCI-speak as Level 1 and Level 2 merchants -- who together account for about two-thirds of Visa's total transaction volumes, she said. Though nearly 18 months have passed since PCI rules went into full effect, only 36% of Tier 1 merchants and 15% of Tier 2 merchants are currently compliant with the requirements, according to Visa. The goal is to get all of these merchants fully compliant by the end of next August.
As part of the compliance validation process, merchants will need to show that they have purged all magnetic stripe data, Card Verification Value (CVV2) data and PIN data from their point-of-sale (POS) and other systems, Fischer said. The storage of such data is considered extremely risky and is a major violation of PCI rules. Even so, a large number of merchants continue to do so, often because their POS system software stores it by default.
"One of our key messages is you don't need that data," Fischer said. "We expect merchants to work with their software vendors to update the software or patch it or do something to make sure their systems are purged" of the data, she said.
The new Visa program is a step in the right direction, said Avivah Litan, an analyst with Gartner Inc. in Stamford, Conn. But to really push PCI compliance, similar actions need to be taken by MasterCard and American Express, she said.
Visa's decision to link its so-called "tiered interchange" rates to PCI compliance, though, is perhaps far more significant for larger merchants than any one-time monetary reward, Litan said. Interchange rates are the commissions that merchants pay for each credit card transaction. Merchants in different tiers have different rates, with the largest ones paying less than their smaller counterparts.
The prospect of losing this benefit for failing to comply with PCI could be the biggest driver of all, Litan said.
Visa USA adds financial incentives, fines to PCI program
Friday, 15 December 2006, 1:21 AM CET
Visa USA is adopting a carrot-and-stick approach to help drive merchant compliance with the PCI data security standard that it - along with other credit card companies such as MasterCard International and American Express - is pushing.
Earlier this week, the company announced that it has created a new $20 million incentive program under which it will monetarily reward "acquiring" financial institutions if their members are fully compliant with PCI requirements by Aug. 31, 2007.
FasTrak on path to airport
If the toll agency approves, drivers may pay for SFO parking with transponders.
Orange County toll road customers who have transponders could soon be able to charge parking fees to their accounts.
Beginning early next year San Francisco International Airport expects to let travelers pay for parking by using their FasTrak accounts.
The program – the first in the state – comes as electronic tolling and transponder uses are expanding, said Frank Barbagallo, deputy director for toll compliance at the Transportation Corridor Agencies, which oversees the San Joaquin Hills (73) and Foothill/Eastern toll roads.
Today the agency's board of directors is expected to approve three agreements allowing SFO, along with new toll facilities in San Diego and Alameda County, to use its trademarked FasTrak name. As part of the licensing agreement with San Francisco, the agency requested that account holders be able to pay for parking with their transponders.
"It's exciting," said Barbagallo, adding that there is a huge number of transponders outside Orange County, including 7,000 tags in the Bay Area. "We are delighted to be part of this." The agency has 659,103 transponders across the state, with the highest concentration in Orange County and the Southern California region.
According to the agency, airports in New York, New Jersey, Texas and Florida let patrons pay for parking with transponders.
Others could be on the way.
San Diego International Airport at Lindbergh Field hopes to incorporate the technology into its parking garages by 2010 when it completes an airport expansion, said Sharie Shipley, a spokeswoman.
John Wayne Airport will also consider FasTrak payment options when it upgrades parking lots as part of its five-year, $512 million project to build a terminal and add 2,000-plus parking spots. Today it would be too difficult to add the technology because structures would have to be modified.
"If we could come up with a plan where we would offer some automatic pay card and exit quicker, we would look into something like that as well," said Jenny Wedge, John Wayne spokeswoman, who added that the airport will watch San Francisco's project closely. "Whatever is easier for the passengers is beneficial to everybody."
Still, parking and transponders is only the beginning, said Barbagallo, who believes the tags are emerging as another payment method, like Visa and MasterCard. Several years ago the agency did a pilot project with McDonald's allowing FasTrak customers to buy food with transponders. It was discontinued when the restaurant decided to go with debit cards. But other ideas are in the works: Recently, an agency that represents gas stations approached the agency.
