Pragmatic 54: Stop Rubbing Your Reader Against My Butt

24 January, 2015

CURRENT

The Apple Watch promises to make Apple Pay even easier and safer than traditional credit card transactions. We look at the history of Credit Card data transactions and consider the practicalities. Of course.
Transcript available
I have not sound effects and welcome to pragmatic pragmatic as a weekly discussion show concertina practical application of technology exploring the real-world trade-offs we look at how great ideas are transformed into products and services can change allies nothing is as simple as it seems as episode sponsored by Lynda.com then, is the easy and affordable way to learn we can instantly stream thousands of forces created by experts in the fields of business software web development graphic design and lots and lots more kickstart your New Year and challenge yourself to learn something new LY NDA.com/pragmatic to get a free 10 day trial is something for everyone so if you want to learn something new what are you waiting for's episode is also sponsored by many tricks makers of helpful apps for the Mac visit many tricks for one word.com/pragmatic for more information about their apps Butler chemo Leach desktop to time sink usher move name angler and which if you visit that URL you can use the code pragmatic 25 it's pragmatic the word and to buy the numbers in shopping carts a 25% on any many tricks product will talk more about them during the show on your host John Geagea and today am joined by my co-host Vic Hudson Heydon Vic goods are now either doing very well thanks arm before we begin its term of office was a short show are this week are I'm being on training actually amend our learning all about our brand-new arm well I say it's not a brand-new DCS attacks have been around for quite some time but are it's the morning that centum CS are this week which is a Odysseus by your gal are which has been are really fine it's been nice actually getting stuck in and learning about term more about this specific DCS Itzhak got a lot of interesting features that some of which are not available and others which is really interesting and dad is always good to see different ways of tackling are the same kind of problems and control sites are it's been fine but has also been varied so I have been very time poor unfortunately because between that and the site redesign I just haven't had much time to put much together some afraid that this week will be a short truck but that's okay before we get stuck into that are I have two big announcements and the first I just alluded to which is are the website redesign is of those of you that don't just as the pod casts you do also visit Dante distortion which is our which is my site upon which this is hosted are I've gone through and done a complete redesign and relay out and I've stripped out a lot of stuff that are isn't being used our hands I'd I don't mean that is in people and using a minute I'm not using it it's it's dead code as at work I'm trying to clean up some things that had become a bit bloated along the way are static itself is an evolving product and they recently had a whole bunch of extra features that I would like to integrate back into the site and do it properly I'd I'd hacked a lot of things to make it work and do what I want to do particularly around membership particularly around the voting so are on that topic I would like to say a big thank you to everyone who signed up and showed an interest and in the newsletter I did I was kicking around as well and also for submitting and voting on topics already I've covered a whole bunch of those topics have been suggested by listeners and I've got plenty more to go on with in fact are its face essentially is for that reason primarily that I decided to temporarily pull that functionality from site just for the time being the true desire to have enough topics for me to get to episode 100 no trouble at all so again a big thank you for all those ideas I will be covering them off gradually through the course of the year so don't worry yours will will, so are you can still submit ideas if there something the burning stuff you would like me to talk about our or you'd like to think that I should come about through the feedback form of course it's it's still there will always be there so our feedback form is still there so feel free to make suggestions by that as well or vitally little good now are the rationalisation arm that I'm doing also are trialling a new our VPS provide us a place called cloud shards so hola let you know how that works out for me are also removed the Google analytics are tracking from the site are to be honest I was prompted to do this Psalm by signing the marketed when no he saw them when Marco posted about this recently how well after he is some after his serve functional arm high ground article he accurately gave some traffic on it it's possibly a little bit of trafficking in and ease said afterwards that he is remove the Google analytics from site arm so I hire Saddam had a bit of a think about it about why had it out as decided I didn't need it so it's now gone as well so the site is now running lean and mean leaner and meaner than it ever leaned meanly before it's now 2 to 3 times faster than anticipated low times that used to be and dart the server itself that it's on is 1/4 of the memory there of the last 1 1/3 of the storage space as non-on SSD it's on a standard dust spinning planner so there you go despite all those limitations it still 2 to 3 times faster so I told you when I stripped bare actually did mean that I did so hopefully you like it and I'll be tweaking out of causing coming weeks pets are anyway what you see is what she gets up okay second big announcement is I have been are I've had is a bunch of fair half as a show for quite some time have asked for everything from mugs to stubby holders arm to T-shirt staff for Romeo properly early 2014 are and I've sort of been putting off putting off saga to get to get to it but I decided you know what it's January 2015 why not let's just do a run of