The coming behavioral open prison experiment
yep, it's those little chips that the authorities insist are so very innocent...
but the introduction of these gadgets can be traced back to loyalty cards and
the social engineering inherent in credit card culture...and the culture of credit & debt...
as a lifestyle
only a few years ago [well maybe more] rural areas were just getting used to
holes in the wall, credit, plastic and the cashless 'way forward'
now we have ATMs in Pubs and shops, while banks shut their doors and become
MI6 like buildings...
A passport to freedom?
|
A Master key to 'successTM'
|
access to what?
Security - Normality - acceptance?
|
|
INTRODUCTION TO SMART CARDS
A Smart card consists of a microelectronic chip embedded in a plastic card with a contact pad on the card's surface and/or an embedded antenna for "contactless" communication. As a payment device a smart card is a much enhanced and more versatile version of a magneticc stripe card or debit card. Value loaded to a smart card's purse is prepaid and resembles cash.
Smart cards can be used for secure purchase of goods via a payment terminal interfaced to a soft drink vending machine, snack vending machine, laundry unit (washer or dryer), newspaper vending box, pay-and-display parking terminal, transit gate, photocopier or other Unattended Point-Of-Sale (UPOS) device. There is no need for exact change or for any change at all.
Smart cards can be used as well for payment in attended Point Of Sale (POS) applications, and can also be used to confirm identity, to access buildings or to carry data such as personal health records, driver's license details, and biometric data including finger prints or voice prints. Biometrics can be used to further authenticate identity for high security applications.
|
|
Cashless society
Engineered specifically for vending machine applications, SmartKit capitalizes on the modular design of QI Systems Inc.'s latest generation of Cash Card payment systems. The modular configuration of SmartKit products enables QI to offer cost effective, flexible, scalable Cash Card solutions for a greater number of markets. Features such as loyalty program capability are tailored to meet the requirements of individual clients, from OEM to Route Operator. Designed for ease of use, SmartKit features a card acceptor, a user keypad and a backlit Liquid Crystal Display. Cash Card transactions are quick and simple. SmartKit will validate the Cash Card and authorize the transaction in just a few seconds. Depending on the card specification chosen, the card balance before and after the transaction is easily displayed.
SmartKit (UPOS)
|
Hong Kong Smart Card System
Information on the Hong Kong Smart Card System provided by AESPRODATA, the Railroad-Technology Journal and MTR Corporation.
AES Prodata has installed the world's largest contactless smart card system in Hong Kong where over 1.6 billion transactions occur on the public transport system yearly. This system incorporates all modes of transport including bus, rail and ferry. The first multi-modal smart card system of its kind in Hong Kong. Since the roll out of the Hong Kong system in September 1997, 2.5 million smart card transactions per day have taken place. Over four million cards have been issued with a further 3.6 million still being rolled out. The system is able to handle up to 10 million transactions per day across all modes of public transport.
The smart cards (known as the Octopus system) can be used across six transport operators which have joined together in a joint venture called Creative Star Limited. The joint venture includes the MTR Corporation, the Kowloon-Canton Railway Corporation (KCRC) - light and heavy rail, the Kowloon Motor Bus Co. (1933) Ltd (KMB), Citybus Ltd and Hongkong & Yaumati Ferry.
The flexibility of the system including the central clearing house means that the card can also operate in applications outside transport such as parking, retail and telecommunications. The scope of the system is already being expanded into applications such as pay telephones and photo booths - a world first for automated transit fare collection systems. AES Prodata is responsible for the design, build, operation, maintenance and financing of automated fare collection and card based systems for public transport, ranging from simple fareboxes to advanced multi-modal smart card based ticketing systems. The Hong Kong system is recognized internationally as one of the most advanced smart card systems in the world, having won the 1998 Sesames Award for best smart card application at Cartes 98.
.
PARTNERSHIPS AND PEACE OF MIND
Strategic long term partnerships with international and local operators are encouraged and may include local authorities, transport executives and metropolitan transport executives. AES Prodata ensures system reliability and data security at the highest level and continually achieves excellence in both products and services.
AES Prodata is established internationally as one of the leaders in design, manufacture and project management of Automated Fare Collection (AFC) systems. AES Prodata is a member of the ERG Group of Companies, which is based in Perth, Western Australia. AES Prodata N.V. (Belgium) is a 100% owned subsidiary of ERG Limited and is the Head Office of the AES Prodata Group of Companies which has offices in Australia, Brazil, Canada, France, Hong Kong, Sweden and the United Kingdom.
AES Prodata has pioneered the installation of paper, magnetic stripe, contact and contactless smart card fare collection systems worldwide. Recent installations include Sao Paulo, Moscow, Mexico City, Malaysia and the first multi-modal smart card system of its kind in Hong Kong. Since the roll out of the Hong Kong system in September 1997, 2.5 million smart card transactions per day have taken place.
.
RANGE OF AUTOMATED FARE COLLECTION EQUIPMENT
AES Prodata has an extensive range of fare collection products for all modes of transport, including:
· on-board ticket issuing machines with either stand alone or integral validation for magnetic stripe cards, contact and contactless smart cards.
· portable devices for ticket issuing, card validation and encoding. ticket vending machines which accept coins, notes, debit, credit and stored value cards.
· point of sale terminals combining paper, magnetic, contact and contactless smart card technologies.
· access control systems incorporating barriers, turnstiles and ticket validation for rail and metro stations.
· data communication systems including infrared data transmission, data modules and local and wide area networks (WLAN).
· depot computer systems including hardware and software for operational management information.
· central computer systems for card tracking, card management and complete business management packages.
AES Prodata
Leuvensesteenweg 540 b2
B-1930 Zaventem
Belgium
Tel: +32 2 722 8911
Fax: +32 2 720 8794
E-mail: info@aesprodata.be
URL: http://www.aesprodata.com.au
source
|
cashless cities...control of access = control of obedience
Riding the Hong Kong Octopus
By Steven K. Bailey Published on 6/20/03 - source
A stylish young woman glides down an escalator into a busy underground metro station. She strides over to one of the automatic turnstiles barring access to the train platform and waves her empty hand over its postcard-sized scanner plate. The turnstile beeps once in response, flashes the amount of credit the woman has left on her metro pass, and opens its gate. In less than a second, the woman has bought her ticket to ride.
A scene from some futuristic cyberpunk movie? Guess again. You've just watched the start of another morning commute in high-tech Hong Kong.
That hip young woman in the metro station wears an unusual fashion accessory on one finger: A ring containing a microchip metro pass. This trendy piece of electronic jewelry remains par for the course in Hong Kong, a city obsessed with the latest computer gadgetry. In fact, Hong Kongers have become the world's first true cyborgs. They have metro passes on their fingers, stereo speakers in their ears, timepieces on their wrists and mobile-phone mikes in front of their mouths. In Hong Kong, the future is now.
Along with the musical melodies played by ringing mobile phones, the electronic beep of fares being deducted from metro passes remains one of the most common sounds in Hong Kong. Virtually everyone in Hong Kong carries a mobile phone and a metro pass, which is known almost universally as the Octopus Card.
Whether shaped like a ring or a business card, all Octopus Cards work the same way. The user holds their pass over an orange-colored scanner mounted on a subway turnstile or at the front of a bus or tram. The scanner reads the computer chip embedded in the card, deducts the fare, and flashes the amount of credit remaining on the card. The whole transaction takes just a second or two, which is the kind of speed that Hong Kong likes to move at. After all, everybody in Hong Kong knows that time really does equal money.
The Octopus Card was originally designed for the Mass Transit Railway, the city's extensive subway system that virtually everyone refers to as the MTR. Ironically, the MTR's six-armed logo resembles an arachnid more than an octopus, but you get the point -- the tentacles of the MTR stretch out to every corner of Hong Kong, from Sheung Wan to Tung Chung.
In addition to the MTR, the Octopus Card works on all the other parts of Hong Kong's excellent mass-transit system as well. This system offers clean, fast and safe public transport at affordable prices. Provided you know Chinese and/or English, this system remains one of the easiest in the world to use. This ease of use has a lot to do with the Octopus Card, which works at all times on virtually all forms of public transit. All you have to do is hold your card over a scanner, wait for the beep, and that's that. You'll never fumble for coins or bills ever again.
Most Hong Kong residents carry an Octopus Card, but even short-term visitors to the city should consider purchasing the card if they plan to use public transport. The special tourist passes touted in MTR advertisements are best avoided, as they don't offer a particularly good deal when compared to the regular Octopus Card. Tourist passes only allow travel on the MTR lines, whereas an Octopus Card allows you to travel on all forms of public transport. And while the price of the tourist pass does include a one-way ride on the sleek Airport Express train, this hardly seems a selling point given that virtually every visitor to Hong Kong needs a round-trip ticket to the airport.
Your best bet is to buy a regular Octopus Card and a separate round-trip ticket on the Airport Express. You can buy both as soon as you land in Hong Kong at the Airport Express desk in the arrivals hall of Chek Lap Kok International Airport. In addition, all MTR stations in the city sell Octopus Cards, which will cost you HK$150 (US$20). Fifty of that is a refundable deposit on the card; the remaining amount is the credit available for ticket fares. When you exhaust your available credit, you can top up your card at any of the automated add-value machines located in all MTR stations. You simply insert your pass into the machine along with a $50, $100 or $500 bill. The machine will then transfer the appropriate cash value to your card and presto, you're ready to make hassle-free journeys to even the most far-flung parts of Hong Kong.
You will have a wide variety of transport options to choose from while exploring Hong Kong. Your Octopus Card will work on all five underground MTR lines as well as the above-ground Kowloon-Canton Railway (KCR) that runs from Hung Hom out to the Chinese border. The pass also works on the city's double-decker buses, regardless of what company operates them, as well as the smaller minibuses. You can use your pass on the old electric street trams on Hong Kong Island or on the new Light Rail Transit line that runs between Tuen Mun and Yuen Long in the New Territories. The pass also works on the famous Star Ferry as well as the inter-island ferries steaming out to Lantau, Lamma and Cheung Chau Islands. Even the tram that runs up to Victoria Peak accepts the Octopus Card.
As of now, only taxis and the Central Escalator do not accept the Octopus Card. There is no charge to use the Central Escalator, a half-mile series of escalators and moving walkways running from Central up to the Mid-Levels of Hong Kong Island. As for taxis, doubtless they will soon start accepting Octopus Cards once the technical kinks are sorted out.
After all, the Octopus Card has begun to function as a sort of all-purpose debit card. You can use your Octopus Card for purchases at many 7-11 and Circle-K convenience stores, for example. The willingness of convenience stores to accept the Octopus Card says a great deal about how popular the pass has become with Hong Kong commuters.
Indeed, the entire public transport system operates on the assumption that nearly all of its riders carry the Octopus Card. As a result, those without the card ride as second-class passengers who face the constant inconvenience of paying their fares in cash. Without the Octopus Card your public-transit travels will quickly degenerate into long lines and a constant struggle for coins. You can buy single-ride tickets for the MTR at automated vending machines, but the machines can have long queues -- as lines are called in this former British colony -- and tend to run out of change or simply break down. You can also buy single-ride tickets at service booths in MTR stations and ferry docks, but this remains far less convenient than simply breezing through the turnstiles with a wave of your Octopus Card.
Buses remain particularly biased towards carriers of the Octopus Card, since riders without the pass must pay the fare in exact change upon boarding. If the fare for the bus to Stanley is HK$9.20, for example, then you have to drop exactly that amount of coins into the fare box or pay over the amount with a $10 coin. Drivers will not give change or accept banknotes, though riders caught without coins or cards have been known to annoy drivers by jamming $20-bills into the fare box. An Octopus Card spares you from having to perform a surfer-like balancing act as your bus careens around corners with you still standing at the front, desperately counting out your coins. Meanwhile, all the Octopus Card-holders will have whisked past you and grabbed the last available seats.
The Octopus Card has only one disadvantage, but it's the same disadvantage inherent to cash. Just like with one of those red $100 notes, if you lose your card then you're out of luck. The Octopus Card is essentially a form of cash, so if you drop your card on the sidewalk somebody else will pick it up and use it to ride out to Shek O or Lo Wu. Meanwhile, you'll be stuck with buying a new card.
Otherwise the Octopus Card offers nothing but advantages. You get convenience, efficiency and speed. You even get a slight discount over those paying fares in cash. Even better, once you start waving your Octopus Card around you'll look like a local, especially if you have a mobile phone and like to shout wei, wei into the receiver whenever somebody calls you. Of course, if you want to look really hip, you can always buy one of those cutting-edge Octopus rings. Then you'll quite literally have all of Hong Kong at your fingertips.
|
|
"Consumers are being tracked, catalogued surveilled and their "data" is being warehoused, filed and mapped with increasing detail. This is happening without our knowledge or consent. This invasive spying is currently confined to loading docks at WalMart, Target and Metro Future stores, but is ready to follow you home if you aren't careful about RFID technology. RFID stands for Radio Frequency Identification and is a term that will become increasingly well known as usage of the new technology becomes pervasive. There is no question that the tiny chips, which enable tracking of physical goods from the assembly line to warehouse to retail outlet to checkstand, will replace the barcodes previously used for that purpose. Some RFID chips are so tiny, they are nearly indistiguishable from dust in many cases."
The Coming Privacy Storm Over RFID Chips
"Human rights organisations from Europe, North America, Australia and Asia have sent an open letter to the International Civil Aviation Organisation (ICAO) railing against plans to create an international 'identity register' that would force the inclusion of biometrics and controversial RFID tracking tags in all passports by 2015. "
One billion people to get biometrics and RFID tracking by 2015
|
"Many companies monitor employee e-mail and Internet usage, and Web-based security cameras are commonplace fixtures in office buildings.
However, technologies such as GPS and employee badges with radio frequency identification (RFID) tags promise to take employee monitoring to an entirely new level. Today's tracking systems can record, display and archive the exact location of any employee, both inside and outside the office, at any time, offering managers the unprecedented ability to monitor employee behavior."
Can't Hide Your Prying Eyes
- computerworld
|
Terrorist Beacons: Close up, the information broadcast from the RFID chip can be read by anyone with an inexpensive electronic reader. Farther away, the RFID chip can be activated enough to identify the passport holder as an American.
|
In a misguided attempt to make US passports more secure, the US Department of State plans to put radio frequency identification (RFID) chips in all new passports. This RFID chip will contain the same information currently on our passports, including the passport holder's name, date and place of birth, passport number and photograph.
In a dangerous world where Americans are targeted by thieves, kidnappers and terrorists, the RFID-chipped US passport will turn tourists into targets, and American business travelers will transmit their identities to kidnappers wherever they go, thanks to the US State Department.
Close up, the information broadcast from the RFID chip can be read by anyone with an inexpensive electronic reader. Farther away, the RFID chip can be activated enough to identify the passport holder as an American.
From identity theft to identity death, an RFID-chipped US passport means good news for the bad guys.
- rfid kills
|
RFID: Tracking everything, everywhere
by Katherine Albrecht, CASPIAN Founder
Excerpted from: Albrecht, Katherine."Supermarket Cards: The Tip of the Retail Surveillance Iceberg." Denver University Law Review, Summer 2002, Volume 79, Issue 4, pp. 534-539 and 558-565.
Expect big changes
"In 5-10 years, whole new ways of doing things will emerge and gradually become commonplace. Expect big changes." 1 - MIT's Auto-ID Center, 2002
Supermarket cards and retail surveillance devices are merely the opening volley of the marketers' war against consumers. If consumers fail to oppose these practices now, our long-term prospects may look like something from a dystopian science fiction novel.
A new consumer goods tracking system called Radio Frequency Identification (RFID) is poised to enter all of our lives, with profound implications for consumer privacy. RFID couples radio frequency (RF) identification technology with highly miniaturized computers that enable products to be identified and tracked at any point along the supply chain. 2
The system could be applied to almost any physical item, from ballpoint pens to toothpaste, which would carry their own unique information in the form of an embedded chip.3 The chip sends out an identification signal allowing it to communicate with reader devices and other products embedded with similar chips. 4
Analysts envision a time when the system will be used to identify and track every item produced on the planet. 5
A number for every item on the planet
RFID employs a numbering scheme called EPC (for "electronic product code") which can provide a unique ID for any physical object in the world. 6 The EPC is intended to replace the UPC bar code used on products today. 7
Unlike the bar code, however, the EPC goes beyond identifying product categories--it actually assigns a unique number to every single item that rolls off a manufacturing line. 8 For example, each pack of cigarettes, individual can of soda, light bulb or package of razor blades produced would be uniquely identifiable through its own EPC number. 9
Once assigned, this number is transmitted by a radio frequency ID tag (RFID) in or on the product. 10 These tiny tags, predicted by some to cost less than 1 cent each by 2004, 11 are "somewhere between the size of a grain of sand and a speck of dust." 12 They are to be built directly into food, clothes, drugs, or auto-parts during the manufacturing process. 13
Receiver or reader devices are used to pick up the signal transmitted by the RFID tag. Proponents envision a pervasive global network of millions of receivers along the entire supply chain -- in airports, seaports, highways, distribution centers, warehouses, retail stores, and in the home. 14 This would allow for seamless, continuous identification and tracking of physical items as they move from one place to another, 15 enabling companies to determine the whereabouts of all their products at all times. 16
Steven Van Fleet, an executive at International Paper, looks forward to the prospect. "We'll put a radio frequency ID tag on everything that moves in the North American supply chain," he enthused recently. 17
The ultimate goal is for RFID to create a "physically linked world" 18 in which every item on the planet is numbered, identified, catalogued, and tracked. And the technology exists to make this a reality. Described as "a political rather than a technological problem," creating a global system "would . . . involve negotiation between, and consensus among, different countries." 19 Supporters are aiming for worldwide acceptance of the technologies needed to build the infrastructure within the next few years. 20
The implications of RFID
"Theft will be drastically reduced because items will report when they are stolen, their smart tags also serving as a homing device toward their exact location." 21 - MIT's Auto-ID Center
Since the Auto-ID Center's founding at the Massachusetts Institute of Technology (MIT) in 1999, it has moved forward at remarkable speed. The center has attracted funding from some of the largest consumer goods manufacturers in the world, and even counts the Department of Defense among its sponsors. 22 In a mid-2001 pilot test with Gillette, Philip Morris, Procter & Gamble, and Wal-Mart, the center wired the entire city of Tulsa, Oklahoma with radio-frequency equipment to verify its ability to track RFID equipped packages. 23
Though many RFID proponents appear focused on inventory and supply chain efficiency, others are developing financial and consumer applications that, if adopted, will have chilling effects on consumers' ability to escape the oppressive surveillance of manufacturers, retailers, and marketers. Of course, government and law enforcement will be quick to use the technology to keep tabs on citizens, as well.
The European Central Bank is quietly working to embed RFID tags in the fibers of Euro banknotes by 2005. 24 The tag would allow money to carry its own history by recording information about where it has been, thus giving governments and law enforcement agencies a means to literally "follow the money" in every transaction. 25 If and when RFID devices are embedded in banknotes, the anonymity that cash affords in consumer transactions will be eliminated.
Hitachi Europe wants to supply the tags. The company has developed a smart tag chip that--at just 0.3mm square and as thin as a human hair -- can easily fit inside of a banknote. 26 Mass-production of the new chip will start within a year. 27
Consumer marketing applications will decimate privacy
"Radio frequency is another technology that supermarkets are already using in a number of places throughout the store. We now envision a day where consumers will walk into a store, select products whose packages are embedded with small radio frequency UPC codes, and exit the store without ever going through a checkout line or signing their name on a dotted line." 28 - Jacki Snyder, Manager of Electronic Payments for Supervalu (Supermarkets), Inc., and Chair, Food Marketing Institute Electronic Payments Committee
RFID would expand marketers' ability to monitor individuals' behavior to undreamt of extremes. With corporate sponsors like Wal-Mart, Target, the Food Marketing Institute, Home Depot, and British supermarket chain Tesco, as well as some of the world's largest consumer goods manufacturers including Proctor and Gamble, Phillip Morris, and Coca Cola 29 it may not be long before RFID-based surveillance tags begin appearing in every store-bought item in a consumer's home.
According to a video tour of the "Home of the Future" and "Store of the Future" sponsored by Proctor and Gamble, applications could include shopping carts that automatically bill consumers' accounts (cards would no longer be needed to link purchases to individuals), refrigerators that report their contents to the supermarket for re-ordering, and interactive televisions that select commercials based on the contents of a home's refrigerator. 30
Now that shopper cards have whetted their appetite for data, marketers are no longer content to know who buys what, when, where, and how. As incredible as it may seem, they are now planning ways to monitor consumers' use of products within their very homes. RFID tags coupled with indoor receivers installed in shelves, floors, and doorways, 31 could provide a degree of omniscience about consumer behavior that staggers the imagination.
Consider the following statements by John Stermer, Senior Vice President of eBusiness Market Development at ACNielsen:
"[After bar codes] [t]he next 'big thing' [was] [f]requent shopper cards. While these did a better job of linking consumers and their purchases, loyalty cards were severely limited...consider the usage, consumer demographic, psychographic and economic blind spots of tracking data.... [S]omething more integrated and holistic was needed to provide a ubiquitous understanding of on- and off-line consumer purchase behavior, attitudes and product usage. The answer: RFID (radio frequency identification) technology.... In an industry first, RFID enables the linking of all this product information with a specific consumer identified by key demographic and psychographic markers....Where once we collected purchase information, now we can correlate multiple points of consumer product purchase with consumption specifics such as the how, when and who of product use." 32
Marketers aren't the only ones who want to watch what you do in your home. Enter again the health surveillance connection. Some have suggested that pill bottles in medicine cabinets be tagged with RFID devices to allow doctors to remotely monitor patient compliance with prescriptions. 33
While developers claim that RFID technology will create "order and balance" in a chaotic world, 34 even the center's executive director, Kevin Ashton, acknowledges there's a "Brave New World" feel to the technology. 35 He admits, for example, that people might balk at the thought of police using RFID to scan the contents of a car's trunk without needing to open it. 36 The Center's co-director, Sanjay E. Sarma, has already begun planning strategies to counter the public backlash he expects the system will encounter. 37 - KatherineAllbrecht - nocards.org
|
"One scenario will alert shopkeepers to wealthy individuals entering their store, calculating their net worth based on the tags hidden in their clothing, and comparing their type against a demographic database. Bus shelters and other public spaces might be fitted with RFID tag readers connected to display devices, which will pitch products at consumers based on their tags."
|
Ulterior motives behind ID tags exposed
By Nathan Cochrane July 15 2003
Plans to swamp the world in invisible tracking devices were revealed last week as secret industry documents detailing a global agenda to "pacify" consumers and co-opt key lawmakers were leaked.
Sensitive documents were exposed by Consumers Against Supermarket Privacy Invasion and Numbering (CASPIAN), a US consumer group lobbying against the technology.
The group found documents from the US Auto-ID Centre, which has an Australian research division at Adelaide University, and published them on the privacy and security website, cryptome.org
Auto-ID is a worldwide co-ordinating group for the radio frequency identification (RFID) industry that counts Australian packaging giant Visy Industries, Dutch electronics maker Philips, computer services company IBM and consumer goods maker Gillette among its members. The group aims to embed RFID tags - tiny radio emitting tracking devices - in all consumer goods including clothes, household electronics and packaging such as aluminium cans and cardboard boxes.
The tags are used at Star City Casino in Sydney to trace workers' uniforms, by beef farmers to track livestock, and to monitor the temperature of fruit, confectionery and pet food. Packaging rivals Carter Holt Harvey and Visy are also looking to embed the technology for customers.
Industry sees RFID as a way to cut costs from the manufacture and distribution of goods, allowing it to more readily track goods through the production chain, while privacy advocates fear its negative consequences on human rights.
The ease with which CASPIAN hacked the centre's website overshadows industry claims that it can protect citizens' privacy, the lobby group says.
"Privacy advocates are alarmed about the centre's plans because RFID technology could enable businesses to collect an unprecedented amount of information about consumers' possessions and physical movements," says CASPIAN founder Katherine Albrecht.
Federal privacy commissioner Malcolm Crompton says Australians have shown hostility towards technology that invades their privacy.
"Companies, whether they are Australian or located anywhere else, are well advised to take note of these deep feelings that people have and therefore it may or may not need further laws to provide protection," Crompton says. "But the companies can rest assured that if they are reckless in this way they will generate the call for more law."
He says the tags should be "killed" as the items leave the store and it should not be possible to reactivate them later. He is alarmed at any suggestion that they can be reactivated, and will seek more information from the industry.
IBM Consulting Service's Asia-Pacific manager for e-Business, Vicki Ward, says her company will adhere to any laws. "IBM would adhere to whatever standards are set by the government in whichever country we were working."
Ward says there was a strong push by product-makers wanting to track consumer behaviour after they'd made purchases.Concerns over how consumers would view that intrusion dissuaded the Auto-ID Centre from adding that function in the first batch of standards, but it could be added later, she says.
Among documents made available to the public for the first time was confidential research by the centre in which consumers in the US, Britain, Europe and Japan consistently gave negative opinions of the technology. Key among these were the privacy aspects, followed by health, personal safety and the likely impact on jobs, because fewer workers were needed.
"A company, a government, a rogue state, a 19-year-old in his parents' attic will try and hack this for fun, for power," said a respondent in the US study conducted by centre researcher Helen Duce.
Respondents were worried that hackers or thieves could see into their homes and shopping bags, targeting them for crime, or that police and security services would spy on them using the tags. Consumers placed the technology in the same basket as nuclear power or genetically modified foods but were "apathetic" and likely not to do much about their concerns, the centre found.
"There are currently no clear benefits (for consumers) . . . so any negative press coverage, no matter how mild, would shift the neutral (opinion) to negative," Duce wrote. "Virtually all groups spontaneously said that they wanted a choice and that the `chip should be killed' (when they left the shop)."
Duce wrote that these concerns would be overcome with a co-ordinated global public relations strategy. The tags should also be renamed either "enhanced barcodes", she wrote, or "green tags", according to another report for the centre by consulting PR firm Fleishman-Hillard.
Minutes from the centre's February meeting indicate the first pilot phase is under way with many of its members, who are building business cases for its use. One scenario will alert shopkeepers to wealthy individuals entering their store, calculating their net worth based on the tags hidden in their clothing, and comparing their type against a demographic database. Bus shelters and other public spaces might be fitted with RFID tag readers connected to display devices, which will pitch products at consumers based on their tags.