"Transponders and toll accounts are just now beginning to be understood for the power they provide private businesses and government agencies."
PM pumps Provenco’s praises in Hong Kong
Friday, 15 December 2006
Prime Minister Helen Clark witnessed world-beating, innovative Kiwi technology in action yesterday during a two-day official visit to Hong Kong.
Clark was shown an example of Provenco's unique service station payment technology currently being rolled out across the entire Special Administrative Region of Hong Kong by energy and chemical company Sinopec Corp.
The technology, which includes a full head office system and all outdoor payment terminals, is a first for Hong Kong that provides customers with advanced promotional offerings, including customised discounts and loyalty schemes.
Clark said that Provenco is a prime example of an innovative Kiwi company using its expertise to deliver tailored technology solutions.
"Provenco has been recognised as one of New Zealand's leading exporters. Its work with Sinopec demonstrates how Kiwi companies are at the leading edge of global developments in the retail business environment," she said.
Provenco is a recognised leader in developing and delivering end-to-end petrol station technology and in particular outdoor payment systems. Its work with Sinopec is potentially huge, as it is one of the largest listed companies in China and the second largest oil and gas producer. It is also the biggest refiner, chemical manufacturer and distributor in China.
The Provenco technology accommodates magnetic stripe cards, as well as chip cards, meaning the company is future-proofed for the eventual move in Hong Kong to complete EMV-compliant chip cards. EMV (Europay Mastercard Visa) cards are being rolled out in Europe and are replacing magnetic stripe cards to help curb credit card fraud.
Provenco's pump pay Sinopec Card technology allows customers to stay with their vehicle and provides faster refuelling to relieve forecourt congestion. The cards can also be used at Sinopec stations in Mainland China. The system is bilingual, offering terminal screen prompts and printed receipts in Chinese and English. The back office system is also bilingual.
Provenco is now working with Hong Kong and China-based partners to extend its technology through additional Hong Kong sites and into greater China.
Debit Card Fraud At Gas Stations Declines By 60 Per Cent
TORONTO, Dec. 14 /CNW/ -
Interac Association today reported that debit card fraud at gas stations across Canada has declined by more than 60 per cent over the past year. The deep decline, representing about $15 million in avoided fraud losses, was largely the result of Project Protect, a joint education initiative spearheaded by Interac Association and law enforcement with support from Payment Card Partners and other industry partners. The program, which launched in November 2005, educates gas retail owners, managers and employees about payment card fraud and how they can help prevent it from occurring at their location.
"Project Protect was directly targeted at gas stations in Southern Ontario
to significantly reduce and ultimately eliminate debit card fraud from occurring at all
locations," said LeAnne Thorfinnson, VP, Operations, Interac
Association. "While fraud continues to be a growing problem, the reduction of
debit card fraud in the gas retail sector is a step in the right direction and
demonstrates how we're making it more difficult for fraudsters to operate in
Project Protect is a program in which law enforcement officers visit gas
stations to educate management and their employees about payment card fraud.
The program provides training for front-line officers and equips merchants
with valuable tips to prevent payment card fraud from occurring in their
locations. In addition, in regions across Canada where Project Protect is not
operating, Interac Association works with its members to provide gas retailers
with educational material and security tips.
