NFC/Bluetooth sticker goes into production A sticker packed with Bluetooth and NFC (Near Field Communications) is an impressive thing, but regular charging and manual operation could make NFC more difficult to use than cash. That's not going to stop Twinlinx, which has been telling NFC Times that its MyMAX sticker will be shipping next month for those who don't mind …
... are more of those EUR 20 phones that look and work reasonably well.
That proximity payment thing is yet another retailers' wet dream -- and banks', showing you where your bank's loyalty lies. Not to put too fine a point on it: Not with you. Even if everything but the consumer is called a product (like ``travel product'' for what normal people call a train ticket, or ``financial product'' for your bank doing you a service), none of those things actually are what it says on the tin. Modern consumerism means the consumer is the product.
And why is proximity payment such a wonderful tool of consumerism, you ask? Well, look at what it does. It hides how much credit is on it, quite contrary to the immediate look and feel of cash. There's a reason Scrooge McDuck doesn't swim in plastic. It lets ``black'' transaction processing boxes keep score instead of your money counting fingers. It lets people with those boxes dip money right out of your pocket. And if anything goes wrong, well, it's up to you to disprove their claim their gear works Just Fine and losing the credit isn't your own damn fault, stupid consumer. Nobody else is complaining, no? Must be you then. Cheerio!
That doesn't even begin to touch on the privacy aspects, which us-the-consumers tend to forget exactly because all the processing happens out of our eyesight. Transactions flit to and fro and do you know who has the logs? The merchant, their bank, your bank, but not you. And how long do they keep them? Even a month's worth means being able to track almost to the metre where you've been, just by looking at timestamps and locations, nevermind chalking up what you've bought. In reality it won't be a month, but more like the better part of the decade. Tax rules, you see. So anyone from police inspector to private eye, if they find any copy of the transaction logs they can divine what you've been up to.
Often even if your name isn't attached to the proximity card (and how would you keep your name off it? Charge it with chip and pin just once and it's recorded *somewhere*), it's not too difficult to sort out who you are. How many people get on the tube where you live and get off where you work each day? Probably not too many. Look at what you do in the week-ends, correlate with where your kin live, done. You already leave far more of a paper trail than you realise, but the difference with days of yonder is that we have much more electronics to gather the trail and stuff it in databases. Oh, passports' RFID chips use the same ISO protocols, by the by. Who is to say a rogue reader wouldn't stop at reading oyster cards?
Shirley they won't do that! you say. You'd rather wait for a tip-of-the-iceberg scandal to wake you up, then?
It isn't that it won't be done. Appeals to common sense and common decency don't work on crooks. That's why they're crooks, even if they happen to be fully legitimate or even run the government. It's that these things _can_ be abused, in theory and increasingly in practice. And that makes them badly designed bad ideas.
"Oh, passports' RFID chips use the same ISO protocols, by the by. Who is to say a rogue reader wouldn't stop at reading oyster cards?"
Passports and other ISO14443 cards do use radio waves to communicate (RFID is a bit of a misnomer, but a very popular one). They use magnetic fields, like a transformer coupling. Trying to communicate by modulating a transformer coupling through free-air at a distance of more than 10cm is very difficult. You can extend the magnetic field a little by upping the power output of the reader but will risk literally cooking the IC in the card (I've seen this happen). Rogue readers might work in a PhD student's lab but are not a practical proposition.
NFC is exactly that: Near-Field Communication.
AFAIK the spec says it has to work at least up to 20cm. I also recall the ``car whisperer'' guys, upping the specified ten metres of bluetooth (I know some bt goes up to a hundred metres, but not the bt in bt carkits) to several kilometres with a directional antenna. It's not ``magnetic fields'', not ``induction'', it's ``radio waves'', as you point out. With that directional antenna and some smart circuitry that increases power until it gets a reply, it's not too hard to keep from frying the circuits at least for the one targeted now. Being crooks, it's not too important to not fry circuits that are closer. People'll grumble and get a new card, but the cash'll be gone already.
I understand your objection but it's the difference between engineering for function and then spend half a day hammering the bugs out and engineering for security and not dysfunctioning in the face of adversity. The worst threat to the consumer isn't a microwave. It's a rogue with electronics stealing your cash, your identity and with that your good reputation.
So I stand by my verdict: Bad idea designed badly. Unfit for civilisation.
This post has been deleted by its author
The device can actually work as a passive tag or as a reader, so a power supply is needed regardless of Bluetooth. Makes sense, because as a passive tag it would have nothing to send to the phone via Bluetooth.
The only way that comes to (my) mind for the thing to use Bluetooth with a passive tag is to dynamically change the content of the tag while the instructions for the change would be passed from the phone to the tag by Bluetooth.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