The RFID industry has had several setbacks recently. Benetton shelved plans to embed tags in its clothes, once news of its trial leaked. Wal-Mart, the big US supermarket chain, gives its customers the option to remove the tags from its products. The only Australian member of the centre is Martyn Johnson, director of the Visy Technical Centre, an offshoot of Visy Industries. Visy spokesmen did not return calls
source
|
MIFARE scores in event ticketing applications
March 2004: - semiconductors.philips.com
MIFARE-based contactless smart cards have been around for a number of years. They are the de-facto standard for public transport applications, where transaction speed and ease-of-use make them an ideal solution. However, they have also had significant success in access control applications. It is the benefits contactless cards can offer in this field, that is now attracting the attention of sports and leisure event organizers. Event organizers are increasingly looking to smart card technologies as a way to provide better and easier access control to events and also to provide additional services such as loyalty applications and electronic purse capabilities on a single smart card or electronic ticket.
For sports event ticketing, soccer is leading the way. A growing number of clubs in Europe have already implemented smart card solutions for access to their stadiums, including PSV in the Netherlands and Real Madrid in Spain. Both these clubs have implemented systems based on Philips Semiconductors' contactless MIFARE smart card ICs, the same system that the organizers of the 2006 World Cup in Germany are also planning to use.
PSV started looking into smart cards for access control in 1999 as a way to improve customer relations. Now electronic cards are being mandated by the Dutch football association - Koninklijke Nederlandse Voetbalbond (KNVB) - as a way to keep hooligans out of the stadiums. So at the end of last year, PSV issued MIFARE smart cards to its 28,000 season ticket holders to control access to the stadium. This year, these tickets have been replaced with MIFARE ProX dual interface cards, which will allow the club to add new features to the card to provide their supporters with additional services.
PSV has also introduced disposable single match tickets, based on Philips MIFARE Ultralight ICs for its business seats. Some 1100 Ultralight tickets are issued for each match and PSV also hopes to extend the functionality of these tickets to include access to parking and tokens for buying drinks at the stadium.
"MIFARE is the leading solution for contactless smart cards. We are very pleased with this fast, reliable and proven technology," said Hans van Raaij, IT manager at PSV. "With the successful introduction of the MIFARE ProX cards this season, we are aiming for a completely cashless stadium by the end of 2004 and are now working to add extra services including an e-purse and a loyalty application."
Other soccer clubs in the Netherlands are also aiming to implement or indeed have already implemented access control systems. Another first division team, Roda J.C., was the first club in Holland to introduce a contactless solution, launching a proprietary system in 2000. However, when it wanted to expand the functionality beyond access control, the club decided to move to the de facto industry standard. By choosing a MIFARE-based system, the club would no longer be dependent on a single technology supplier, and could also support both their season ticket and an e-purse application on the same card. This year the club will issue some 12,000 contactless season tickets, primarily to its club card holders.
"One of the main reasons we moved to MIFARE is that it is an open standard", said Marco L'Abee, stadium manager of Roda J.C. "This makes it much more flexible and gives us the possibility to tie into other applications. It was also cheaper to implement than our existing system, a significant factor for smaller clubs like us."
At the other end of the scale, Spain's Real Madrid has issued some 80,000 contactless cards to its season ticket holders for this season. While these cards currently only provide access control, Real Madrid is closely watching the progress at PSV and is getting lots of ideas on how to expand its system in the future.
Other sports are also investigating the possibilities of smart card ticketing solutions, with the 2008 Olympics in China likely to be the first games to use a smart card electronic ticketing system. One of the key attractions of smart cards for events like the Olympics is the range of applications that can be stored on a single card. In addition to basic access control, the cards can act as public transport tickets to get to the events or provide access to parking at the event. They can also include an e-purse or tokens for buying food and drink at the stadium or affiliated merchants.
Beyond sports, concert and other events organizers are also looking to electronic ticketing. However, unlike sports like soccer or rugby where there are large numbers of regular supporters, the audience at each concert or event is likely to be very different. This poses a different set of challenges for event organizers. Key amongst these is the fact that tickets will only be used once, so the manufacturing costs of the tickets must be very low.
Contactless paper tickets based on MIFARE Ultralight smart card ICs provide the ideal solution. These low-cost tickets provide the same convenience and benefits as a standard contactless card. And while they have limited memory capacity, they can still support some additional features such as public transport ticketing, access to parking or even an e-purse for buying food or drinks at the event.
With the wide range of benefits that smart card technology brings to all types of event ticketing, this market is expected to grow quickly over the coming years. Sports stadiums are likely to continue to lead the way, but event ticketing applications will also benefit from the lessons learned by the sport clubs, allowing these applications to be implemented based on tried and tested technologies and business models.
Complete solutions for event ticketing
Philips provides a complete contactless capability that can be tailored to meet the requirements of any event ticketing application. Its MIFARE family ranges from the established MIFARE 1k standard contactless ICs to advanced dual interface MIFARE ProX ICs with up to 16 Kbytes of memory and advanced encryption and security features using an onboard FameX crypto coprocessor. At the other end of the scale, the recently introduced MIFARE Ultralight ICs can be embedded in paper tickets to provide a low-cost, disposable ticketing solution.
Fully compatible with ISO 14443-A, the open platform MIFARE interface standard is already well established in contactless public transport ticketing applications, providing event organizers with the possibility to easily link into these existing infrastructures. MIFARE is also compatible with the NFC interface protocol developed jointly with Sony, providing additional possibilities to use NFC enabled devices such as mobile phones or PDAs instead of plastic or paper tickets to store tickets.
|
Oyster card: Taking over London from libraries to leisure centres
'We're looking for a technology partner that can roll with the punches...'
By Jo Best Published: Thursday 17 March 2005 - networks.silicon.com
The Oyster card looks set to reach far beyond the barriers of London's Underground network, as cash becomes a dirty word in London's public sector.
Speaking today at the Consult Hyperion Digital Money Forum in London, Charles Monheim, director of transport for London's Oyster card, said the company is looking to rid London's public transport of cash payments, from buses to car parking.
"We are waving cash goodbye... We're removing cash from buses entirely by 2006," he said. "Transport is the killer application [for e-money]."
In order to deter customers from using coins rather than card, cash customers will be forced to pay a premium over card-carriers. Such a system is already used on the Tube, where non-Oyster ticket holders pay 20 per cent extra or above, depending on the time of day.
The conversion of street-level parking from cash to Oyster card payments will take longer, Monheim said, but will happen. "With on-street parking, both consumers and merchants are getting fed up with cash... The City of London is taking the lead in taking cash from machines."
However, Monheim admitted the push to more Oyster usage is not about customer convenience, it's about cost-cutting.
"The challenge for us on the tube is to move customers from relatively high-cost channels to relatively low-cost channels... we're saving 15 to 20 per cent by virtue of converting to smart card ticketing."
Monheim said Oyster card is now looking to expand into entirely new areas.
"We are looking for an e-money partner... we're also looking for technology partners to help us navigate the right place for a contactless payment card in the marketplace - an organisation with a certain amount of vision and foresight to roll with punches," he said.
The Oyster card has already broken out of its initial transport niche and can be used in conjunction with a number of local councils' services.
There are a few boroughs in London that provide access to services along with the Oyster service including some which offer access to library or leisure centre facilities, using the card as an authentication mechanism. Monheim said: "For those that don't want to be smart, they can use the Oyster card branded as their council card."
The card is also being used to access parking lots. "We're doing trials with parking in our own parking lots, thereby avoiding regulation," he joked.
|
Foiling the Oyster Card
WTWU @ Spyblog
Many people are worried about the privacy implications of the new Transport for London Oyster Smart Card. This promises greater convenience (and some introductory discounted fares) for travel on London Underground railways and Bus services, at the cost of greater surveillance of individuals, since each Oyster Card is uniquely numbered, and has to be swiped at the start and end of each journey. This self tracking behavior is reinforced by the poster advertising campaign and the policy of charging the maximum possible fare unless you swipe the card past the reader at the end of your journey, not just at the start.
The season ticket versions of the card have name and address and credit card details associated with them. Even the new pre-pay cards, which are more anonymous, unless you use a credit card or choose to register the card, still have a unique tracking serial number which can be tied to the omnipresent CCTV Surveillance on London Underground, and increasingly even on London Buses.
The system uses contactless MIFARE based smart cards with distinctive yellow readers at Tube station barriers and on buses.
There is no authentication mechanism e.g. a Personal Identification Number as with "Chip and PIN" credit cards, it depends only on whether the Oyster card is within range of a reader, typically 10 centimetres or so for the readers currently deployed by Transport for London (which is far less than what the equipment is actually capable of). The only security against being accidentaly overcharged or having your private details read or associated with a particular Oyster Card by people operating their own MIFARE scanners, is to shield the Oyster Card from unwanted radio signals. These private details includes information about the last 10 or so trips that you have made, which is data stored directly on the card, and which will be available to the 3rd party retailers who come on board the "electronic purse" aspects of the scheme.
The MIFARE system uses one of the Industrial Scientific Medical licence free frequencies at 13.56 MHz, so it is not illegal for other people to have or to use their own reader equipment.
One way to preserve your privacy somewhat is to shield the Oyster Card with aluminium kitchen foil. This seems to block the readers on the charge up ticket machines even when only the back of the Oyster Card is shielded i.e. you have to remove the Oyster Card from the shielded holder for it to be read/charged up:
Even if, like us, you do not think that non-Oyster Card readers are very common yet, there is still a case for shielding your Oyster Card. especially the pre-paid one which currently only operates in the central zones 1 to 3. If you travel into London from outside these zones, on a paper ticket which you present to the slot in a Tube ticket barrier on your right, you do not want money to be deducted from your zone 1 to 3 Oyster Card as well - it depends on your physical size as to how close the Oyster Card readers are to whatever pocket or handbag etc you keep your card in.
Similar use of aluminium foil to line pockets or handbags or shopping bags etc. will also block RFID tags on consumer items which have not been "killed" or disabled at the checkout (again, more of a potential problem in the future, rather than a big risk at the moment).
However, if you choose to use such radio frequency shielding techniques, be aware, that you currently run the risk of being suspected of carrying concealed weapons or explosives by the operators of the still rare but controversial "see under your, or your childrens', clothes" Passive Millimetre Wave Radar cameras and scanners being tested by the Police and other military security forces.
UPDATE:
We are getting visitors directed to this article via links from discussions about the security and privacy problems with the new US Biometric passport.
This involves some international "bait and switch" propaganda e.g. the US and UK governments claim "we have to introduce biometric passports because that is what the International Civil Aviation Organisation says we have to do."
Speak to anyone in the ICAO and they say "we are specifying biometric passports because the US and UK government were pushing this policy"
Biometric Passports need a chip inside them, and for some astonishing reason, probably to do with commercial lobbying, the ICAO has specified a contactless smartcard solution. All well and good, except that this is not a very tight specification, and the US Government, has chosen not to use any encryption in its passports, i.e. they have ignored all the technology and experience gained through the issue of millions of Mifare type contactless travel smartcards, like the Oyster card.
This means that US citizines will have their passport details secretely read , through their clothing or luggae, by unauthorised standard reader devices, some of which could be operating with more sensitive antenna and amplification in excess of the normal off the shelf equipment which has to obey local radio frequency allocation power limit regulations. This is a threat to the privacy of US citizens(and any other country stupid enough to copy the US system). In the worst case, there will be terrorist bombs and booby traps triggered by a specific individual's US Passport, or a generic "are there sufficient US passport holders in the imm3ediate area" type detonation command.
The way to overcome this is obviouslty to shield the passport in the same way as the Oyster Card above. However the same laws of physics apply, so you cannot put the chip and antenna into the cover of the passport if you intend to shield it with aluminium etc.
You end up having to have a thickly laminated page, effectively a smartcard , bound into the passport booklet (border control visa ink pad stamps are not going to be phased out). You could then shield the covers of the passport booklet.
This means that instead of a convenient, rapid check like the Oyster card, such a passport will involve fumbling to get the covers open to expose the smartcard page inside, and then presenting it to the reader device. Why on earth couldn't they have used a contact smartcard, like millions of "Chip and PIN" credit cards, or an optical barcode system, which can be read by laser without the risk of it ever being read secretly through your clothes or luggae by radio ?
If the US style passport is not shielded (still an option), and people go for the home brew or commercial (there must be millions of leather and other passport wallets on the market) shielded passport holder, then experience with the Oyster Card shows that you will have to remove the passport from this shielded wallet for it to work. Simply flipping it open will not be sufficient, especially if the offical passport readers are deliberately detuned to only work at a vey short range (so as not to get confused by the next people in the invetiable queue).
All the worries about "see under your clothes" snooping devices applies even more to such shielded passports - this equipment is being introduced in airports first, as it is still expensive. Therefore there will be a number of "false positives" where people are suspected of carrying weapons, explosives or drugs, simply on the basis of their shielded passport holders which will show up in high contrast aginst their "naked" bodies.
Obviously when this happens too many times, the security gurds will become lax, and criminals will start to smuggle small amounts of drugs, explosives or sharp weapons, within the shielded passport holder itself.
|
The Oyster Gotcha
By Matt Stephens - February 13, 2005
When designing software UIs, we can learn lessons from real-world errors (not just in software). The Oyster Card is a good recent example.
In the UK, Transport for London (TfL) recently introduced a public-transport payment system known as the Oyster Card. It can be used on buses and British Rail trains, but seems to be mostly aimed at the Tube (aka London Undergound) - or at least, that's where it seems to exhibit the most problems.
The premise behind the Oyster Card is that people using it prepay their fares online. Then, when they walk into a Tube station, they “touch in” (i.e. rub the Oyster Card provocatively on a magnetic detector thing which reads their details). When they leave their destination station, they “touch out” in much the same way. Their journey fee is then deducted from their prepay account. If there isn't enough money in the account, then obviously an iron cage drops from the ceiling and sharp knives are poked at them from all sides. (I'm told that this little-known aspect of the new system won't be implemented for another 12 months though).
