Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
Veni, vidi, teenie weenie yellow polka dot bikini.

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.



Credit password

Works even if you've lost your cash or credit card.
  (+1, -3)
(+1, -3)
  [vote for,

Credit cards contain no information that can't be memorized. Instead of cards, we could have simply long numeric passwords, which we entered upon transaction conveniently by securely touch-typing into a hidden numeric keypad. If the buyer's name in the credit provider's database matches the password, transaction is granted. Low tech, and more secure than a credit card:

To control the risk, the number of digits that has to be entered could depend on the size of the transaction.

Inyuki, Jun 02 2012

Multi factor authentication http://en.wikipedia...ctor_authentication
[Voice, Jun 02 2012]

Cash till - credit card scanner Cash_20till_20-_20credit_20card_20scanner
Something alike Van Eck phreaking, mentioned by [Alterother] [Inyuki, Jun 02 2012]

Smarter Credit Card Smarter_20Credit_20Card
[Inyuki, Jun 02 2012]

Panic PIN Panic_20PIN
[Inyuki, Jun 03 2012]

Why credit card companies put your name on credit card, if you already know it? http://www.ted.com/...without_a_name.html
[Inyuki, Jun 08 2012]


       //more secure than a credit card://   

       Sorry, it isn't. you're replacing two factor security with one factor security.
Voice, Jun 02 2012

       Sorry, it can be. The "two factor" doesn't mean that it's immediately more secure than "single factor". You can have a single factor with probability 0.01 that it is guessed, and you can have two factors, each with probability of 0.5 to be guessed, and you're still better off with one factor, cause 0.01 < 0.5^2.   

       Credit card can be stolen, can be seen, can be photographed, can be lost...   

       + This is the proposal of a convenient schema, already successfully used in many applications. The point is -- it could be used for purposes of a credit card, too, and you don't need plastic.
Inyuki, Jun 02 2012

       Vulnerable to discreet observation, key-logging, Van Eck phreaking, and probably another dozen dirty tricks I haven't thought of, not to mention that people are coming up with new ways to spoof biometric devices faster than the designers are coming up with ways to improve them.   

       Then there are people like my mother, who is a brilliant doctor with instant recall of medical terminology, but carries a slip of paper with all of her PINs and passwords in her wallet because she can never remember them.   

       Digital security is better.
Alterother, Jun 02 2012

       [Alterother], aren't credit cards vulnerable to those things, too?
Inyuki, Jun 02 2012

       Debit cards are, because you have to enter a PIN, but it's in combination with the digital confirmation from swiping the card. If the PIN worked without the card, it would have the same vulnerability. That's what [Voice] is talking about: there are two factors that must match in order for the transaction to be authorized.   

       Credit cards aren't vulnerable to any of the things I mentioned, because none of the data transfer is done via physical input.
Alterother, Jun 02 2012

       Well, yes, the independence of the events that an ATM scheme is creating, is that you use different devices to input PIN and card information, using different methods: one using keypad, and one magnetic, making it harder to obtain all of the information necessary. However, it doesn't mean it is safer. In case of magnetic credit card, you provide ALL of the information on EVERY transaction. In case of "Credit password," you'd not reveal all of it. The length of the revealed digits would depend on the size of purchase.   

       If the purchase size is too large, you'd probably need a the "Smarter Credit Card." (see link). The point is, you'd be still able to function very conveniently without a credit card.
Inyuki, Jun 02 2012

       // Digital security is better //   

       You've certainly put your finger on the problem, there ...
8th of 7, Jun 02 2012

       // I'd feel much more secure with a 3-step verification process //   

       I guess it's true that, as mentioned in the [List of The Hardest Ideas To Grasp], one of those ideas is "Risk"...:
Risk = sum [Probability of an unfortunate event X The loss in case of the event, for all possible events]
If the potential loss is small, there is no need of super-duper low probability with N-step verification.

       (I personally feel entirely secure by using code generator provided by my bank, that's useful for large transactions, and I'd be happy see it used more widely for on-line purchases. However, it still has an inconvenience of being a physical card-like thing that you have to carry around. This idea is not about bringing ultimate security. It's about convenience, - freedom from things, with reasonable security.)
Inyuki, Jun 03 2012

       //Works even if you've lost your money   

       then how are you going to pay for stuff? Or do you mean you have lost the cash on you, but there is still money in the bank account, and lost your cashpoint/ATM card? I am confused.   

       I was going to go for one more shameless plug of my very own Steggi "implausibly difficult to guess alpha, numeric, and the other characters which I can't quite think of the names" password maker, but thought better of it.
not_morrison_rm, Jun 03 2012

       [not_morrison_rm], you're right. I should have said "cash."   

       Yea, true. One doesn't need a password from rare alphanumeric characters for a password to be secure. One can have a password from zeros and ones, and if it is long enough, it will beat the shorter alphanumeric password.
Inyuki, Jun 03 2012

       No, it's ok, my failure to comprehend.   

       To be honest, binary is not that great, as you only get two numbers. A 4 character alph/numeric/squiggly things gets you 92 to the power of 4, which is 71,639,296 according to the back of this envelope.   

       According to the back of the much larger envelope I just had to use, it would take an 11 and a bit (no pun intended) digit binary number password to get the same as the 4 digit 92 char password, a substantial saving in my own personal envelopes, and paper in general.
not_morrison_rm, Jun 03 2012

       While I am extremely diligent with where i keep my card, and with the secrecy of my pin, Im not really worried about the security at all. Most credit card companies will wipe any fraudulent purchases if you spot and report them within the month.
bob, Jun 03 2012

       Better yet, they're going a step further and tracking your spending habits, and rejecting transactions made far outside of those patterns. Every winter, we get people coming up here from down south to come skiing, and they board their dogs with us; come time to pay, card after card get denied because we're way the hell up in the mountains and the cards are from Connecticut or New York or wherever. Fortunately, it's happened so often that I can now talk people through the purchase confirmation phone call in seconds.   

       When T.G.F.J. and I went to England, I had a rare stroke of brilliance; while I was at the bank raising our spending limit so I could buy plane tickets, I told the nice lady where we were going and how long we would be there. We subsequently had no problem using our small-town-bank debit cards in a foreign country. Later, I found out that doing so without the prior notification could have been grounds for out-and- out card cancellation (instead of merely having the transaction denied), depending on the size of the purchase.
Alterother, Jun 03 2012

       hmm I'll have to remember that: I usually wander around with a debit card (despite the bloodygawdawful service charges from south-of-the-border ATM's; seriously "Here, we'll save you the hassle of being mugged").
FlyingToaster, Jun 03 2012

       That's an interesting suggestion. I'll mention it to Jenny, since she's the practice manager. Thanks!
Alterother, Jun 03 2012

       Hmm.. Panic PIN idea got so many buns.
Maybe this should be called "Credit PIN"? Just kidding.
Inyuki, Jun 03 2012

       Despite all the warning about security there is a card in the UK that pretty much provides this service.   

       If you loose your card you can call in and I think you get a special long pin which you can use at their machines and it can dispense a minimum amount of money without a card.   

       Its all a bit irrelevant as for some reason I can just swipe a Credit card /Debit card in the US with no pin (even though I have a Chip & Pin Card that often works in the US) without signing (what a waste of time that is anyway) and on occasion they will ask for my ID. Ha ! like that can't be faked, they (the royal till operator at some random shop) presumably have no idea what a British Driving License looks like.   

       And lets on talk about internet purchases.   

       I am with Bob on this...
PainOCommonSense, Jun 11 2012


back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle