Sunday, December 4, 2011

BLINK℠ and NFC, the swipeless credit card - what's the point?

Hearing all this buzz about cell phone manufacturers starting to offer credit card services using the near field communication (NFC) interface in their devices, I noticed that my Chase credit card has the BLINK℠ thing in it. It's not that I didn't know about it before, I remember (vaguely) how I received some years ago a renewed card with a colorful booklet describing a bunch of benefits the new BLINK℠ technology carry. Although the booklet was designed in a mood how it is impossible to stay alive anymore swiping credit cards old school, I was not very convinced that time. OK, I tried the new card once at a fast food register's BLINK℠ marked reader to make sure it works. Well, it worked. And that's about it. The question is, is it really "Fast, Easy and Secure" as it is advertised?

Fast? Maybe. It takes a split of a second to transfer the credit card number to the register. Let's say I save a whole second per transaction using BLINK℠ against the classic swipe, which is very generous estimate I'd say. Now let's say I use my card every day (which is hardly true, but come on, for the sake of estimate...). That's going to be 365 seconds a year. Wow! The whole 6 minutes! It's like cutting a line of a few people at a coffee shop once in a year. What a super time saver! Sorry for sarcasm, couldn't help it.

Easy? Well, for example, you may even tap your wallet at the card reader without bothering to pull your card out. However it's going to work only if the credit card you want to put the charge on is the only RFID/NFC equipped card in it. If you have however an office access ID card or parking ramp entrance card or any other RFID device in your wallet they might interfere with each other. OK, let's say you're fine. But you still have to use your hand(s) to do it. OK, maybe if merchants mount the card readers a special way at the registers for customers' convenience so you can scan your BLINK℠ card by merely turning around and touching the reader with the part of your body where your wallet is usually tucked in a pocket, then it might be noticeably easier.

Secure? This is a very big question. Even though Chase claims that the card can be scanned only at 2 inches or less away from the reader, I doubt that there is no way to craft a more sensitive device that could read RFIDs or NFC interface from a longer distances. Anyways, it requires a split of a second to be at 2 inches proximity to read the card ID. And the transparency of leather and denim for it, what makes the technology so convenient, also makes it so vulnerable.

So what's the point? Even replacing the plastic credit card with a smartphone, how is it different from replacing an expired credit card with the renewed one with that BLINK℠ thing in it? It's not going to make the transactions "faster, easier and more secure". It's not going to lower the transaction costs which eventually are passed to the consumers anyway. It's not going to shorten the lines at the cash registers. Or, wait, is it? What if this time it may allow you bypass the line at all?

Look. I have (you have, many other people have) a quite powerful computing device in a pocket. The device is equipped with a hi-res camera, hi-speed internet connection and, well, NFC interface. Technically, with a carefully designed software, it is possible to scan the merchandise ID (the bar code with the camera or the anti-theft RFID tag with the NFC), send a transaction request to the merchant's server, communicate with the bank or the credit provider to authorize the transaction, connect the merchant with the bank, and upon approval close the transaction. It's basically putting the whole cash register into the hand-piece. That would be really fast (no waiting in the line) and easy (beep-beep, done) and secure. Yes, secure. With proper digital keys exchanging among the buyer, the merchant and the banks over strong-encrypted connections there will be more room to achieve much higher levels of security than with a cheap microchip in the plastic credit card. Plus, the RFID tag of the bought merchandise can be immediately removed (marked) from the merchant's database so the EAS alarm at the store entrance will not go off when you walk out with the just purchased good. Self-check-out lane? - No, thanks. I've already checked out myself.

Not a very job-creating idea. And it requires changing many habits, both shopping and selling. But technically it's already feasible. Isn't it?

Update 3/1/2012: Ignacio Mas just mentioned similar idea today in his article "Me, My Money, and My Devices" at Technology Review: "Now that we have a virtual card and card reader right in our pocket in the form of a smart phone, who will be content to carry a credit card we cannot ourselves read?" I'm glad we're on the same page, Ignacio, we're getting there.

