10 Reasons Coin Card Looks Like a Security Nightmare

[Guest]

The Coin Card digital wallet raised $50,000 last week. But security experts say storing many credit cards on one device is far too risky.

10 Reasons Coin Card Looks Like a Security Nightmare : Read more

 

[ddpruitt]

the major payment processors are shifting certain types of fraud liability from card issuers to retailers

I have yet to see an instance where the issuer takes liability for fraud, it's always the retailer.

our servers, mobile apps and the Coin itself use 128-bit or 256-bit encryption

Coin is in the process of earning a PCI DSS certification

These two statements alone should scare anyone away from one of these. Mag strip devices were designed for convenience, not security. The fact that Coin really doesn't seem to have a solid understanding of the security involved means that it might be difficult for them to have the device approved and that their security is flimsy at best. Now instead of having a single card stolen, you can have up to eight stolen at the same time.

 

[Darkk]

Biggest issue I see with this card right now is lack of PIN. Been said that second generation cards will have it. Well, if security is paramount why didn't they include PIN in the first place?

I am better off having an app on my smartphone to pay for stuff. Least with it can be secure.

 

[velocityg4]

[The jet-black, featureless Coin card, which has no hologram, logo, signature or other visible verification, "trains people to ignore cards that 'don't look right,' making it far simpler for other thieves to pass off Marriott hotel cards as valid credit cards," Wisniewski said.]

Although I do agree that this just sounds like a bad idea for far too many reasons to go into. I did find this amusing. .

Rarely does any clerk look at my card, ID or anything else. Most of the time the card reader is set out for the customer to use and the clerk doesn't even touch the card. Even on the rare occasion I hand a clerk the card. They don't look at the name on the card, my ID or anything else they just swipe it and hand it back. Perhaps one in a hundred uses does a clerk look at the name on my card and ask to see my ID.

Heck more and more stores are putting in self checkout. With one clerk watching over 4, 8 or more lanes. There is no verifying identity with that system.

 

[ChristineCWard]

my friend's half-sister makes $83/hr on the internet. She has been out of work for 10 months but last month her income was $17342 just working on the internet for a few hours. linked here .....................................

WWW.FB49.COM

 

[zeuss]

I'm not saying the coin is perfect, the chip and pin is going to be a requirement sonner than later and I don't see how its cloneable but...

What do people think happens when a wallet gets stolen anyway? That's right... The thief has taken all of your cards anyway. No different than if they had stolen your coin.

However all the cards in my wallet work once I've walked 200 feet away. A coin apparently won't.

Everyone should understand that more often than not security is sacrificed for conveince.

If you want to be super safe give up all your plastic cards, goto the bank and get to personally know all the tellers there so they remember your face, and only take out enough cash for each individual purchase you are going to make. Safe as can be... but doesn't sound convenient at all...

 

[gm0n3y]

The USA STILL doesn't have the chip in their debit/credit cards? In Canada we've been using them for the past ~3 years now.

Some stores will allow you to swipe if the chip isn't being accepted for some reason (happens on rare occasions), but most will not. Regardless, this product seems super sketchy. I can't imagine a retailer that would allow someone to use a device that is designed to use skimmed cards (willingly or not). To anyone questioning the liability of retailers, a quick look at the EMV chip wikipedia page shows that retailers are going to have to accept liability when accepting swiped payments. I think whoever put money towards this is not going to get anything for it.

 

[augustenl750]

my friend's sister-in-law makes $83 every hour on the computer. She has been out of a job for ten months but last month her pay was $17797 just working on the computer for a few hours. you could check here............. WWW.JOBS61.COM

 

[slayer10000]

Using this for personal cards i would say no way!!! but for gift cards hell yes then no more carrying around 20 of them and forgetting about them ( who am i kidding i would still forget just less to carry around thats all)

 

[Simon Anderson]

It's only a useful product in the US, with it's card technology behind the rest of the world Most countries adopted "chip and pin" years ago. The very existence of this product is the main reason why you should adopt chip and pin...

 

[goinggoing]

$5 Promo Code: https/onlycoin.com/?referral=LlJ3oZJ4

Why not?..

 

[goinggoing]

$5 Promo Code: https/onlycoin.com/?referral=LlJ3oZJ4

Why not?..

 

[mynith]

Dude. Chipcards have been around since the 90's in Europe.

 

[_Cosmin_]

So far your phone app has less security than this device! A simple malware installed on phone could intercept all data it need to clone your card from your app!

 

[goinggoing]

Promo code for $5 off: https/onlycoin.com/?referral=LlJ3oZJ4

not bad.

 

[beachminter]

That's why I am more excited about the Wallaby card, a software solution that combines alll your cards in the cloud. I'm sure it has problems too. https/walla.by/the-wallaby-card

 

[jkbona]

For $100 how long does the Coin Card actually function? There is no mention of this being a rechargeable device so I'll assume a primary battery is being used. Having to power a BLE, a display, a dynamic magstripe and the rest of it's components seems to be a high bar for the primary batteries available for the card form factor.

 

[swapniljain26]

Earlier I had a concern about skimming of data, but now apparently the app tells you how many time your card was read. So you would eventually know if it was used somwhere else ! moreover now they are offering a morse code style pwd which you need to click after you select a card so that the waiter cannot cycle through other cards !

Pre order one now !
https/onlycoin.com/?referral=wX0z9AEU

 

[Shebardigan]

Fascinating. I wonder if the developers have licensed the patents taken out by Frank J. Gangi. I wrote some prototype firmware for exactly this device back in 1999. Warned him about these concerns and more.

 

[RedundantInk]

Single point of failure for your finances, mag stripe only and multiple obvious attack vectors. What could possibly go wrong