shirts and see how we go so far I like so many other output casters out there I decided to go with T spring there's a whole bunch of reasons for that the shirts that I've chosen I think are some of the more popular shirts than not the entry entry levels are there a few steps above that so I guess you call the mid range and so I to think about anyway so I didn't go for the absolutely old cheapo cheaper ones are I decide to go for ones that were slightly nicer and if they are black because I think black is a good choice in terms of you doesn't show stains very well let's know it's you. And frankly I think that the other logo looks very nice on the black so are there is a link W Lincoln the show notes if you've ever wanted a pragmatic T-shirt now is your chance I'm not sure I'm never gonna do this again arm I'm not planning on doing again so it's those things if you want if you ever want to get one now is your chance grabbed one while there are I've got them up for three weeks which is the maximum time are allowed and I said a pretty low goal so I'm hoping that there's enough people that is a nice and it will be really really want this for a long time and so hopefully those people will alarm will hear the episode and grab a show while I can and are I don't need to sell a lot of them in order for them to make them otherwise if obvious if we don't meet that sales that that minimum number than they won't make any so it's a bit like a kick starter in that way so hopefully arm enough people instead that are the people really want them can get them and that's that's really the goal and try to satisfy their so if you've ever wanted a pragmatic shirt then this is your chance are apologised to my international fans of the show are I do realise that because T spring are U.S.-based are and they don't have distributors are here in Australia the shipping costs are in opening its $12.50 US arm for anything outside US and Canada counter slightly more expensive than USB the cheaper that the postage around North America is relatively cheap are but for the international business is not much I can do about that unfortunately are it's it's an it's in our it's a non-ideal situation on my acknowledge that but in any case if there's others in other countries that you're aware of our please let me know and arm I'll consider them but for the moment sample aroma this and see how we go so as I said if you want shirt now is your chance grabbed now I can on the T spring and Leslie the show notes and orthodontic distortion so check it out if you're interested okay nothing is enough farm pre-blurb and think I believe that you believe so your mortgage I could do more sure when I know I'm not getting all that said get well alright people jealous that's the spirit arm okay are writing are so I okay sometimes when I do a topic on on the show it's because something happens to me in the real world and I'm like that is can be annoying all that is annoying or I have been annoyed so sometimes I wish you could call annoyance topics but the one I want to read today has to do with NFC and we talked a bit about NFC already in episode 47 interrogation signal we talked about RFID is but I wouldn't talk about NFC as it relates to Apple watch and of course Apple pay and let's wind the clock back of course to gave Google wallets to just NFC and credit card payments using NFC technology and go back to the magnetic stripes and go back to the original credit card so I'm starting with hundreds of bits going to annoy me I will work my way back to the beginning but he's well I just want reletting of all the rage they are near credit cards make me angry butler irrespective of the financial stress that the difficulties they cause they are not talking about that okay because that's not interesting to me I mean it sucks but it's not an stunt was interesting what's interesting to me is how do we get to where we are and is where we are a better place than where we were that's what I try and address so what are let let's just draw some boundaries around this okay first of all can talk about cash okay much I'm really not because cash is Cash's gash whether a mocker talk about checks of any kind and I say you are like a written check the bank cheque any kind checks why transfers does that outside out of bounds okay for an indefinite amount Goldblum's is off the table all of them all the talk about is what we think of today as a credit card another was a plastic magnetic stripe card no NFC animal attracts that up to Apple pay where we going at the moment we think sounds good bananas okay or even hot bananas although I don't think Tasker, and I can think of wising and seek organs anyway night prior to 1970 when American Express adopted IBM's new fandango technology to magnetic tape arm on their credit cards prior to then everything was done it was not red it was all done manually and the materials that they made them out of work were varied in fact back in the 1920s the original cards if you call and cards are more like a plate like a small metal plate and on that plate they would emboss the numbers and letters for your account information your bank information and they would be imprinted using carbon paper sheet by just simply you running at our back-and-forth on imprinting machine and because these are still available and there are still places these days some merchants still use them when I work at Dickson Photonics I use these from time to time when the Athos terminal was down all the bank connection to the bank was down the phone line was down didn't happen often but when it did he had to do a manual transaction it was like are here we go you could still run into it small mom-and-pop plate motels hearing in the states yes same here and it's it's like it's if all is right now it is the last resort everything fails you go okay I'll go get the manual imprint machine and go as you can find the dam's credit card manuals transaction slips with a carbon paper so that when you are working in retail did you ever do a manual transaction or not I was fortunate you are lucky man I did a few