Debit Card Fraud At Gas Stations Declines By 60 Per Cent
TORONTO, Dec. 14 /CNW/ -
Interac Association today reported that debit card fraud at gas stations across Canada has declined by more than 60 per cent over the past year. The deep decline, representing about $15 million in avoided fraud losses, was largely the result of Project Protect, a joint education initiative spearheaded by Interac Association and law enforcement with support from Payment Card Partners and other industry partners. The program, which launched in November 2005, educates gas retail owners, managers and employees about payment card fraud and how they can help prevent it from occurring at their location. "Project Protect was directly targeted at gas stations in Southern Ontario to significantly reduce and ultimately eliminate debit card fraud from occurring at all locations," said LeAnne Thorfinnson, VP, Operations, Interac Association. "While fraud continues to be a growing problem, the reduction of debit card fraud in the gas retail sector is a step in the right direction and demonstrates how we're making it more difficult for fraudsters to operate in Canada." Project Protect is a program in which law enforcement officers visit gas stations to educate management and their employees about payment card fraud. The program provides training for front-line officers and equips merchants with valuable tips to prevent payment card fraud from occurring in their locations. In addition, in regions across Canada where Project Protect is not operating, Interac Association works with its members to provide gas retailers with educational material and security tips. "Since the launch of Project Protect, we have seized skimming equipment, made arrests and seen an increase in the number of gas station employees reporting attempted skimming incidents," said Acting Detective Brian Wintermute, Peel Regional Police. "The success of Project Protect clearly demonstrates that education is an important tool in the fight against fraud." In September 2006, Project Protect was rolled out across Ontario and into other retail sectors with the support of the Ontario Provincial Police, Retail Council of Canada and the Ontario Ministry of Community Safety and Correctional Services. "We're pleased with the collaborative efforts of all the partners involved in this successful project," said Thorfinnson. "Aggressive law enforcement action combined with extensive merchant education can significantly impact debit card fraud activity." Interac Association has one of the most secure networks in the world. Billions of transactions occur every year, with 99.99 per cent of them conducted without any issue. In the instance that debit card fraud does occur, consumers are protected by the Canadian Code of Practice for Consumer Debit Card Services which ensures that all victims of debit card fraud will not suffer any financial losses.
Maharashtra launches smart card licences for 'paperless travel'
Mumbai, December 10, 2006
You won't have to maintain documents, cards and files while you travel from Monday. In a move to encourage paperless travel, the Maharashtra transport department on Sunday morning officially inaugurated the new smart card motor driving licences and optical strip-enabled certificates of registration (RC Book).
Chief Minister Vilasrao Deshmukh who also holds the transport portfolio, was the first recipient of the smart card driving licence at a function held at the Tardeo RTO in central Mumbai on Sunday morning.
"It is a move that will help curb malpractices like forged licences and false entries in the vehicle's registration book. No one will be able to tamper with the licence or duplicate signatures and misuse it. The licence and the RC Book will have a small 4kb memory chip and the authorities will be able to get a list of all the traffic offence history and other background details with these two cards," Chief Minister Vilasrao Deshmukh said.
"The card is going to bring about a revolutionary change in the state's road transport scenario. It will capture an individual's driving habits on the card, by making available a list of traffic offences and it will help us grade drivers. Those with least traffic offences on the card will be considered the best among them," GS Gill, Maharashtra's transport secretary said.
"The new licences will require a person to compulsorily come down to our
office to get photographed. The real time photograph will be saved in our database and
replicated on the card issued." "This will make touts and agents very difficult to operate as
no passport-size photographs and documents will do, but only a personal visit," Maharashtra
transport commissioner Shyamsunder D Shinde told HT.
Student Smart Card To Be Launched Tomorrow
KUALA LUMPUR, Dec 7 (Bernama)
A smart card to address the problem of "missing" foreign students in the country would be launched tomorrow, Home Affairs Minister Datuk Seri Radzi Sheikh Ahmad told the Dewan Negara Thursday.
He said the card was one of the government's proactive measures to tackle the problem.
"With the introduction of the student smart card, foreign students are required to bring it along (wherever they go). By doing so, we can monitor the students," he said when replying to Senator Siw Chun Eam during question time.
Radzi said the card would be embedded with security features which could not be forged.
A similar card would also be introduced for foreign workers, he said.
Up to Oct 31, a total of 1,271 foreign students had been categorised as "missing", he disclosed.
They were listed as "missing" after they were not found at their tertiary learning institutions.
On the issue of foreign students seeking employment, Radzi said the government adopted a strict policy on giving permission to those who applied for permits to work temporarily.
Until September, he said, the ministry approved only 21 applications from foreign students to work part-time.
"Before granting approval, we conduct various tests to satisfy ourselves whether students wanting to do part-time jobs genuinely need them to support themselves," he added.
Radzi said his ministry also imposed stringent conditions on institutions of higher learning taking in foreign students to ensure they really took care of their students.
"If foreign students are caught working part-time without permission, the colleges they have enrolled in will be notified," he said.