First, what's there to like about the Oyster Card? It's a robust system which allows thousands of commuters to make their way to work each day, and on the whole it has that magic quality needed by any such large-scale, mission-critical system: it just works. However, it's not without its usability issues. Perhaps usability wasn't top of the designers' list of criteria when creating the Oyster Card system. But then, its marketing is full of bubbly claims about how it's much more convenient (etc etc) than the traditional paper-age Travelcard system.
The Oyster Card supposedly makes buying season tickets much easier. No more queuing at the train station on a Monday morning; just prepay online, and Bob's your slightly scary uncle. Some thought has obviously gone into the way people will use the Oyster Card, because there are ways in which certain things are supposed to “automagically” happen. For example, you don't need to book or declare a specific journey: as long as you touch in and out, it all gets worked out for you. And when you purchase or renew a card, you nominate your “main” Tube station for your daily commute. Then, when you touch in that station your card gets charged-up with your new "virtual travelcard" or topped-up with your prepay credits.
Why the Oyster Card Sucks
So, what's there not to like? Quite a lot, as it turns out. The first thing (not really to do with the main subject of this article) is that the name (to me at least) is quite distasteful. Oysters, yuch: eating an oyster would be like licking snot off a tortoise shell. I really don't want to have that image thrust into my mind early every morning while I trudge to work. At that time in the morning, I'm still not fully awake; my mind is still in its semi-unconcious, probably easily hypnotized state; dreamy; and all grotesque imagery is to be avoided if at all possible.
"It's very easy to forget to touch out"
Back in the corporeal real world though, the trouble with the Oyster Card is that at certain Tube stations, it's quite easy to walk out without going through one of the “proper” ticket barriers; and often, the ticket barriers are left open so it's easy to simply walk straight through. In fact the hordes of commuters are often herded through various exits, and with a thousand people pushing behind you to get out into the sunlight, it's really very easy to forget to “touch out”. TfL's solution is simple: if this happens, give the commuter the arse-end of the doubt, and charge them the maximum possible fare that they might conceivably have travelled. Nice.
Software reality.com
|
signing up for close surveillance
Police search for criminals with Oyster
By Siobhan Lismore - wandsworth guardian
Police hunting criminals are using Oyster card technology to help track them down, according to material released by the Freedom of Information Act last month. Figures show a huge leap in police requests to Transport for London (TfL), which operates the Oyster cards used to travel on buses, trains and the underground. Just seven information requests were made by police during 2004, compared with 61 requests made in January this year alone. Overall, police have requested to see journey information 243 times and they have been given it 229 times, equating to about 94 per cent compliance.
If pre-pay was to be accepted on overground services, which we are campaigning for through Fare's Fair supported by Wandsworth Council, police could also use the technology to monitor all railway users.
Shami Chakrabarti, the director of human rights group Liberty, said: "Oyster card records should be available to police who are solving serious criminal cases, but this power cannot be used indiscriminately."
A TfL spokeswoman said it complies fully with the Data Protection Act and information on individual travel is kept for a maximum of eight weeks. She said this was for customer service purposes to replace lost or stolen cards and for refund inquiries. This information is only made available to a small number of people and information is only released on a case-by-case evaluation. She explained: "Police requests must be made under Association Chief Police Officer guidance. There are currently more than five million Oyster card users in London and the number of police requests is less than 65 per month.
A police spokeswoman said: "Each case is looked at individually, but such information could be used to build up a picture of a person's movements."
Users of pre-pay Oyster cards can elect whether or not to remain anonymous, she added, although TfL encourages people to register their cards, otherwise they cannot be replaced.
Ms Chakrabarti said: "Students and commuters who register their details in exchange for cheaper fares are probably unaware they are also signing up for close surveillance."
|
Allow Card launches pre-paid MasterCard for teens
Published: 12/12/2005 14:37:00 - Allow Card of America has launched a pre-paid MasterCard specifically designed for older children and teenagers that allows parents to track and control their spending.
The pre-paid debit card is aimed at young people between the ages of 10 to 19. Parents can load money on to The Allow Card and track their children's spending via an online portal.
The Web site features over 35 controls, allowing parents to set parameters for their children's spending. The site also allows parents to lock out specific merchant categories so teens can't spend money at "undesired" locations.
The portal also features financial lessons and interactive games designed to help young people to learn how to manage their allowance and finances.
Marla Beans, Allow Card of America's CEO, says studies have shown that young people are inadequately prepared for financial responsibilities once they leave home. "That's why we developed our Web site as part of the overall Allow Card programme," she says. "It's a place where both parents and teens can check the status of accounts, as well as a site where teens can learn about finances. This is an excellent way for parents, teens and preteens to develop a sense of trust as they talk about money situations."
Visa USA launched its own re-loadable payment card for children and teenagers in 2000. The Visa Buxx card is offered by a number of banks including Bank of America, Wachovia and US Bank. finextra.com
|
Indoctrinating behavioral patterns
in a cashless society
A Card becomes an 'enabling' device
just like this will
"...Identity cards will provide every person in this country with an easy and secure way of proving their identity, of demonstrating their right to be here and of asserting their place in the community. Our liberties will be strengthened if our identity is protected from theft; if we are guaranteed access to the services to which we are entitled; and if our community is better protected from terrorists and organised criminals, and from those who seek to abuse the immigration rules and public services."
Home Office UK
|
Clydesdale Bank introduces pre-paid debit cards
Published: 19/01/2006 - The UK's Clydesdale Bank is teaming with PrePay Technologies to create, deliver and service prepaid and reloadable MasterCard debit cards that are targeted at customers that don't have a bank account.
Clydesdale - which is part of the National Australia banking group (NAB) - says it is working with the UK-based vendor to create a set of cards targeted at the large unbanked market, which will be released imminently.
The bank has already launched its Western Union Travel Cash Card, which can be loaded with funds in euros, US dollars and sterling and is protected by a personal PIN. The card can be used at ATMs as well as in retail outlets.
Dean Cutbill, general manager of third party distribution, Clydesdale Bank, says: "The US marketplace has seen a rapid expansion in the provision of prepaid debit cards over the last five years and we anticipate this growth will be replicated in Europe over coming years."
. finextra.com
|
Credit card firm targets teens
By Joe Morgan - The Times
MASTERCARD was accused yesterday of encouraging teenagers to go into debt with the launch of a payment card for children. The biggest credit card group is issuing prepayment cards to let youngsters purchase products on plastic. How much the teenagers can spend is limited by the amount that their parents are prepared to deposit in advance, but the scheme was described yesterday by consumer groups as "irresponsible".
The National Consumer Council (NCC) has raised fears that the cards will get children so used to spending money that is not theirs that they will go hopelessly into debt once they are old enough to apply for a credit card.
Supporters, however, regard the cards, which are issued by Bluecorner, as the natural step in an increasingly cashless society. They argue that the prepayment cards will familiarise children with plastic without spending too much.
Teenagers are being appealed to by MasterCard in youth magazines such as Smash Hits! and Bliss, and on Magic FM radio. The Splash Plastic card is aimed primarily at internet- savvy teenagers seeking to shop online who are not eligible for a credit or debit card.
The NCC said: "There is a risk that the cards will predispose them to irresponsible spending on credit cards later." The spokeswoman described the enticement of children as a "dreadfully bad idea". She said: "Payment cards can be useful for certain groups, such as adults who do not have a bank account. But it is a much more dangerous scenario when these cards fall into the hands of youngsters. "The fact that these cards are topped up by parents could get teenagers used to spending money on plastic which is not theirs in an irresponsible way."
NCC officials also expressed concern at the charges made by MasterCard. Customers pay a £9.95 fee to open their card account and pay 85p for each withdrawal from an ATM cash dispenser. Card holders are penalised with a £4.99 fee for cancelling an account or ordering a replacement card.
Angela Eagle, the Labour MP for Wallasey and a member of the Commons Treasury Select Committee, said that it would be far more appropriate for children to use Solo debit cards, which are linked to a bank current account. She said: "I do not think these (prepayment cards) add anything in terms of financial education. Children can open a bank account and use a debit card, which is obviously superior."
Phil Davies, the director of business development at MasterCard Europe, defended the Splash cards as a starter kit for financial prudence. He said: "Parents can control the amount of money their son or daughter spends on the card by limiting the amount of money placed on the card.
"These cards have a positive part to play as they can help teenagers and adults to improve financial discipline as they manage the money placed on the card sensibly."
The minimum age for holding a card is 13. They are used in the same way as credit and debit cards but users should not be able to go into debt. Parents can apply to get cards for their children online.
COST OF THE CARD
Purchase fee £9.95
Upgrade fee £4.99
Replacement fee (lost/stolen) £4.99
Account cancellation fee £4.99
PIN issue/reissue £1.00
ATM cash withdrawal fee 85p
THE RISING TIDE OF TEENAGE DEBT
Findings from the Consumer Credit Counselling Service (CCCS)
18-year-olds seen by CCCS debt advisers since 2003 have had an average of five credit providers
19-year-olds have had an average of six credit providers
Most 18 and 19-year-olds seen by CCCS debt advisers have less than £1,000 a month in income
A 19-year-old who sought help from the CCCS had £48,000 of debt with 19 lenders.
Credit and store cards are biggest cause of debt among teenagers
|
|
|
Biometric Identifiacation
Houston, TX. - January 2000
Six months after the first U.S. iris recognition ATMs were installed at three Bank United branches in Texas, initial consumer reaction is in. Their press release notes that the results of an extensive, independent consumer survey of Bank United customers who have used the new machines were very positive. . Bank United is the largest publicly-traded depository institution headquartered in Texas and America's first bank to pilot iris recognition ATMs with its customers. Their new iris recognition ATM's are dubbed "EyeTM(TM)s."
The iris recognition ATMs, installed at Bank United branches inside Kroger supermarket stores in Houston, Dallas and Fort Worth, were provided by Diebold, Incorporated, and use iris recognition products supplied by Sensar. Sensar's iris recognition products use standard video cameras and real-time image processing to acquire a picture of a person's iris, digitally encode it, and compare it with one on file -- all in less than a few seconds. Company officials report that their research shows the matching accuracy of iris identification is greater than that of DNA testing.
What were some of their customers reactions?
98% of Bank United's EyeTM users described their first experiences with the ATM glowingly and used words such as: "easy, great, cool, impressive, exciting, fast, convenient, and futuristic."
Many EyeTM users cited the new technology as a reason for moving their account to Bank United.
EyeTM users overwhelmingly agreed that it is more secure, more convenient, easier, quicker, and more reliable than regular ATMs.
The best liked feature of EyeTMs is that you don't need to use an ATM card (50%).
Bank United EyeTM users are more likely to consider Internet banking than non-users.
Most Bank United EyeTM users want to see more iris recognition ATMs installed around town.
Currently, 15 banks in nine countries - including the U.S. - are piloting Sensar's products at selected ATMs and teller stations to authenticate the identity of thousands of customers each day.
Biometrics In Human Services
USER GROUP
Volume 4 Issue 1
"QI Systems Inc. (www.qisystems.ca) designs hardware and software for the rapidly expanding cash card industry. It is a leader in supplying solutions for smart card vending with products in use in Canada, the US, Venezuela, Hong Kong, the UK, and Norway. QIs SmartVend technology enables debit card purchases by consumers from a wide range of vending machines types. The SmartVend system is currently being used in conjunction with many card schemes, including VisaCash, Mondex (Multos), CANTV (Venezuelan phone card), Touch Technology (TTI), EFM, ParkSmart, QI Card and others. Due to the modular structure of SmartVend, multiple card schemes can be run in parallel in the same unit with new schemes added at a later date. QIs SmartVend systems have been installed in Coca-Cola and Pepsi vending machines, coffee, snack and sandwich machines, laundromat machines, copiers, newspaper vending boxes for such publications as USA Today and in parking machines."
Qi systems website
Raging bull messageboard
more jargon by siemens
|
Biometric ID fingerprint security system / Touchscreen = DNA scanner?
|
Security is the excuse...all technology can be circumvented...
A Malaysian businessman has lost a finger to car thieves impatient to get around his Mercedes' fingerprint security system. Accountant K Kumaran, the BBC reports, had at first been forced to start the S-class Merc, but when the carjackers wanted to start it again without having him along, they chopped off the end of his index finger with a machete.
Although security systems of this sort are typically fitted to high end cars (because of import duties, Kumaran's car is reported to have been worth $75,000 "second-hand" - under the circumstances, we think we'd have said 'at resale'), they're not in essence particularly high tech or high security. As is the case with most auto security systems, they're mainly a speed bump intended to make it sufficiently hard for the would-be thief to encourage them to look elsewhere for victims. The fingerprint readers themselves will, like similar devices aimed at the computer or electronic device markets, have a fairly broad tolerance, on the basis that products that stop people using their own cars, computers or whatever because their fingers are a bit sweaty won't turn out to be very popular.
They slow thieves up a tad, many people will find them more convenient than passwords or pin numbers, and as they're apparently 'cutting edge' and biometric technology is allegedly 'foolproof', they allow their owners to swank around in a false aura of high tech. Get the secured object on its own for a little while and you can usually chop the security off fairly easily, but as the evidence now shows the more determined and impatient class of thief might just chop off your finger as a temporary measure. - security focus
|
Chip and PIN is the new, more secure way to pay with credit or debit cards in the UK. Instead of using your signature to verify payments, you will be asked to enter a four-digit Personal Identification Number (PIN) known only to you.