and she is a suck so badly because you know you get the card and you put this is of course the air final evolution is not all matters is the pinnacle of manual transactions where you have a little plot you have planned a plastic bed usually sometimes got some steel or aluminium runners on each side you place the card in a in a slight recess so that it sets the top of the card therefore sits flush roughly flush are with the bed of this thing and then you insert a piece of paper over the top and the actual embossed letters that are raised up out of it and they will fit come into physical contact with the bottom part of the paper the paper itself is a sandwich usually have three sheets sometimes for depends and what it is basically as you got the bottom is that the one that you going to imprinted on our the middle is that usually are a layer of carbon paper and of course the top is the one that you can write on and what you do is your go and are better there is a handy pause over the bar and the bars got a series of thumb that attaches to the runners the steel or a million runners on either side and use literally run it in one directly use a psych screen printing you yucky run at across the card in one direction and you pull it back and that act running backwards and forwards it presses down and the carbon transfers across to this page and hey presto you've got yourself a you animate that noise ever, nor there was Greek yoghurt again near the person was better but anyway the I have not South X-Men anyhow the point is that those manual transaction medical shaker pull-out stayed they have to sign it and then you fill in all that the details of the transactional at rubbish then you tear off while in use and one after one lobbyist how one-off your own records and you give them a receipt in her and the worst part is of course because then you gotta mail the receipts into the bank Citibank Unidata track the receipt that the actual transaction slips going to the bank the bank is to manually process them they can take days or weeks and even in a cedar manual transaction there is no evidence is no way of checking that you have available credit on your card in a psych goes through that's it so are in recent time more recent times submitted some cases was large dollar amounts we had a rule where you would call the bank has a number you would call and you do a test you would punch in the pin number your punch in the amount and it would just give you a yes or no they've available credit or not and it's a sort of thing that I haven't done this for so long I don't even know if they do that anymore I don't know because I know I've only done a manual transaction I think the firemen are transaction I had as a can is the end customer was about six or seven years ago at a gas station that's since closed and been ripped up and is now covered by a freeway section and done and that was like 30 bucks on fuel so it was not a big dollar amount citing a that's still the done thing anyway okay I'm getting going way too far into manual transactions okay they suck that's where it all started before those machines were were an actual like we be likely would use today back in the 1920s and these cards that they handle plates if you are called plates of microwave there was there was no universality to them there is no convention there was no standardisation so I bank or or a group of merchants or note or companies would have the special cards charge cards for transactions so that it would have to carry around cash and it wasn't really until the 50s that the nationwide system and I am in the US at least are an credit card sort of came into being so you these individual banks previously a sort of that in have the reach so in the 50s that's happened and that it became international and plastic really only became common material for making credit cards in the 70s so note the actual car that you and I would use today without NSC with a magnetic stripe on it really only started in the 70s and it was started as said by American Express and and they only adopted IBM's technology so IBM's advanced systems team and in the 60s is headed by two guys called one was some are Jeremy's cigars and am Forrest Parry and they were looking just for a cheap way to speed up credit card transactions at the point of sale and the use adhesive magnetic tape applied to the back of the exit of any of their existing credit cards at the time were they made of plastic and away they went they they had invented essentially what we consider to be our the credit card so anyway interesting yet is interesting and the funny thing is of course there's so many different sizes they eventually standardise the size I tried to find the date when they standardise the cyber I couldn't find it a full be interesting but I imagine sometime in the 70s or late 70s and early 80s they sterilise the sizes so is acting iso-IEC standard 7810 and ID one size which is 85.6 x 53.98 mm Nass about 3.4" x 2.1" that's the standard size for credit cards these days and has also been adopted by a lot of other size the other cards as well so store cards and drivers licenses nights. So now you have a wallet the war has standard size slots for standard size cards so everything fits or doesn't fit now because you got semi dam store cards you can't fit the morning down while specially rough your trifold what like I do trifold a bifold while our microorganism bifold I've used both as A sort of I guess you could consider trifold butter if you if you trifold out it makes an L bifold revenue unfolded and then you can flip the driver's licence part (you can aid even more cards underneath of that and it becomes an output you can get to sit my promise much of my business cards in the third section of my trifold and I'm at the point now I got so many damn cards in my wallet that I can't actually close it and have it sit in my pocket in any way that is comfortable where you know are only have only a heap like three or four business cards and are well with difficult people yet they do and you put in your hip pocket you back your pocket