"So far, 16 colleges have the approval to recruit foreign students revoked for breaching various conditions, including protecting students working illegally.
"We don't want them to come here and attend classes for only three days
and work for the rest of the year. We want them to study for nine months and work for less
than 20 weeks in a year," he added.
December 8, 2006 - ZDNET
State to extend comment period on RFID in border cards
In the light of new criticism of the State Department's plans to use RFID
chips in passport cards, the department is extending the public comment period on the proposal
until Jan. 7, Information Week reports. The Smart Card Alliance recently criticized the
government's plans to use RFID in passport cards, which could be used in place of passports
for travelers in and out of Canada, Mexico and the Bahamas.
The Smart Card Alliance is urging the federal government to adopt the same microprocessor technology used in e-passports. The group argues that microprocessors allow for encryption, authentication, and other security enhancements, and that the radio frequency signals in passports have a shorter range and are therefore less vulnerable to interception.
Frank Moss, the State Department's deputy assistant secretary for consular affairs, said the government would issue RF-blocking sleeves to protect the cards and help secure people's information. He added that the cards will have strong security features.
"There will be all sorts of security features embedded in that card," he said. "It will be very difficult to reproduce except in a very sophisticated printing process. We're not talking about drivers' licenses."
Moss said that although inspectors will still physically check cars and identification, the passport cards would probably cut a few seconds out of inspections. In heavy border traffic, a few seconds for each vehicle can translate into hours of waiting time, he said. "For every second you add, when you multiply that by the number of people going across the border, you have enormous implications."
December 9, 2006
US struggles with RFID plan
A US government plan to use RFID (radio frequency identification) chips in a proposed passport card programme for US citizens is drawing fire from some quarters. The identification cards would be needed by residents who don't have passports for verifying their identity at land and sea border crossings.
It was responding to a 17 October notice in the Federal Register in which the US Department of State announced plans to use RFID chips for a proposed new passport card to be issued as part of the Western Hemisphere Travel Initiative, or WHTI.
Under WHTI, all Americans travelling to Mexico, Canada, the Caribbean and Bermuda will be required to show some form of personal identification approved by Department of Homeland Security when entering the US. The identification could be in the form of a passport or the proposed new passport card and is intended to shore up security at the nation's borders. Passengers travelling by air between the different countries will be required to show such proof of identity starting 1 January, 2007, while those travelling by land and sea have until January 2008.
In its notice, the State Department said it would use "vicinity read" RFID technology in the cards rather than the "proximity read" contactless smartcard technology being incorporated into new ePassports. The goal is to have credit-card-size passport cards that can be read from at least 20-30ft away by customs and border-protection officials to speed up the authentication process.
There are several problems with that approach, said Randy Vanderhoof, executive director of the Smart Card Alliance.
For instance, long-range RFID technologies are vulnerable to snooping and forgery, Vanderhoof said. Cards built using such chips will have no built-in security features for verifying their authenticity, he added. In contrast, the contactless smartcards used in ePassports support encryption and digital certificate technologies for securing data and verifying authenticity. Because that technology differs from what is being used in the ePassports, US border infrastructures will need to be updated, Vanderhoof explained.
An equally big concern is the potential privacy threat posed by RFID-enabled cards, said David Williams, vice president for policy at CAGW (Citizens Against Government Waste) in Washington.
While there is a need to enhance border security, "we do not believe RFID is the best way to do this", Williams said. People carrying such RFID-enabled identity cards could unknowingly be exposed to greater surveillance, he said. Individuals with such cards are also likely to have less control over when they want to be identified and what information is read, stored and shared.
"With other forms of identification, you literally have to pull your card out of your wallet. With RFID, you don't know when it is being accessed," Williams said.
Those concerns prompted CAGW to send a letter to the Department of Homeland Security this week urging its Data Privacy and Integrity Advisory Committee to pass an earlier subcommittee draft report that recommends against the use of RFID for personal identification. In that report, released in May, the DHS subcommittee had argued that RFID use could marginally reduce delay times at borders and checkpoints but carried several risks, including the potential for increased surveillance and erosion of privacy and anonymity.