EXCEPT, IF YOU ARE OLD &/OR HAVE A BAD MEMORY - OR IF YOU ARE IN A SHOP WITH A NICE BIG QUEUE, pressing up against your back WITH PEOPLE SPYING ON YOU...OR A CAMERA strategically PLACED ABOVE THE TILL which CAN SEE YOU PUNCHING THE NUMBER IN - AND CAN TELL WHICH NUMBERS YOU ARE PUNCHING BECAUSE ALL NUMBER PADS HAVE THE SAME LAYOUT
|
|
|
OOOH! Apparently I
Can't wait for this SHIT!
Britons 'waiting on chip and pin'
More than four out of 10 adults are yet to have all their debit and credit cards converted to chip and pin technology, a survey has suggested. The survey, by card issuing firm Retail Decisions, also found that 9% of people had no chip and pin card. Chip and pin cards have been credited with a recent cut in card fraud.
However, the Association of Payment Clearing Services (Apacs) said 127 million out of 141 million cards in the UK were now chip and pin. Chip and pin cards aim to cut fraud by including a smart chip, which can store more information than the usual magnetic strips, and also by having users verify transactions by keying in a pin number rather than signing a receipt.
Significant minority
Over the past two years card issuers have been busy replacing all credit and debit cards in the UK. Last October, figures from Apacs, which is co-ordinating the roll out of chip and pin, showed that fraud involving the stealing and counterfeiting card fraud had fallen 29% during the previous twelve months.
But according to Retail Decisions, there is a significant minority of consumers being denied the protection of chip and pin.
In total, the group found that 59% of consumers had all their chip and pin cards replaced. "These figures indicate that there is still some way to go in order to ensure that everyone has the necessary replacement cards and pins," Carl Clump, chief executive officer of Retail Decisions said.
Sandra Quinn, spokeswoman for Apacs, admitted to BBC News that some companies had been slow to roll out chip and pin.
"There are some card issuers that have lagged behind and have only recently started to roll out chip and pin. "However, crucially, our research shows that the vast majority of people have one or more chip or pin cards in their purse or wallet," she added. - BBC
|
Three million facing card hurdle
Up to three million vulnerable consumers have problems using new chip and pin cards, the National Consumer Council (NCC) has said. Many elderly and disabled consumers struggle to remember and properly key-in their pins, the NCC added. The group said banks should do more to tell vulnerable customers that non-pin number cards can still be requested.
From 14 February, consumers with a chip and pin card will no longer be able to sign for a purchase. As a result, vulnerable consumers, that do not know or can not key-in their pin numbers, may have their cards refused in shops.
Easy to use
"A year ago we urged the banks to launch an information campaign and improve bank staff awareness of the chip and pin alternatives," Claire Whyley, deputy director of policy at the NCC, said. "We are really disappointed that banks haven't taken their responsibilities to vulnerable customers more seriously. Three million people could find themselves high and dry at the checkout," Ms Whyley added.
In response, the Association of Payment Clearing Services (Apacs) said its research indicated that most people with visual impairments and disabilities found chip and pin as easy to use as the old signature system.
"We accept, however, that some disabled cardholders may find using a pin more difficult and we are pleased to see that they are contacting their banks ahead of the change and requesting a chip and signature card so they can continue to sign," Sandra Quinn, Apacs spokeswoman added.
To date 100,000 chip and pin signature cards have been issued, Ms Quinn added. But this figure is dwarfed by the 127 million standard chip and pin cards currently in circulation in the UK.
Chip and pin cards aim to cut fraud by including a smart chip, which can store more information than the usual magnetic strips, and also by having users verify transactions by keying in a pin number rather than signing a receipt.
Over the past two years card issuers have been busy replacing all credit and debit cards in the UK. - BBC
|
Chip and PIN security flaw uncovered
An investigation by the UK's London Programme has uncovered a security flaw in Chip and PIN payment cards which allows fraudsters to disable and over-ride chip security measures using information embedded in the magnetic strip.
The television programme, which aired last night, showed an anoymous "industry insider" cloning a chip-based payment card using software and a skimming device bought on the Internet.
The skimming device records data embedded in the magnetic strip on a smartcard, but information stating that the card contains a chip can be changed using the illegal software. The data is then copied onto a basic plastic card, such as those used for mobile top-ups. Programme makers were able to use the cloned card to withdraw cash from an ATM.
The findings of the investigation were presented to the UK's Association for Payment Clearing Services (Apacs). In a statement issued to the programme makers, Apacs says: "When fully in place, chip and PIN technology will identify chip and PIN cards that have been fraudulently tampered with in this way, and also fraudulent copies of those cards."
But in the programme, Sandra Quinn, director of corporate communications, Apacs, did admit that data embedded in the magnetic strip on a card can be accessed and copied by fraudsters but insisted that it cannot be changed: "That data will always say 'there is a chip on this card' therefore if there's no chip on the card the fraudster can't use it."
But research conducted by Ross Anderson, head of security engineering at Cambridge University, found that if a card with a damaged chip is presented at an ATM or POS terminal, then the device falls back to magnetic strip operation.
David Cooper, risk management, Lloyds TSB, told the programme that although banks in Europe were committed to using chip-based technology, financial firms in the US
Despite the security risks uncovered, Quinn says cards containing both chips and magnetic strips will be around "for a very long time".
- www.finextra.com
|
UK banks rocked by £1 million Chip & PIN card cloning fraud
The UK banking industry's massive investment in Chip & PIN payment cards has been brought into question after fraudsters stole more than £1 million from customers by implanting skimming devices in retailer PIN pads.
UK police have arrested eight people in connection with the fraud which affected hundreds of customers paying for goods and services at Shell petrol stations. Tampered card readers have been discovered at three Shell forecourts and the oil company has temporarily suspended all Chip and PIN payments at its network of outlets across the UK.
The fraudsters are understood to have used old-school skimming devices to capture magnetic stripe details and PIN numbers. The cloned cards were then used to withdraw cash and pay for goods at locations overseas and at machines where the chip is not scanned.
The Cheque and Plastic Crime Unit of the Metropolitan Police says that more than £1 million has been siphoned from customer accounts by the fraudsters.
The crime is a huge embarassment to the banking industry, which enforced a national migration to the new scheme on the assurance that it would prevent counterfeit card fraud by making it impossible for fraudsters to copy confidential card details stored on the microchip. However, the continued use of mag-stripe data for card withdrawals, both in the UK and at cash machines abroad, represents a loophole in the system which can be exploited by criminal gangs.
The compromised PIN pads used to perpetrate the fraud at Shell were all supplied by Irish manufacturer Trintech. Sandra Quinn of Apacs says that Chip & PIN readers are supposed to be tamper-resistant and designed to shut down if they are interfered with.
"This is a specific issue for Shell and their supplier to sort out," she adds. "We are confident that this is not a systemic issue."
- /www.finextra.com
|
Shell's £1m chip and PIN fraud 'an inside job'
"Without any doubt," says payments body Apacs...
By Will Sturgeon Published: Monday 8 May 2006 - software.silicon.com
A £1m chip and PIN fraud at a Shell petrol station was "an inside job", according to UK payments body Apacs.
Shell suspended the use of chip and PIN payments at 600 UK petrol stations over the weekend as a precautionary measure following the theft of more than £1m from customer accounts.
A spokeswoman for Shell confirmed to silicon.com that "a small number of customers have been affected" and added that the company is now co-operating with a police investigation that has already resulted in nine arrests in connection with the crime.
Shell said the company is working with the manufacturers of the chip and PIN terminals but does not know when its petrol stations will be able to start taking chip and PIN payments again.
The spokeswoman said it is not known whether all affected customers have been informed yet but banks have issued advice to customers to check their bank accounts and statements carefully for discrepancies.
Due to the ongoing nature of the investigation, Shell declined to comment further on the specifics of the case.
But a spokeswoman from Apacs told silicon.com criminals must have had easy access to PIN pads in order to modify them to enable the theft of PIN numbers and the copying of magnetic strip information - a task which will have taken time. She said that "without any doubt" it must have been an inside job involving a "conspiring" or "coerced" member of staff.
At the heart of the problem are PIN pads which are designed to shut down if they tampered with. In the case of those supplied to Shell this didn't happen and it appears it is that vulnerability which was exploited, said Apacs. It's likely the news will throw into question the reliability of chip and PIN payments which became a requirement for most point of sale card payments in the UK in February.
However, the Apacs spokeswoman told silicon.com: "In the past, one of the fraud hotspots has been petrol stations. As such it's no surprise we've got a situation like this on the forecourt. "We've never said the fraudsters will disappear. They are organised criminals and they are very sophisticated. But cards are a lot safer now than they were two years ago."
She claimed the speed at which police have been able to make arrests owes a lot to the fact chip and PIN payments can quickly be traced back to the PIN pad which was used.
|
Scientists: RFID chips can carry a virus
AMSTERDAM, The Netherlands (Reuters) -- Cheap radio chips that are replacing the ubiquitous barcode are a threat to privacy and susceptible to computer viruses, scientists at a Dutch university said on Wednesday. Researchers at the Amsterdam's Free University created a radio frequency identity (RFID) chip infected with a virus to prove that RFID systems are vulnerable despite the extremely low memory capacity on the cheap chips.
The problem is that an infected RFID tag, which is read wirelessly when it passes through a scanning gate, can upset the database that processes the information on the chip, says the study by Melanie Rieback, Bruno Crispo and Andrew Tanenbaum.
"Everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify back-end software and certainly not in a malicious way. Unfortunately, they are wrong," the scientists said in a paper. "An RFID tag can be infected with a virus and this virus can infect the back-end database used by the RFID software. From there it can be easily spread to other RFID tags," they said.
As a result, it is possible that criminals or militants could use an infected RFID tag to upset airline baggage handling systems with potentially devastating consequences, they said. The same technology could also be used to wreak havoc with the databases used by supermarkets.
"This is intended as a wake-up call. We ask the RFID industry to design systems that are secure," Tanenbaum said in a telephone interview.
RFID has been touted as "The Internet of Things", in which anything from shampoo bottles to marathon runners can be tracked using radio tags.
Civil liberty groups say RFID could lead to an unacceptable invasion of privacy and argue that airline ticket information could be used by law enforcement agencies and divorce lawyers.
Metro , Germany's biggest retailer, said at the CeBIT technology trade show it plans to save 8.5 million euros ($10.1 million) annually by using RFID to track stock from suppliers and at its flagship Future Store in Rheinberg town.Industries in which tracking goods is crucial such as pharmaceuticals, governments, logistics, airlines and manufacturing already use RFID technology. A recent study by ABI Research found that 10 drug products are expected to have RFID tags on a large scale this year. The cost of making an RFID tag is about 14 euro cents today and needs to fall, Metro's head of technology Gerd Wolfram said.
But Ian Furlong, manager of Intel's Solution Services division for Central Europe, said at CeBIT that the price of RFID tags was "rapidly falling toward the 5 euro cent mark".
Andrea Huber, managing director of Informationsforum RFID, a German group raising public awareness about the technology, said most companies were waiting for the price of tags to fall to 1 euro cent before they start widespread use.
CNN
|
To make clear what kinds of problems might arise from RFID hacking by amateurs or criminals, let us consider three possible and all-too-realistic scenarios.
A prankster goes to a supermarket that scans the purchases in its customers' shopping carts using the RFID chips affixed to the products instead of their bar codes. Many supermarkets have plans in this direction because RFID scans are faster (and in some cases can be done by the customers, eliminating the expense of having cashiers). The prankster selects, scans, and pays for a nice jar of chunk-style peanut butter that has an RFID tag attached to it. Upon getting it home, he removes or destroys the RFID tag. Then he takes a blank RFID tag he has purchased and writes a exploit on it using his home computer and commercially available equipment for writing RFID tags. He then attaches the infected tag to the jar of peanut butter, brings it back to the supermarket, heads directly for the checkout counter, and pays for it again. Unfortunately, this time when the jar is scanned, the virus on its tag infects the supermarket's product database, potentially wreaking all kinds of havoc such as changing prices.
Emboldened by his success at the supermarket, the prankster decides to unwittingly enlist his cat in the fun. The cat has a subdermal pet ID tag, which the attacker rewrites with a virus using commercially available equipment. He then goes to a veterinarian (or the ASPCA), claims it is stray cat and asks for a cat scan. Bingo! The database is infected. Since the vet (or ASPCA) uses this database when creating tags for newly-tagged animals, these new tags can also be infected. When they are later scanned for whatever reason, that database is infected, and so on. Unlike a biological virus, which jumps from animal to animal, an RFID virus spread this way jumps from animal to database to animal. The same transmission mechanism that applies to pets also applies to RFID-tagged livestock.
Now we get to the scary part. Some airports are planning to expedite baggage handling by attaching RFID-augmented labels to the suitcases as they are checked in. This makes the labels easier to read at greater distances than the current bar-coded baggage labels. Now consider a malicious traveler who attaches a tiny RFID tag, pre-initialized with a virus, to a random person's suitcase before he checks it in. When the baggage-handling system's RFID reader scans the suitcase at a Y-junction in the conveyor-belt system to determine where to route it, the tag responds with the RFID virus, which could infect the airport's baggage database. Then, all RFID tags produced as new passengers check in later in the day may also be infected. If any of these infected bags transit a hub, they will be rescanned there, thus infecting a different airport. Within a day, hundreds of airport databases all over the world could be infected. Merely infecting other tags is the most benign case. An RFID virus could also carry a payload that did other damage to the database, for example, helping drug smugglers or terrorists hide their baggage from airline and government officials, or intentionally sending baggage destined for Alaska to Argentina to create chaos (e.g., as revenge for a recently fired airline employee). - rfidvirus.org/
|
RFID 'not safe from DoS attacks'
Concern for mission critical systems...
