Have you had enough of all that tedious swiping? Users of credit cards with “contactless” technology can make purchases without swiping the card or handing it to a salesperson simply holding the card up to a particular scanner. The first attempt to widely disseminate the cards among American consumers was made with JPMorgan Chase & Co.’s launch of new “blink” cards. In Europe and Asia, this technology is already utilized in some capacity.
We will learn what makes blink cards unique, whether or not they are safe to use, and why credit-card firms are so intrigued by this novel technology in this article.
Not Quite The Speedpass was first offered by New Tech Mobile in 1997. Users wave a small gadget known as a “fob” in front of gas pumps that display the Speedpass logo in order to use the service. The user’s Speedpass account is automatically debited for the cost of the petrol.
In many aspects, the new blink credit card is similar to a standard credit card. The card’s front is imprinted with the name of the account holder and the account number. The account information is stored on a magnetic strip on the back of the card, making it usable everywhere that accepts credit cards. The card’s interior is the primary difference.
A tiny RFID (radio frequency identification) microchip is built within the blink card. The account number and name can be obtained from the chip when it is sufficiently close to the appropriate type of terminal. Holders of credit cards just hold them a short distance from the blink terminal rather than using a regular credit card reader to swipe the magnetic strip on the card. The card is always in the hand of the cardholder.
The terminal then sends the data over the phone line to the bank that issued the card, just like with regular credit card transactions, and checks the account balance to see if there is enough money on the card for the purchase. If so, the bank provides the terminal with a confirmation number, the sale is approved, and the cardholder is free to leave.
Let’s now discuss blink’s technological specifications.
In order to demonstrate why blink technology is a significant advancement, Chase commissioned a survey to determine how much Americans detest standing in line. According to the survey, individuals dislike waiting in lines more at the doctor’s office and the department of motor vehicles. The survey also showed that men are more inclined to use technology, like a cell phone or headphones, to pass the time while waiting, but women are more patient in lines. Finally, women said that if given the chance, they would like to wait in line with Barbara Walters or Ellen Degeneres, while men would prefer to do it with Jennifer Aniston.
Blink and RFID
RFID is used in credit cards that use blink technology. RFID comes in a variety of types. As an illustration, Wal-Mart has experimented with embedding RFID chips on its products to track inventories automatically (see How RFID Works).
Blink utilizes a particular form of RFID created in accordance with ISO 14443. The following characteristics of ISO 14443 make it especially suitable for applications containing sensitive data, such as credit-card account numbers:
- ISO 14443 chips use encryption to send data.
- The transmission range is intended to be as small as possible, no longer than 4 inches (10 cm).
As a result, more than 80% of contactless credit-card transactions globally use ISO 14443 [ref]. For usage in passports and other security papers, ISO 14443 technology can now store biometric information like fingerprints and face images.
In order to comprehend how the contactless card and terminal interact, we must first discuss induction. The creation of a magnetic field by an electric current was understood in 1831. In the same year, Michael Faraday found that it also worked the other way around: wires passing through a magnetic field could generate an electric current. Faraday’s Law, which he named after himself, directs this process, which he dubbed induction.
Electrical engineers sometimes strive to steer clear of induction. For instance, if your neighborhood’s electric lines are too close to your phone lines, the magnetic field created by the electric lines may cause voltage to be generated in the phone lines. The signal moving via the phone lines picks up this voltage as “noise.” This interference can be avoided by shielding and correct line orientation.
Engineers have mastered induction for RFID devices like blink cards. A wire loop and a tiny microprocessor are both present on every blink card. In the vicinity of the blink terminal, a magnetic field is produced. The wire loop enters the field of the terminal when a blink card is close enough to do so, which induces induction. The microchip is powered by the induction’s voltage. Without inductive coupling, each blink card would need to carry its own power source in the form of a battery, which would be more cumbersome, heavier, and prone to running out of power. The blink system is a passive system because the terminal provides the electricity.
The CPU then communicates data to the terminal at a frequency of 13.56 MHz after receiving power from the terminal for the blink card. This frequency was selected due to its aptitude for inductive coupling, resistance to interference from the environment, and low rate of tissue absorption [ref]. The processor’s integrated instruction sets encrypt the data as it is transmitted.
We’ll examine if blink users need to be concerned about security in the following section.
Security concerns are prevalent whenever credit cards are used. It might not seem very secure to transmit credit card information to a terminal over a radio broadcast. The procedure is actually more secure than using a magnetic-strip credit card when it goes as planned. Several tools that have been around for a while can read, change, or copy the data on a magnetic strip. This specific type of stealing is impossible thanks to the encryption features incorporated into a blink card. Additionally, employing the blink card enables the user to continuously hold the card in their hand. The account number and name on the card could be hidden as a result.
Security issues arise since a blink card does not require a signature. Without a signature, which would slow down the transaction and negate the entire point of blink, according to Chase, the card is secure because to the encryption and other security protections built into blink. Since the clerk never sees the card or account number, they even contend that it makes the transaction safer. Of course, the issue is that if someone gets their hands on your blink card, they may use it at a store without having to do any kind of verification. However, Blink customers are just as liable for unauthorized charges as any other credit card user.
However, there have been reports of issues with contactless RFID credit card testing, raising further security questions. The read range of each terminal might grow to as much as 30 feet (9 meters) in some instances when two or more terminals were adjacent to one another [ref]. Some consumers are concerned that they might unintentionally move too close to a terminal and wind up paying for someone else’s item, even though the terminal is operating within the recommended range of 4 inches. The simplest defense against this is probably for the merchant to place the terminals so that it is unlikely to happen.
In the worst situation, a blink terminal could end up in the hands of someone who modifies it to extend its range. Anyone who entered the terminal’s read range may potentially have their credit card information taken. This could happen if the machine was placed in a crowded area. Since there won’t be many terminals available at initially, this probably won’t be a problem, but as the technology develops, criminals may get their hands on blink terminals.
It is possible to prevent blink cards from unintentionally or fraudulently disclosing personal data to unauthorized terminals. The card won’t work if it is put in a sleeve that is lined with metal. In the event that contactless credit cards catch on, “RFID blocking” wallets and purses should be available.
If you’re contemplating it, “What’s the big deal about this? What distinguishes swiping your card through a card reader from holding your card in front of a terminal?” It’s not just you. According to Chase, blink can speed up transactions by up to 20%, especially in drive-throughs. This might have less to do with the swiping problem and more to do with the fact that blink cards don’t require a signature.
So why even implement blink technology? Why not just abolish signature requirements for standard credit cards? The statement in Chase’s official press release that consumers who utilize blink cards frequently spend more each transaction may hold the key. Additionally, users may apply for Chase credit cards in order to use the new technology due to the novelty of blink. The supplier of the cards ultimately makes more money. According to detractors, credit card firms should not be encouraging customers to spend more money more quickly.
While Chase is the first major credit card provider to use RFID cards, other businesses are starting to follow suit. Select markets now provide American Express Express Pay and MasterCard PayPass. What else might contactless credit cards see in the future? The form factor of credit cards could be where the most impact was felt. Personalized cards with pictures of the user’s preferred sports team, national parks, and other appealing motifs dominate the credit card industry. Credit “cards” might come in any shape without being constrained by the magnetic strip, including keychain fobs, tiny toys or sculptures, and coins that are small enough to put in a pocket. Even your hand or a jacket sleeve could be implanted with an RFID chip. How a technology is deployed will ultimately depend on consumer approval.
Check out the links on the next page for more information about RFID, wink, and related topics.