you sit down it's so uncomfortable I got to the point where it so ridiculous I can't drive any distance within my back hip pocket of his grammar have-nots, front pocket now which feels weird but it's safer anywhere from a pickpocketing point of view although we are only marginally good big boxes to get it anyway okay and yet so right where we are to write a course NSC so magnetic stripes all well and good that's all dandy and loving everything so what does that encodes all information on the back of the card or on both sides the card actually because it is that they still embossed the front the manual transactions and the magnetic stripe on the back are contains the actual card number itself as was the expiry date in your name I think that's mostly all it contains but the other thing that doesn't contain is the arm card verification code arsenals nor the CBC or CBV and its three digit code that is not encoded with such that if you strive if you if you swipe the card you start to quite three numbers on the back and you often see down on web forms and everything in it is nothing new anyone is used to grow gardeners all of this or most of anyway so nothing all that new and exciting when it has an interesting security thing that you may or may not be aware of national there is actually a mathematical formula that you can run on simply the credit card number alone to Telford is actually a valid credit card number at night yeah I had heard that I'm trying to look it up because they care remember about when I was in no school one of the first computer science classes one of my entry-level programming projects was one that would actually tell you whether or not a credit card number was valid by that map equation yeah and the number somehow is encoded with your name and it's also some you do with the first few digits of the card number our unique basin there's a Visa or MasterCard you whatever else the number of digits is also based on the kind of car that it is of the ad it's you I didn't look into that very much but it so if you do find it done now let me know and down it's just the NFC okay so the magnetic stripe made things quicker but also made it quicker for people to steal things because they convinced that that's what leads to the whole idea concert of skimming so skimming a car not to commit credit card fraud are now the magnetic stripe became possible secret hide a second strip a second reader our head unit directly behind or in front of the actual heading if you have a Doug Tanner and F a point of sale terminal are that has been tampered with you can actually put that in there and if it's associated with a pin number you what what what what dark scammers will do as they will modify an automatic teller machine let's say are because there are easier to its more fruitful and easy to hide in some respects but and I'll put a pinhole camera and that will watch the keypad for watching you type in your pin number so if they grab that information from the straw magnetic stripe and they see you can observe your pin number from the camera of the pinhole camera then they have the tepees that they need to extract where the money they want from your car they can claim the cart they don't have the CBV of course because it's not contained in the magnetic stripe but they don't need that because you don't enter the CBV when you extract money from an automated teller machine so year it's time you got it got cultivar and that it is all about the 16th digit is not random only the first 50 numbers around the overlap 16th number of the check digit and is calculated using the formula on the first 15 digits there is an algorithm that you can run on it that reverses it and tells you exactly what the 16th number has to be an effort anything but that then it's not a valid credit card number at interlink know that irrespective of whether or not you've actually guard a credit limit or availability of such optional it's just don't tell you whether another number of regular rate at the beginning it was when my entry-level computer science projects was to code 1 of these the system, cultivar okay cool thanks that idea is one of those things that's arm I can swell the first one or two digits was reserved by one the bank was a Visa or MasterCard they still could be very much could be you do it when you look at this when you read the cell related your feet are basically it's it's not that the 16th digit is predetermined before the rest of the number it's that you determine the rest of the number and then run it through this equation to get the 16th digit understand right so the next thing to talk about is arm the NFC NFC progression NFC and why we would do that so before we do is want to quickly benefit sponsor and that's Lynda.com.com is an easy and affordable way to learn you can instantly stream thousands of courses credit by experts in the fields of business software web development graphic design audio and lots and lots more weight to me lest they have an enormous library of tiles to choose from with new courses and every day to make sure the library is both relevant and up-to-date they work directly with experts from many different industries and software development company is to provide timely training often the exact same day the newest release of the software you're interested in becomes available so that you know you've got the latest information the moment you're most likely to need is nothing like your home-made tutorial videos that you might find a new tube that might tell you a little snippet an index buried somewhere deep inside that you really need to know Lynda.com make high-quality easy to follow and well indexed video tutorials with transcripts broken down the easily searchable sections the bite-size pieces approach makes it really easy to stop and pick up where you left off whenever you need to you can learn at your own pace in your own way and in your own time and when you complete beginner with no knowledge all about a given subject or if you burn the early concert is of a moderate or even advanced years and is looking to brush