By Tom Espiner Published: Tuesday 18 April 2006 - silicon.com
Researchers say they have proven that effective attacks can be launched against RFID tags. In tests, generation one standard RFID tags and readers were unable to function after they were overloaded with data, researchers at Edith Cowan University in Perth said in a report published this month. Academics in the Scissec research group at Edith Cowan University warned: "Vulnerabilities in the newer UHF style of RFID tags have been found and are of concern for anyone trying to implement a RFID system that would have mission critical or human life issues involved in it."
Although many companies are trialling RFID tagging in their supply chain, the tags are not commonly used in life-critical situations today. However, the tags are used by the US military to track supplies. Generation two standard RFID tags could also be disrupted, according to the researchers. Generation two tags are more sophisticated than generation one tags, and can operate at four different speeds.
RFID relies on tags being identified by readers when they are within range. Readers communicate with the tags by hopping between a number of channels within an allocated band of frequencies (902-928MHz). It was thought this provided security because the reader could hop between frequencies when encountering interference.
In the tests, the Australian researchers saturated the frequency range used by the tags, which prevented the tags from talking to the readers. The Australian researchers said in their report that the use of frequency hopping would not stop DoS attacks, as the tags themselves could not hop frequencies. They demonstrated that from a range of one metre they could disrupt communications between tags and readers, putting the tag into a "communication fault state". While the readers can hop frequencies in the allocated band range if they encounter interference, RFID tags cannot as they regard the entire band as one channel.
Last month, Dutch researchers announced the successful creation of a virus capable of infecting RFID tags.
|
The RFID Hacking Underground
They can steal your smartcard, lift your passport, jack your car, even clone the chip in your arm. And you won't feel a thing. 5 tales from the RFID-hacking underground.
By Annalee Newitz - Wired
James Van Bokkelen is about to be robbed. A wealthy software entrepreneur, Van Bokkelen will be the latest victim of some punk with a laptop. But this won't be an email scam or bank account hack. A skinny 23-year-old named Jonathan Westhues plans to use a cheap, homemade USB device to swipe the office key out of Van Bokkelen's back pocket.
"I just need to bump into James and get my hand within a few inches of him," Westhues says. We're shivering in the early spring air outside the offices of Sandstorm, the Internet security company Van Bokkelen runs north of Boston. As Van Bokkelen approaches from the parking lot, Westhues brushes past him. A coil of copper wire flashes briefly in Westhues' palm, then disappears.
Van Bokkelen enters the building, and Westhues returns to me. "Let's see if I've got his keys," he says, meaning the signal from Van Bokkelen's smartcard badge. The card contains an RFID sensor chip, which emits a short burst of radio waves when activated by the reader next to Sandstorm's door. If the signal translates into an authorized ID number, the door unlocks.
The coil in Westhues' hand is the antenna for the wallet-sized device he calls a cloner, which is currently shoved up his sleeve. The cloner can elicit, record, and mimic signals from smartcard RFID chips. Westhues takes out the device and, using a USB cable, connects it to his laptop and downloads the data from Van Bokkelen's card for processing. Then, satisfied that he has retrieved the code, Westhues switches the cloner from Record mode to Emit. We head to the locked door.
"Want me to let you in?" Westhues asks. I nod.
He waves the cloner's antenna in front of a black box attached to the wall. The single red LED blinks green. The lock clicks. We walk in and find Van Bokkelen waiting.
"See? I just broke into your office!" Westhues says gleefully. "It's so simple." Van Bokkelen, who arranged the robbery "just to see how it works," stares at the antenna in Westhues' hand. He knows that Westhues could have performed his wireless pickpocket maneuver and then returned with the cloner after hours. Westhues could have walked off with tens of thousands of dollars' worth of computer equipment - and possibly source code worth even more. Van Bokkelen mutters, "I always thought this might be a lousy security system."
RFID chips are everywhere - companies and labs use them as access keys, Prius owners use them to start their cars, and retail giants like Wal-Mart have deployed them as inventory tracking devices. Drug manufacturers like Pfizer rely on chips to track pharmaceuticals. The tags are also about to get a lot more personal: Next-gen US passports and credit cards will contain RFIDs, and the medical industry is exploring the use of implantable chips to manage patients. According to the RFID market analysis firm IDTechEx, the push for digital inventory tracking and personal ID systems will expand the current annual market for RFIDs from $2.7 billion to as much as $26 billion by 2016.
RFID technology dates back to World War II, when the British put radio transponders in Allied aircraft to help early radar system crews detect good guys from bad guys. The first chips were developed in research labs in the 1960s, and by the next decade the US government was using tags to electronically authorize trucks coming into Los Alamos National Laboratory and other secure facilities. Commercialized chips became widely available in the '80s, and RFID tags were being used to track difficult-to-manage property like farm animals and railroad cars. But over the last few years, the market for RFIDs has exploded, driven by advances in computer databases and declining chip prices. Now dozens of companies, from Motorola to Philips to Texas Instruments, manufacture the chips.
The tags work by broadcasting a few bits of information to specialized electronic readers. Most commercial RFID chips are passive emitters, which means they have no onboard battery: They send a signal only when a reader powers them with a squirt of electrons. Once juiced, these chips broadcast their signal indiscriminately within a certain range, usually a few inches to a few feet. Active emitter chips with internal power can send signals hundreds of feet; these are used in the automatic toll-paying devices (with names like FasTrak and
E-ZPass) that sit on car dashboards, pinging tollgates as autos whiz through.
For protection, RFID signals can be encrypted. The chips that will go into US passports, for example, will likely be coded to make it difficult for unauthorized readers to retrieve their onboard information (which will include a person's name, age, nationality, and photo). But most commercial RFID tags don't include security, which is expensive: A typical passive RFID chip costs about a quarter, whereas one with encryption capabilities runs about $5. It's just not cost-effective for your average office building to invest in secure chips.
This leaves most RFIDs vulnerable to cloning or - if the chip has a writable memory area, as many do - data tampering. Chips that track product shipments or expensive equipment, for example, often contain pricing and item information. These writable areas can be locked, but often they aren't, because the companies using RFIDs don't know how the chips work or because the data fields need to be updated frequently. Either way, these chips are open to hacking.
"The world of RFID is like the Internet in its early stages," says Ari Juels, research manager at the high tech security firm RSA Labs. "Nobody thought about building security features into the Internet in advance, and now we're paying for it in viruses and other attacks. We're likely to see the same thing with RFIDs."
David Molnar is a soft-spoken computer science graduate student who studies commercial uses for RFIDs at UC Berkeley. I meet him in a quiet branch of the Oakland Public Library, which, like many modern libraries, tracks most of its inventory with RFID tags glued inside the covers of its books. These tags, made by Libramation, contain several writable memory "pages" that store the books' barcodes and loan status.
Brushing a thatch of dark hair out of his eyes, Molnar explains that about a year ago he discovered he could destroy the data on the books' passive-emitting RFID tags by wandering the aisles with an off-the-shelf RFID reader-writer and his laptop. "I would never actually do something like that, of course," Molnar reassures me in a furtive whisper, as a nonbookish security guard watches us.
Our RFID-enabled checkout is indeed quite convenient. As we leave the library, we stop at a desk equipped with a monitor and arrange our selections, one at a time, face up on a metal plate. The titles instantly appear onscreen. We borrow four books in less than a minute without bothering the librarian, who is busy helping some kids with their homework.
Molnar takes the books to his office, where he uses a commercially available reader about the size and heft of a box of Altoids to scan the data from their RFID tags. The reader feeds the data to his computer, which is running software that Molnar ordered from RFID-maker Tagsys. As he waves the reader over a book's spine, ID numbers pop up on his monitor.
"I can definitely overwrite these tags," Molnar says. He finds an empty page in the RFID's memory and types "AB." When he scans the book again, we see the barcode with the letters "AB" next to it. (Molnar hastily erases the "AB," saying that he despises library vandalism.) He fumes at the Oakland library's failure to lock the writable area. "I could erase the barcodes and then lock the tags. The library would have to replace them all."
Frank Mussche, Libramation's president, acknowledges that the library's tags were left unlocked. "That's the recommended implementation of our tags," he says. "It makes it easier for libraries to change the data."
For the Oakland Public Library, vulnerability is just one more problem in a buggy system. "This was mostly a pilot program, and it was implemented poorly," says administrative librarian Jerry Garzon. "We've decided to move ahead without Libramation and RFIDs."
But hundreds of libraries have deployed the tags. According to Mussche, Libramation has sold 5 million RFID tags in a "convenient" unlocked state.
While it may be hard to imagine why someone other than a determined vandal would take the trouble to change library tags, there are other instances where the small hassle could be worth big bucks. Take the Future Store. Located in Rheinberg, Germany, the Future Store is the world's preeminent test bed of RFID-based retail shopping. All the items in this high tech supermarket have RFID price tags, which allow the store and individual product manufacturers - Gillette, Kraft, Procter & Gamble - to gather instant feedback on what's being bought. Meanwhile, shoppers can check out with a single flash of a reader. In July 2004, Wired hailed the store as the "supermarket of the future." A few months later, German security expert Lukas Grunwald hacked the chips.
Grunwald cowrote a program called RFDump, which let him access and alter price chips using a PDA (with an RFID reader) and a PC card antenna. With the store's permission, he and his colleagues strolled the aisles, downloading information from hundreds of sensors. They then showed how easily they could upload one chip's data onto another. "I could download the price of a cheap wine into RFDump," Grunwald says, "then cut and paste it onto the tag of an expensive bottle." The price-switching stunt drew media attention, but the Future Store still didn't lock its price tags. "What we do in the Future Store is purely a test," says the Future Store spokesperson Albrecht von Truchsess. "We don't expect that retailers will use RFID like this at the product level for at least 10 or 15 years." By then, Truchsess thinks, security will be worked out.
Today, Grunwald continues to pull even more-elaborate pranks with chips from the Future Store. "I was at a hotel that used smartcards, so I copied one and put the data into my computer," Grunwald says. "Then I used RFDump to upload the room key card data to the price chip on a box of cream cheese from the Future Store. And I opened my hotel room with the cream cheese!"
Aside from pranks, vandalism, and thievery, Grunwald has recently discovered another use for RFID chips: espionage. He programmed RFDump with the ability to place cookies on RFID tags the same way Web sites put cookies on browsers to track returning customers. With this, a stalker could, say, place a cookie on his target's E-ZPass, then return to it a few days later to see which toll plazas the car had crossed (and when). Private citizens and the government could likewise place cookies on library books to monitor who's checking them out.
In 1997, ExxonMobil equipped thousands of service stations with SpeedPass, which lets customers wave a small RFID device attached to a key chain in front of a pump to pay for gas. Seven years later, three graduate students - Steve Bono, Matthew Green, and Adam Stubblefield - ripped off a station in Baltimore. Using a laptop and a simple RFID broadcasting device, they tricked the system into letting them fill up for free.
The theft was concocted by Avi Rubin's computer science lab at Johns Hopkins University. Rubin's lab is best known for having found massive, hackable flaws in the code running on Diebold's widely adopted electronic voting machines in 2004. Working with RSA Labs manager Juels, the group figured out how to crack the RFID chip in ExxonMobil's SpeedPass.
Hacking the tag, which is made by Texas Instruments, is not as simple as breaking into Van Bokkelen's Sandstorm offices with a cloner. The radio signals in these chips, dubbed DST tags, are protected by an encryption cipher that only the chip and the reader can decode. Unfortunately, says Juels, "Texas Instruments used an untested cipher." The Johns Hopkins lab found that the code could be broken with what security geeks call a "brute-force attack," in which a special computer known as a cracker is used to try thousands of password combinations per second until it hits on the right one. Using a home-brewed cracker that cost a few hundred dollars, Juels and the Johns Hopkins team successfully performed a brute-force attack on TI's cipher in only 30 minutes. Compare that to the hundreds of years experts estimate it would take for today's computers to break the publicly available encryption tool SHA-1, which is used to secure credit card transactions on the Internet.
ExxonMobil isn't the only company that uses the Texas Instruments tags. The chips are also commonly used in vehicle security systems. If the reader in the car doesn't detect the chip embedded in the rubbery end of the key handle, the engine won't turn over. But disable the chip and the car can be hot-wired like any other.
Bill Allen, director of strategic alliances at Texas Instruments RFID Systems, says he met with the Johns Hopkins team and he isn't worried. "This research was purely academic," Allen says. Nevertheless, he adds, the chips the Johns Hopkins lab tested have already been phased out and replaced with ones that use 128-bit keys, along with stronger public encryption tools, such as SHA-1 and Triple DES.
Juels is now looking into the security of the new US passports, the first of which were issued to diplomats this March. Frank Moss, deputy assistant secretary of state for passport services, claims they are virtually hack-proof. "We've added to the cover an anti-skimming device that prevents anyone from reading the chip unless the passport is open," he says. Data on the chip is encrypted and can't be unlocked without a key printed in machine-readable text on the passport itself.
But Juels still sees problems. While he hasn't been able to work with an actual passport yet, he has studied the government's proposals carefully. "We believe the new US passport is probably vulnerable to a brute-force attack," he says. "The encryption keys in them will depend on passport numbers and birth dates. Because these have a certain degree of structure and guessability, we estimate that the effective key length is at most 52 bits. A special key-cracking machine could probably break a passport key of this length in 10 minutes."