"In a visual ID-check environment, a person may be briefly identified but then forgotten, rendering them anonymous for practical purposes," the report noted. "In a radio ID-check environment, by contrast, a person's entry into a particular area can easily be recorded and the information permanently stored and repeatedly shared."
The DHS subcommittee is scheduled to meet on Wednesday to discuss the issue.
In reality, it is unlikely that individuals carrying the cards will be tracked, said Tres Wiley, director of e-documents at Texas Instruments, which manufactures both RFID and proximity-read smart-card technologies. However the mere possibility is likely to scare people off, he said. "Citizen acceptance is going to be very important to the use of this card", and that's not going to be easy to get, he noted.
Banks roll-over on smart card roll-out
DECEMBER 12, 2006
AUSTRALIA'S banks are positioning themselves for the final run to introduce smart credit cards after years of baulking at the cost of phasing out magnetic-stripe technology in favour of microchips.
The manoeuvring is being influenced by the federal Government's $1.1
billion welfare Access Card project, but fresh questions have arisen over whether or not
smartcards will provide consumers with significantly improved protection from credit card
Visa Australia head of business development Vipin Kalra said computer systems enabled banks to almost halve the cost of credit card fraud over the past five years.
Credit card fraud rates had been cut from up to 0.05 per cent of total Australian credit card sales five years ago to less than 0.03 per cent, Mr Kalra said.
The most common forms of fraud were skimming and counterfeiting, he said.
The Australian Payments Clearing Association agrees that the highest card fraud losses by value stem from skimming and counterfeiting, but estimates 2006 credit card fraud at 0.039 per cent of card transactions, or $87.4 million.
"We've seen a big drop in fraud in Australia over the past couple of years," Mr Kalra said.
"(The drop is because of) the banks' ability to put a lot of monitoring systems in place so they can track activities on the card. Those systems are now starting to show their benefits."
ANZ Bank widely advertised its Falcon neural network as part of a campaign to establish its security credentials.
Falcon identifies anomalous credit card transactions and is one of three platforms the bank uses to manage credit card fraud.
The others - Eagle and Hunter - are merchant-oriented systems to track fraudulent credit card applications.
ANZ general manager of consumer cards Nick Reade said these systems had helped the bank cut credit card fraud by 60 per cent in the past five years.
He cited examples where Falcon detected the use of a stolen credit card before the cardholder knew his wallet had been purloined because of changes in the buying patterns detected by the bank's systems.
Systems such as Falcon were an important part of ANZ's drive to establish itself as the most security conscious Australian bank, he said.
"Pretty well everything we do nowadays we communicate that we take fraud very seriously," Mr Reade said. "A lot of our own internal research on what's important to customers - drivers of satisfaction, drivers of usage of credit cards - increasingly (show) what's coming out as number one is security."
Mr Kalra said the fraud-fighting capabilities of computer systems such as Falcon meant banks had not been under pressure to implement smart credit cards.
Microchip-enabled credit and debit cards have long been touted as an important tool in the fight against payment fraud by Visa.
Many Australian banks have argued that the costs of implementing smartcards was greater than the cost of fraud.
"We have to get (to smartcards) but because fraud is under control within the banking industry there isn't a huge urgency to just turn over all the cards over night," Mr Kalra said.
Commonwealth Bank general manager of product and market development Brian White said the success of crime-fighting technologies meant consumers were unlikely to notice big reductions in creditcard fraud following the introduction of smartcards.
"(With smartcards) the consumer on the street has the confidence that he's consistent with the current standard. Does that mean today he's at risk as a consequence? Well the data shows he's not measurably," Mr White said.
Mr Kalra's and Mr White's comments were made at the launch of the Australian Smartcard Users' Forum (ASUF) last week.
ASUF members include the big four banks. It was founded to pressure the federal Government to use private-sector payment networks to process transactions associated with the $1.1 billion welfare Access Card.
ASUF chair and NAB regional general manager for specialised businesses Bruce Munro said the group would work to manage any consumer concerns if banks were seen to be lagging behind the federal Government on using smartcards to protect consumers from fraud.
"One of the reasons we put the forum together was to try and manage perceptions like that," Mr Munro said.