up on the latest version of the software's features welding.com has courses that spent the entire range of experience you can learn on the go as well since Lynda.com has iPhone iPad and android apps they also support playlists and they provide certificate is evidence when you complete a course and if you're on LinkedIn you can even publish those those certificates to your profile so many many years ago I left windows behind and I switched to a Mac and I've gotten's I got I started out with violin.com Tiger the basics in a follow-up with La Leopard new features in central training are the following year when lavender came out and I was eight years ago and Lynda been around for a while before then so they're not a new thing they've been around for a while for a very good reason more recently I've been looking at our Logic Pro X and is a new version I just released today someone to go and check that out shortly to see what are the new stuff and add to that art which is a huge amount of information broken down into easily manageable chunks as help me a lot in learning how to edit this podcast with new software so maybe getting the pages numbers are keynote now they think up in the ISA nicely of continuity in hand often all that are but maybe to scratching the surface of what is possible willing to.com's got all the training you need so that you can get the most out of those apps or perhaps if you're an office 365 is the same deal for word Excel PowerPoint courses in WordPress photoshop Google drives Google sites SCO fundamentals are met there really is something there for everyone but what is it worthwhile for one low monthly price of $25 you get completely unlimited access to over 100,000 video tutorials in the Lynda.com library however premium members with an annual plan can download because their iPhones iPad or android devices and watch them off-line premium play members can also download the project files and practice along with the instructor now been talking to look with Lynda.com now for a while and I've enjoyed their content on offer years and I'm really happy to be able to provide pragmatic listeners with a special offer to access all of their courses for free for 10 days all you have to do to take advantage of that is visit Lynda.com/pragmatic to try it free for 10 days so visit LY NDA.com/pragmatic to take advantage of that thank you again to Lynda.com for sponsoring pragmatic NFC now we talked about RFID is an all NFC is is an umbrella term of which RFID is in fact the correct name of the actual technology that is used and of course to add confusion to all of this each of the major players in the game in the banking industry just had to call it something different then they so let's see which ones you know which ones you don't I start with the American ones I've never heard of because you stand a better chance of knowing what they are we reckon cool Sam stacking the deck in your favour right now that's sad and meaningfully okay discover card what I call it the Discover group okay they call their contactless payments are technology records it up at our American Express they call it what I don't know that even the core express pay which is a really unimaginative American Express express pay, keep showing housing better than that anyway whatever MasterCard they call its they do not know pay pass and the other big one is Visa and Visa call it pay weight on the dollar value you have contacts very often then I guess but our Nima swipe swipe swipe and a swiping God and so Apple every time I tried to use the back with a first-order criminality and work unaided up swiping and eventually just abandon the attempt to tap the thing in nature swipe I actually hate it when there's other like for example Gloria Jean's arm needs is an Australian thing gloried and I'm sure there are other retail runnable have this thing though they have a store card that has NFC and is well so the store card my credit card and they have a reader at the front that reads the store card but it looks just the same as a point of sale terminal for pay pass pay wave and sign right so you go up there with the credit card and you try swipe it and is not working and you what you keep tapping and swipe you like you wave in front and nothing is happening and you feeling like this is broken is my card busted and the like old I'm sorry that's for a store card okay fine while he is my card so we can do the tap thingy on your epos terminal your pulse terminal right interact with your call on we don't support that we only have swipe what we only have triple pen are so you've got this NFC fear store card which you don't have NSC on your points out some of my credit card great ridiculous so Apple water Apple calling their heirs Apple pay one great anyway and yes that's a yes the Queen Apple backplate doesn't matter what you call it it's all there will using NFC but the pay wave pay pass zip express payable pay systems whether different is how they managed tokens how they manage encryption how they manage you know who gets paid what fraction of what you know and having a terminal that supports pay wave pay pass Apple pay it simply means well if I if I'm using that technology it this terminal will understand it but you are using pay wave obviously it will go back through Visa system using pay pass ago backfire MasterCard system and Apple pays a bit more complicated insofar as it will piggyback on you either of those they have agreements with different banks and sort of like its outer layer over the top as it were bridges which is fine I guess I don't really want to go into too much of the detail of the agreements between the because frankly I'm really not interested be honest there are certain things that I really don't care about and frankly I really care about that stuff so I'm sorry arm there's a bunch of other podcast of coverage are covered in dark if you really want to know that stuff then I suggest you listen to them so all right in-store arm how it works with an NFC card so I got a credit card is an NFC chip built into it what I do I walk up to the terminal