I'm lying facedown on an examination table at UCLA Medical Center, my right arm extended at 90 degrees. Allan Pantuck, a young surgeon wearing running shoes with his lab coat, is inspecting an anesthetized area on the back of my upper arm. He holds up something that looks like a toy gun with a fat silver needle instead of a barrel.
I've decided to personally test-drive what is undoubtedly the most controversial use of RFIDs today - an implantable tag. VeriChip, the only company making FDA-approved tags, boasts on its Web site that "this ~always there' identification can't be lost, stolen, or duplicated." It sells the chips to hospitals as implantable medical ID tags and is starting to promote them as secure-access keys.
Pantuck pierces my skin with the gun, delivering a microchip and antenna combo the size of a grain of long rice. For the rest of my life, a small region on my right arm will emit binary signals that can be converted into a 16-digit number. When Pantuck scans my arm with the VeriChip reader - it looks sort of like the wand clerks use to read barcodes in checkout lines - I hear a quiet beep, and its tiny red LED display shows my ID number.
Three weeks later, I meet the smartcard-intercepting Westhues at a greasy spoon a few blocks from the MIT campus. He's sitting in the corner with a half-finished plate of onion rings, his long blond hair hanging in his face as he hunches over the cloner attached to his computer.
Because the VeriChip uses a frequency close to that of many smartcards, Westhues is pretty sure the cloner will work on my tag. Westhues waves his antenna over my arm and gets some weird readings. Then he presses it lightly against my skin, the way a digital-age pickpocket could in an elevator full of people. He stares at the green waveforms that appear on his computer screen. "Yes, that looks like we got a good reading," he says.
After a few seconds of fiddling, Westhues switches the cloner to Emit and aims its antenna at the reader. Beep! My ID number pops up on its screen. So much for implantable IDs being immune to theft. The whole process took 10 minutes. "If you extended the range of this cloner by boosting its power, you could strap it to your leg, and somebody passing the VeriChip reader over your arm would pick up the ID," Westhues says. "They'd never know they hadn't read it from your arm." Using a clone of my tag, as it were, Westhues could access anything the chip was linked to, such as my office door or my medical records.
John Proctor, VeriChip's director of communications, dismisses this problem. "VeriChip is an excellent security system, but it shouldn't be used as a stand-alone," he says. His recommendation: Have someone also check paper IDs.
But isn't the point of an implantable chip that authentication is automatic? "People should know what level of security they're getting when they inject something into their arm," he says with a half smile.
They should - but they don't. A few weeks after Westhues clones my chip, Cincinnati-based surveillance company CityWatcher announces a plan to implant employees with VeriChips. Sean Darks, the company's CEO, touts the chips as "just like a key card." Indeed.
|
Here Comes The Wallet Phone
By: John Boyd - spectrum.ieee.org
Japan's DoCoMo gets ready to put your money where your mouth is
NTT DoCoMo, Japan's largest cellphone system operator, best known worldwide for pioneering the wireless Internet in 1999 with its hugely successful i-mode system, looks to have another big winner on its hands. Having recast the cellular handset as an electronic wallet—in effect a prepaid wireless cash card—it's getting ready to make it a full-fledged wireless credit card.
DoCoMo is working with major travel and banking organizations to extend the reach of its e-wallet service. Meanwhile, its two main Japanese rivals, KDDI Corp. and Vodafone K.K., are introducing competing products. (All three companies are based in Tokyo.)
The critical element in DoCoMo's Osaifu-Keitai, or mobile wallet, is a wireless smart card chip, FeliCa (from the English word "felicity"), which was developed by Sony Corp. and Royal Philips Electronics for close proximity, low-data-rate transactions. The wallet phones can be used to make electronic purchases at stores or vending machines equipped with FeliCa readers; can act as boarding passes on certain domestic air flights; and can authorize entry through corporate security doors—all with a wave of the handset [see photo, "Wireless Shopping"].
Already, a year after DoCoMo introduced its first e-wallet, the company has shipped some 6 million of the handsets. "By the end of March 2006 we forecast DoCoMo will have shipped around 10 million mobile wallets," says Shohei Sakaguchi, executive director of DoCoMo's multimedia service department. "And by the end of 2006 we believe the figure will reach 15 million." In addition, he says, competing carriers could ship 5 million more handsets, for a total of some 20 million mobile wallets by the end of next year.
Sony's FeliCa chip originated as the active element in its contactless smart cards, introduced in 1995. They dominate the market for such devices in Japan and are widely used in Asia as commuter passes and for making e-purchases. As of June, Sony had distributed 82 million such chips, including 53 million in Japan, 16 million in Hong Kong, 10 million in Singapore, and 1.5 million in China.
By March, DoCoMo expects to ship around 10 million wallet phones. And by the end of 2006, it projects a figure of 15 million
In January 2004, Sony and DoCoMo formed a joint venture to adapt the chip for mobile phones. Besides supplying DoCoMo with the chip, the venture is also shipping mobile FeliCa integrated circuits to KDDI and Vodafone, which launched their own wallet phones in September and October, respectively.
Users with FeliCa phones who have registered for the e-wallet service can load money onto the phone's chip in two ways. They can feed cash directly into special machines found in convenience stores and other locations, or they can do it by phone, keying in a personal identification number and transferring cash from a credit-card account.
From a technical point of view, the FeliCa chip is part of a transponder system: it receives its power from the waves radiating from read/write devices it communicates with, so a battery is not required. The chip, based on radio-frequency identification (RFID) technology, operates at 13.56 megahertz over a distance of 10 centimeters, communicating at 212 kilobits per second. The communications protocol, called Near Field Communication, was developed by Sony and Philips and has been standardized under ISO/IEC procedures.
A pioneering user of FeliCa technology is East Japan Railway Co. (JR East), the country's largest rail company. Its Suica smart card is used both for e-purchases and as a commuter pass. Users simply flash the card as they go through turnstiles, and instantly the reader displays the cost of the journey and the amount of e-cash remaining on the card. JR East plans to extend the commuter service in January to wallet phones from DoCoMo and KDDI, and it is in discussions with Vodafone [see photo, "Showing Off"].
Mobile FeliCa application files and their data are managed separately in the wallet phone, and they each take up from 0.5 to 1 kilobyte. The number of applications is limited only by the amount of memory on the chip, which is currently 5 KB in DoCoMo's phones.
Mutual authentication between the chip and a reader/writer is based on a key encryption system made up of randomly generated numbers. Information such as transaction histories and account balances can be presented on the phone's display. And should the phone be lost or stolen, a subscriber can block transactions by calling the handset with a preregistered number or calling customer support to have the phone locked. The user can opt for a personal identification number to be entered before transactions are made, an important feature given that up to 50 000 yen (US $450) in e-cash can be stored.
Despite DoCoMo's impressive shipment figures, the actual number of people using the wallet part of the phone might not be so high. Some reports estimate that the number is as low as 550 000; DoCoMo's own figures are more optimistic.
"Some 20 to 30 percent of [the] total [number of owners] are registered to use their phones as wallets," says Sakaguchi, whose boss, Takeshi Natsuno, managing director of DoCoMo's multimedia services, played a major role in creating both i-mode and the i-mode FeliCa service.
To give subscribers more reasons to use their wallet phones, DoCoMo has asked a Sumitomo Mitsui banking group to help it develop its own credit-payment services. By the spring, DoCoMo plans to launch a plastic card in partnership with an international credit card company, and then in the first half of fiscal 2006 it anticipates including the service in its wallet phones.
DoCoMo hopes to help popularize the use of credit cards in a country that still relies mostly on hard cash for conducting everyday business. "Credit cards are usually used [in Japan] only to make large purchases," Sakaguchi says. "But with our service, users will be able to make purchases as small as 100 yen."
In July, DoCoMo teamed up with NTT Data and the rail company JR East to set up a joint venture aimed at covering the cost of installing equipment for companies and stores wanting to implement the Suica e-cash service. They expect their investment costs to be recouped by charging a commission on transactions.
As for introducing the technology overseas, DoCoMo is keeping silent on the subject. Since 2002, however, it has been working with a dozen mobile operators in Europe, Taiwan, and Israel to create local versions of i-mode. Vodafone, though it refrains from commenting on plans for its wallet-phone business, has subsidiaries and alliances in 28 countries across five continents, giving it ample opportunity to introduce an e-wallet service when the time is right.
|
French road test cashless city
A Caen-do attitude towards mobile services...
By Jo Best Story silicon.com - Published: Thursday 20 April 2006
The tourist city of Caen in Normandy is hosting a major European trial of the use of NFC (near field communication) - a mobile technology that can be used for anything from paying for groceries to finding out about your home town.
NFC is already being used extensively across London, although you might not know it: the Oyster card carried by millions of commuters every day is based on the contactless technology. By placing an NFC chip near a reader, up to a distance of a centimetre or two away, data can be transmitted to and from the chip. In the case of the Oyster card, permission to go through a barrier can be granted and a fee for travelling on the underground deducted.
But the Caen project has a more far-reaching use of NFC in mind, with residents now packing NFC-enabled mobiles to see if using the technology could catch on beyond public transport.
While NFC isn't new - Sony's FeliCa, a variant of NFC, is already big in Japan, where more than 100 million FeliCa chips have been shipped, more than a million of which are carried on mobiles - the Caen trial is one of the largest, both in terms of number of users and applications.
In an experiment involving companies including Orange and Philips and the town's mayor's office, Caen's citizens have been road testing the technology since late last year at a number of locations. Among them is an underground car park; the town hall; a bus stop which can transmit timetable information; a cinema poster which downloads video trailers to users' mobiles; a local supermarket, where people can pay for their groceries with a mobile phone, and a tourist information sign outside the historic Abbaye des Hommes. By touching the mobile against the 'Flytag' logo at each of these locations, users can pay for services or receive information straight to their phone.
The Abbaye is one of the more interesting showcases for the use of this technology - by placing the back of the phone against an NFC reader in the sign, information about the site is sent to the mobile by either an SMS or a phone call, functioning like a cheaper version of the audio guides found at many popular tourist attractions.
Laurent Duchelet, furniture restorer and self-confessed non-techie, is one of Caen's citizens taking part in the trial, using NFC every day when accessing a car park and every week to pay for his groceries. He told silicon.com: "There's a practical side [to NFC]. When I have my phone, I don't need to get out my cash, my card for the car park - and I can make phone calls. It's already normal for me." He added the only problem he has experienced with the technology is the need to remember to keep the phone's battery charged.
Duchelet is one of 200 people taking part in the trial, which is in its first phase. The second stage will see the number of participants increased to 400 or 500 individuals.
According to Luan Le, design manager of NFC at Philips, the feedback from the trial so far has been "very positive" and Philips expects the technology to get its commercial legs in 2007 or 2008. He said the most crucial element in the success or otherwise of NFC is the hardware - making sure phone makers are putting NFC models into the hands of users. "The five main manufacturers are in the process of trying out the technology," he added.
While Samsung may be one of the keenest - its D500 devices are being used in the trial - LG, Motorola, NEC, Nokia and Sony Ericsson are all members of the NFC Forum.
The issue of cost will also doubtless play a part in uptake, although the difference between NFC-enabled handsets and standard handsets was estimated to be $5 to $7, according to Deloitte and Touche in 2004. The question of whether the user will pay to use the service is also yet to be decided. Currently, all the services on offer in Caen are free although they could theoretically be chargeable depending on the service.
More than likely, it will be payment providers such as Visa, merchants and mobile operators that bear the financial brunt of implementing the services. The benefits for them? More services for customers which could cut churn for mobile operators, shops could get customers through the tills faster and payment providers will be keen to shift more small payments away from cash.
There's also the potential for new services. For example, while people might be unwilling to splash out for a full museum audio guide, they might be willing to spend a few pence every time they fancy picking up a titbit of information.
|
Pre-pay card to help 'unbanked'
By Chris A'Court - BBC NEWS Published: 2006/05/20 12:36:27 GMT
A new payment card aims to help the millions of people who cannot get a bank account or credit card.
It has been designed to allow more widespread access to buying over the phone or internet where prices are usually cheaper.
Although similar cards are already available this one is set to benefit charities too, but consumers need to watch charges closely.
The 360money card is the brainchild of a firm called PrePay Technologies and its chief executive Philippe Dufour told BBC Radio 4's Money Box virtually anyone can have it.
"There is no credit attached to this card so because of that we are not requiring a lot of information," he said. "We are requiring a name; a valid address that we can validate with our database and service providers, and we are working with the Post Office, Paypoint and Mastercard."
Applications for the card can be made online and when a customer receives their card they can take it to a post office or convenience shop with cash to charge it up, ready for spending online, by phone or in shops. Spending is strictly limited to the amount put on the card - like a mobile top-up - so it is impossible to overspend.
The spending limitations could also make it attractive to anyone who currently avoids shopping via the internet because of fears that thieves will steal credit card details.
Drawbacks
Among the drawbacks to the 360money card is a £1.50 charge for all cash machine withdrawals and a monthly management fee of £1.99. Plus buying anything with the card over the phone or internet incurs a two 2.5% fee each time, so for example, spending £50 triggers a fee of £1.25.
Philippe Dufour said his company has to recoup costs somehow and that percentage charging is not always a disadvantage. He pointed out that since internet goods prices are generally cheaper, that 2.5% fee may be fully offset if people calculate purchase prices carefully, when buying large electrical goods for example.
Several charities have already linked with the card, including Mencap and the Samaritans.
However, Anthony Langan from the Samaritans told the programme that he was still unsure exactly how much financial benefit would come to his organisation as a result.
He said: "We now have affinity cards out there that are helping with charities and we have some connections with that. "We have to look at getting involved in these things and seeing where it takes us. If it doesn't work out we know that we can withdraw from these relationships."