"Another risk, I suppose, is that the use of a chipped Access Card may have some negative connotations that we have to manage for our own roll-outs,"
ANZ's Mr Reade declined to comment on the activities of his competitors but said smartcards would play an important role in protecting consumers from fraud such as credit card counterfeiting.
ANZ has issued 1 million smartcards and has a goal of converting all 3 million ANZ cards smartcards within a year.
The CBA, NAB and Westpac are yet to announce smartcard roll-out timetables.
Smart Card Alliance slams RFID use in US passport card program
5th December 2006
The Smart Card Alliance is urging the US government to reconsider using
long-range RFID technology in implementing its passport card program.
AdvertisementThe Smart Card Alliance believes that vicinity-read RFID technology proposed for the passport card is the wrong technology to implement a secure identification card. It is suggesting an alternative in the form of 'proximity' contacless smart card technology.
According to the alliance, long-range tag RFID is used typically to track products, while contactless smart card technology is already in place at the border to validate the identities of travelers with ePassports. Contactless smart card technology has also been recommended by the National Institute of Standards and Technology for more than 10 million government employee and contractor identification cards that began to be issued in November.
The alliance provided details of its concerns with the passport card decision to use vicinity-read RFID technology, and gave recommendations for measures that the US Department of Homeland Security and Department of State could implement to improve the passport card program.
The issues with the proposal detailed in the response include: lack of security safeguards in long-range RFID technology; potential for tracking and citizen distrust; and duplication of required border infrastructure to accept this identity document technology in addition to ePassports and potential operational issues with multiple vicinity-read RFID tags in vehicles.
"The US government needs to focus on a policy for efficient border crossing that increases border security and citizen privacy," said Neville Pattinson, director of technology and government affairs at Gemalto and the co-chair of the Smart Card Alliance Identity Council. "The necessary technology is readily available to back up such a policy. Contactless smart card technology, compatible to that already being used globally in electronic passports, possesses all the security features necessary to protect citizen privacy, whilst upholding all operational parameters at the land border check points."
The alliance states that there are many advantages to using contactless smart card technology for the passport card program, including the ability to support electronic verification of authenticity to prevent counterfeiting and to use secure, encrypted communications to thwart eavesdropping and replay attacks, and ensure privacy protection for cardholders.
Canadian Chip Technology Trial Scheduled For Autumn 2007
Members of the Canadian payment card industry -- Interac Association, MasterCard Canada Inc., Visa Canada Association, and many of their respective card issuers and processors -- have announced their commitment to conduct a chip technology trial in Kitchener-Waterloo, Ontario. The trial will allow participants to test the infrastructure and ensure interoperability of systems and devices in a controlled manner prior to each participant's national roll-out plan.
The first chip transactions will occur in the autumn of 2007, with card
issuance and device deployment increasing over the months following, reaching a sufficient
volume for research by March 2008.
A chip card is a credit or debit card that contains an embedded computer chip and provides increased protection against counterfeit and lost and stolen card fraud. In addition to providing increased security, the chip card also offers a platform for future opportunities, new product and service offerings. The migration to chip card technology represents an evolution of the electronic payments systems designed to make an already safe payments system even more secure. The Canadian payments system will be utilizing the established "EMV" chip standard (Europay MasterCard VISA), which is a proven technology currently in wide use around the world.
Schumer warns on no-swipe credit cards
04 December, 2006
Tens of millions of no-swipe credit cards have been issued in the past year. When a customer uses the credit card to make a purchase, the card is processed by a radio frequency identification reader operated by the retailer.
"All you need to be is within a couple of feet of the customer," Schumer said. "You may as well put your credit card information on a big sign on your back."
"The card and the reader in the terminal are safe and secure, and the transaction is handled the same way that credit cards are managed today," Thomas O‘Donnell, senior vice president of Chase cards services, said when the company announced the launch of its blink cards last year.
In addition, Schumer said contracts for the no-swipe credit cards should have warning boxes disclosing "the known weaknesses of the technology."
A telephone call to Visa International Inc., the nation‘s largest credit card brand, wasn‘t immediately returned.