Tuesday, July 26, 2011

Google+ circles

OK, as far as I could find so far the major, if not the only, advance Google+ have against Facebook is their circles concept. But I'm still a little confused what would be the right way to use them. The circles are great, I agree, they prop your networking up into multidimensional space. However in my opinion it's still a half-way solution. And here is why I think so.

1. The circles are sharing circles, not the reading ones. Or not? I create circles and put certain people in them to control whose streams I'm going to clatter with my posts. I'm sure that some geeks are absolutely not interested in my kid's photos, and my relatives are least likely would appreciate my nerdy essays in their stream as well. OK, that's how I understood the circles at the first glance. And it seems to work this way, I mean one-way. But why all my the same circles are used as filters for my own reading stream. Does it mean that I have to carefully redesign my circles to make use of them for my reading? Should I create a circle "most interesting" and add and remove people to it based on their posts' interestingness? Then there will be two kinds of circles, outgoing and incoming. Will they be there? Double the number of dimensions?

2. Circles tend to produce more circles. Wherever there are overlapping circles there will be unions, intersections, differences, products etc. It's the basics of the Set Theory. Examples? Well, union is the simplest, and it's already implemented in Google+. Just check as many circles as you want when you're sharing something - that will be a union. Intersection? Let's say I have "Geeks" and "Can read Russian" circles. When I post something geeky in Russian, guess who would I like to address the post? I believe the intersection of "Geeks" and "Can read Russian" should be my target. Next the difference. Let's say in addition to the previous two I also have "Coworkers" circle. Again, all of these three circles can overlap easily. What if I want to subtract "Coworkers" (including my geeky boss) from "Geeks" circle if I'm going to ask an advice on, let's say, job hunting from all my geeky friends? So there should be a subtraction functionality in G+ circles too. I hope Google will think about all this math.

So there is plenty of work to do to implement the circles properly. The only hope is that Google has enough resources to do it right. Maybe it's not time yet, and that's why the enrollment to G+ is limited for now. For the meantime Google+ is just raw. Well, no problem, we can wait.

Sunday, January 30, 2011

Amazon Web Services

I know that to have your own personal blog is cool, but to have it on your own web host is double cool. That's true. However what can be even cooler to have your web host running in your own Linux virtual box? No, not running it in a real box in your garage. It was cool, even geeky, but some years ago. These days everything more or less advanced goes into... clouds. Yes, cloud computing they call it. Is it a right thing? - Yes, I want an answer on this question too. And there is only one way to find out - to try it on.

So that is it. This particular web-site, being my beloved guinea pig, has moved onto Amazon Elastic Compute Cloud (EC2) to test the Amazon Web Services in field conditions. Luckily Amazon gives their new customers Free Usage Tier, a package of free usage enough to run a "micro" instance of a Linux round a clock for a year. The "micro" instance means 613MB of RAM. One must acknowledge that this "Free Usage Tier" doesn't mean free service - Amazon is going to charge for every tiny inhale and separately for an exhale in the cloud. The only hope is they cost pennies each. What amount those pennies are going to pile up in in a month, that's what I'm going to find out and compare to my current Virtual Private Server, which is $20 a month flat for 512MB RAM virtual machine. I specifically do not mention other resources like disk space and CPU GHz since they are not as significant as RAM is and don't actually define the price. We will see.

How is Amazon? - So far not bad. A bit complicated to get started, but one can call it being geeky and be cool oneself. Good thing everything is well documented and explained at the AWS web-site. Also it seems like the community of fellow customers is scarily large. How is performance? - My ssh terminal logged in this box feels much more responsive then with my old VPS. I think it's just the disk I/O at my old service provider needs improvement. Everything else works fairly well on both sites, so can't compare yet. I didn't do any benchmarks and am not going to. Next step will be to put some load (move more web-sites) onto the machine and see how it feels in the web-browser. I'll keep you updated.