360 Money says charities should get 25p from each new card account and a few pence from each transaction. And it said the target is to raise £2million for charities over two years.
A comparison between the UK and the US in 2002 may provide us with a clue as to what the UK market can expect although caution is necessary in order to distinguish between these markets, which in some respects are different. While the US is predominantly focused on high street retail distribution, the UK is estimated to be 60% high street over the counter (OTC) and 40% corporate incentives and promotions. Moreover, whilst the US population grew by more than 10% between 1997 and 2002, UK population growth is virtually non-existent.
Since the US market moved from paper to plastic, all analyses and observations made by industry professionals have pointed to a common conclusion: plastic has boosted the gift card and gift certificate sales, which have grown at an impressive 370% since 1997, equivalent to a 30% CAGR*(3) . The US gift card and gift certificate industry*(4) almost quadrupled in 6 years, moving from $10.5bn in 1997 to an estimated $38bn in 2002.
On a per capita basis both markets are comparable in terms of size and at a similar stage of development. In 1997, just before the industry started to shift from gift vouchers to gift cards, the 268m US citizens were spending $10.5bn*(5) (i.e. £7bn*(6)) while the 59m UK citizens spent £1.4bn ($2.1bn) in 2002*(7). This is a per capita of $39 for the US and $36 for the UK. Adjusted to a population of 290m Americans in 2002, this is an increase from $39 to $131, still a 330% growth between 1997 and 2002, a CAGR of 27%.
|
PrePay Technologies Ltd.
is an international market leader in designing and delivering stored-value card solutions, including prepaid debit cards, retail gift cards, corporate incentive cards and insurance claim cards.
MasterCard certified and FSA regulated, PrePay Technologies was also the first company in the UK to acquire an Electronic Money Licence to issue e-money across Europe. From our data centres in the UK, the company creates stored-value programmes and manages several million stored-value card accounts for large brands such as: Debenhams, Comet, the Arcadia Group (Top Shop, Top Man, Burton, Miss Selfridge, Outfit, Evans, Dorothy Perkins, Wallis), Laura Ashley, Western Union and the Grass Roots Group.
PrePay Technologies is also the company behind Splash Plastic, a reloadable prepaid debit card targeted at the youth and unbanked markets. Since the programme was launched in 2001, more than 1 million cards have been issued.
Robert Potts Chairman
Previously CEO of Barclaycard and member of Barclays Group Executive Committee, Potts was also Chairman of the APACS Card Payments Group. He has held Board positions at MasterCard Europay UK Ltd, Visa EU and was a Director of Visa International and its Executive Committee. He also serves on the board of Goldfish.
Philippe Dufour Chief Executive Officer
Age 40, Philippe Dufour started his career in Australia and New Zealand where he worked as a Production Manager for Rhone-Poulenc (now Aventis). Back in France in 1990, Philippe joined Econocom, a company specialising in leasing large IT infrastructure. He developed an interest in the plastic card market, setting up, as a client, Gemplus, the worldwide leader in smart and plastic card manufacturing. In 1993 he moved into IT consulting services at Groupe Transiciel (now Cap Sogeti) where he developed a division specialising in smart card. He left France in 1996 to study his MBA at the London Business School where he continued developing his interest in the prepayment industry. In 1998 he joined The Parthenon Group, a US strategy Management Consulting firm in their London office. There he was involved in advising large blue chip companies on corporate strategy and conducted a project for the launch of a Chip based credit card in the US market. During his career his main clients have included IBM, Eurocopter, American Express, UPS, Gemplus, Thomson and McDonalds. He set up PrePay Technologies in 2000. Philippe Dufour holds an MBA from London Business School and an MSc. in Economics, University of Aix-Marseilles, France.
|
Today, we manage large-scale gift card and other major prepay transaction processing for all types of prepay products.
To support us in providing a complete stored-value service, together with a range of products, PrePay Technologies have partnered with specialists in their respective fields.
Our financial and industrial partners include:
|
Avantra builds upon the heritage, reliability and trust of LINK (the worlds busiest cash machine network) to deliver innovative and proven payments and processing solutions for acquirers and card issuers. Avantra provides tailored services in the UK and around the world; local and global solutions for today's connected payments markets.
|
PayPoint is the UK's leading branded national network for collecting payments 'over the counter'. There are already over 13,000 PayPoint outlets located in newsagents, convenience stores, supermarkets, forecourts and off-licences across the UK.
Alphyra develop and deliver electronic transaction products, systems and solutions across multiple industry sectors. In the UK, Alphyra's payment network, operating under the PAYzone® brand, ensures our Splash Plastic cardholders can load value onto their prepay debit card at a large network of top up environments.
|
GE Capital the world's largest supplier of store cards with over 15 million accounts handled. PrePay Technologies were selected by GE Capital Global Consumer Finance to provide gift card and other stored value products to their UK clients. Their UK operation is the leading provider of credit for retailers in the country, providing prestigious retail clients (operating in areas as diverse as department stores, fashion, electrical and electronics, automotive servicing, jewellery, footwear and DIY), with quality products ranging from store cards to "Buy Now Pay Later" to gift card programmes. |
|
GE - credit & debt management?
For both consumers and commercial clients, GE Money offers smart, flexible products to do it all – whether it's personal funding for your home, car and retail purchases, or financing to operate and grow a business, or affordable financing options to offer your customers. GE Money has the solution that makes sense for you.
Whether you’re looking for a credit card with a low APR, no annual fee and special balance transfer plans, or a card that offers valuable rewards…we have the right credit card for you. Select from the options given below, or go straight to GE Money in your corner of the world.
GE Money Credit Cards
GE Money offer you value, security and convenience for all of your purchases. We have partnered with MasterCard, Visa, Discover, American Express, and JCB - to ensure a secure, flexible network wherever you go!
Rebate Cards
Many GE Money credit cards allow you to earn rewards, ranging from cash back to fuel discounts to points toward our partners’ merchandise and services. Start earning cash rewards or rebates for purchases you make every day - fuel, groceries, phone bills and more!
Co-branded Credit Cards and Store Cards
Did you know - GE Money also provides financial services for a variety of Retailers across the world? You can apply for a store card (also called Private Label Credit Cards) or our Co-Branded Credit Cards, which will allow you to earn rewards for making purchases every day at millions of merchants worldwide. And we're flexible – you choose how much of the account balance to pay off each month. - gemoney.com
|
|
flashback:
The tap root of modern corporate socialism runs deep into the management of two affiliated multi-national corporations: General Electric Company in the United States and its foreign associates, including German General Electric (A.E.G.), and Osram in Germany. We have noted that Gerard Swope, second president and chairman of General Electric, and Walter Rathanau of A.E.G. promoted radical ideas for control of the State by private business interests.
From 1915 onwards International General Electric (I.G.E.), located at 120 Broadway in New York City, acted as the foreign investment, manufacturing, and selling organization for the General Electric Company.
|
|
I.G.E. held interests in overseas manufacturing companies including a 25 to 30-percent holding in German General Electric (A.E.G.), plus holdings in Osram G.m.b.H. Kommanditgesellschaft, also in Berlin. These holdings gave International General Electric four directors on the board of A.E.G., and another director at Osram, and significant influence in the internal domestic policies of these German companies. The significance of this General Electric ownership is that A.E.G. and Osram were prominent suppliers of funds for Hitler in his rise to power in Germany in 1933.
A bank transfer slip dated March 2, 1933 from A.E.G. to Delbruck Schickler & Co. in Berlin requests that 60,000 Reichsmark be deposited in the "Nationale Treuhand" (National Trusteeship) account for Hitler's use.
Antony C Sutton
|
|
General Electric
Run until 2001by "Neutron" Jack Welch, who made it a matter of principle to lay off 10% of his workers per year, the world's biggest company churns out plastics, aircraft engines and nuclear reactors and media spin through NBC, CNBC, Telemundo, and msnbc.com.
CEO: Jeffrey R. Immelt
Military contracts 2003: $2.8 billion
Campaign contributions in 2004: $221,200 (defense related)
$1.9 million (total)
The world's largest company by market share, General Electric's revenues in 2003 totaled $134.2 billion. GE was run until 2001 by "Neutron" Jack Welch, who made it a matter of principle to lay off 10% of his workers per year.
General Electric makes household appliances, plastics, water treatment systems, lighting, medical equipment, and commercial financial services. It also makes aircraft engines and nuclear reactors, and keeps criticism at bay with its ownership of media giants NBC, CNBC, Telemundo, Bravo, and, in partnership with Microsoft, msnbc.com. GE's recent partnership with Vivendi added Universal Studios, USA, Trio and Sci-fi cable channels to its $43 billion media empire.
General Electric is one of the world's top three producers of jet engines, supplying Boeing, Lockheed Martin and other military aircraft makers for the powering of airplanes and helicopters.
The "war on terrorism" has seen GE's military contracts rise substantially. But the company's "defense" side has been doing well for a while. GE and other military contractors got a big boost under the Clinton administration from Presidential Directive 41 which stated that it was the job of US diplomats to promote arms sales abroad in order to safeguard American jobs; this directive tied the promotions of diplomats to how effectively they hocked US armaments.
GE has designed 91 nuclear power plants in 11 countries, yet its nuclear reactors around the world have a fatal flaw. In the event of a nuclear meltdown, there is a 90 percent chance that radiation from GE-designed reactors would be discharged directly into the atmosphere. While the US Nuclear Regulatory Commission is aware of the problem, it continues to license GE nuclear reactors.
GE's history with nuclear power is an ugly one. In the 1940s-1960s the company ran experiments on humans with radiation, including irradiating the reproductive organs of prison inmates in Walla Walla, Washington, without warning them of the risk of cancer. Other tests were run on the elderly and hospital patients. General Electric intentionally released large amounts of radiation into the air from the Hanford Nuclear Reservation in Richland, in order to see the distance it would travel. These atrocities were revealed in hearings in 1986 held by Representative Edward Markey of Massachusetts. The company has also been accused of knowingly poisoning its workers at the Knolls Atomic Power Laboratory in Schenectady, New York with radiation and asbestos.
General Electric is currently attempting to overturn the US Superfund Law of 1980, which allows the government to hold polluters responsible for cleaning up their toxic chemicals. GE argues that it is "unconstitutional" for the Environmental Protection Agency to force the company to pay $500 million for the cleanup of the Hudson River, where GE dumped carcinogenic PCBs, or polychlorinated biphenyls, over three decades. In March 2004, a federal appeals court has revived GE's lawsuit. It shouldn't come as a surprise that GE is trying to change the Superfund Law: the company is responsible for 78 Superfund sites around the US.
It's clearly not safe to be a worker for GE either. The US government's Occupational Safety and Health Administration, or OSHA, has cited the company for 858 workplace safety violations from 1990-2001.
General Electric has been involved in so many cases of fraud that in the 1990s the Pentagon's Defense Contract Management Agency created a special investigations office specifically for the company, which indicted GE on 22 criminal counts and recovered $221.7 million. In one case, in 1992, GE entered a guilty plea to criminal and civil charges for defrauding the Pentagon in a case where money was funneled to the Israeli military. GE was fined $69 million for violation of the Foreign Corrupt Practices Act.
GE's financial division has been another area ripe for fraud. GE was fined $100 million for trying to get bankrupt creditors to pay without informing the bankruptcy courts, in effect paying debts that they no longer legally owed. Not surprisingly, General Electric is the financial backer of WorldCom, the telecom company whose massive fraud and creative accounting led to the largest bankruptcy in US history.
The company has been involved in countless scandals, but strangely enough, they don't seem to affect General Electric's ability to win government contracts - but then, this is typical of all military contractors. According to a survey by the Center for Public Integrity, from 1990-2002, 30 of the US government's top contractors were found guilty of fraud in 400 cases, leading to settlements and fines amounting to at least $3.4 billion. General Electric paid $982.9 million for 63 cases in this period.
Such repeated behavior and continued contracts wouldn't be possible without friends in high places, of which General Electric. GE spent more than $31 million in 2001 and 2002 lobbying lawmakers; in 2000 it spent $16 million. Reigning CEO Jack Welch had enormous influence and was consistently ranked CEO of the Year by the slavish business press; he was major Republican donor as well. GE director Sam Nunn was senator for Georgia for 27 years, and also sits on the boards of ChevronTexaco. GE's Senior Vice President and General Counsel and Secretary, Benjamin W. Heineman, used to work for the US government's Department of Health, Education and Welfare. General Electric's defense sector gave $221,200 to political campaigns in the 2004 election cycle, with 50 percent going to Democrats and 50 percent to Republicans.
GE Corpwatch- war profiteers
|
Shelley Rosen, senior director of McDonald's, agrees that ideas and understanding a brand's core competencies can translate to elasticity.
"General Electric has a portfolio of 21 different organizations from rocket engines to MRI machines to light bulbs because they did a lot of work on what their core competencies are. At General Electric that's leadership
Selling leadership in everything they do. They have figured out how to replicate leadership whether they're making MRI machines or rocket engines."
Brandchannel
cosmetic restrucuring of a monoploy?
General Electric Co. said [..] it will reorganize the company's 11 businesses into six industry-focused groups, and has named three new vice chairmen.
The company will be realigned into GE Infrastructure;
GE Industrial;
GE Commercial Financial Services;
NBC Universal;
GE Healthcare
GE Consumer Finance.
"These changes will accelerate GE's growth in key industries," said Chairman and CEO Jeff Immelt. "We have been moving toward a more customer-focused organization for several years. " - msnbc [which is jointly owned by GE and Microsoft]
|
|