they punch in the numbers about how much it's gonna cost and they present the terminal to you or if it's their adjacency on the counter use and behold the car up in front of it usually is a bunch of LED bars the like 234 of them and or one big large bar that was lights up on some of the beeps at you hopefully goes green green is generally good and I was final usually sale sign NASA, was approved on the arm on the LED LCD screen and you smile and you're happy they've taken your money and hopefully you get some goods or services for the money you have just given them and then hopefully everyone is happy and your buyers remorse or is not, coffee anyhow so bottom line is that's it again pre-straightforward now Apple pay works arm very similarly and at the moment we have no Apple watch but are we Apple pay comes up currently on your arm new brand-new iPads the iPad air to I think the ones the iPads got the touch ID and and of course you also have the ID on the iPhone six and 6+ are the touch ID coming involved there as well so you that's going to see built into it so I go and you do the Ya the NFC by behold the front of the terminal it comes up with a message that says arm yeah thumbprint and were all good or whatever your touch here to any good and touch touch there in a pays and you done right that's that's why our space to work right so it's not that much simpler in fact it's much the same as using NFC card except the difference is that help you don't need to Carney and then the theory goes you always have your phone on your anyone ice have your wallet on you therefore it's more convenient now the other watch it is in 100% clear I just I am a compass (the limit as other good reasons for doing so will get that that so it's not a percent clear at this point because all we've got is scraps and pieces of information but there's enough for us to discern that without a watch arm you put on your wrist you enter a pass code and then as long as the watch stays on your wrist you are then approved to use the Apple watch for Apple pay but the problem with that is that I think the watch needs to be within range of your phone that has the Apple pay credentials and night are and if you take off your wrist and you put it back on again you have to type that codeine again again once your phone is within range of a dozen like that sizzled enhancing going on the bit of the back-and-forth security to make sure that you know you are it is on your wrist or either a summons held a gun to your head and said he canna put the Apple watch on my wrist now when you find then range can you type in a password please and the eight-foot whatever reason I do that I directed to the Catalpa for four that that is a messier solution but also indeed so some astronomy the hatch and say hey I will shake hands back I borrow your arm your iPhone and set up the good work of the using your pulse I would suspect I don't I don't let some of this is speculative okay what I'm awake at anybody's hand off okay no no arms were Carlos in the making of this episode clearly okay moving on since so the point is that that's the idea is that you can then do the same thing with Apple watch but was not clear to me is that once you've approved it does that mean you can just wipe the watch in front of the terminal and you done then is no other variability so we're what I would I would hope or expect that there is some kind of arm how should I house I put that there is some kind of arm verification like you know you have to at least tap the screen you know what this some kind of even things are as they are. They are other delegates applicant were yet and I'm pretty sure that there would be and the regularly saved favourite peoples close as you walk by a new out the door exactly so that's it you have to prevent maybe a pass code but some kind of an acknowledgement from you the user and wearer of the date of the of the watch so and I just avoid having had touch ID on the watch but at the same time you know you have the convenience of the of the Apple pie system just wipe us go important okay so that's that's become what we know that that's half of what I want talk about later to hold that thought but the user choice before the transactions approves a critical point will come back to that so now we can get to the thing that started me thinking about is in the dam first place and that the whole Peppers of Y studies episode and three has a veneer now for frustrated with me to here go drive through air now think about that for a second think about drive-through now I this could get messy this could get messy again and I mentioned the loyalty of statewide somebody still riding a particular supermarket this year well I get the reason that this is a is problematic is that I was going last week I was going through drive-through hand I don't go through drive-through that often but I go through from time to time often enough to have this thought occurred to me let's pause on the drive-through what Connor drive-through isn't particularly relevant necessarily but think about where it started the first you drive-through like tollbooths and stuff you would hand the money to someone standing in tollbooth they would take the money give your change and open the gate you drive-through the guidelines are drive-through and that sort of went ought partly automated when they now had these that the plastic shoots or funnels whatever we just threw the coins in every separate out the coins knows quite separate a really cool program I'm reliably told by an old guy anyway so yay it sorted into different some different slots and weights and figures out how much money you've given it and then it says yes give me enough and a habit you if you can throw the money to hand money out of a window you could drop the money okay that could go wrong and that happened to me on more than one occasion so that's not a good result so obviously then you go to E tags just like Dell touch take things little plastic table knob on the end of it like a steel arm knob in the end you would push that against the terminal as you go past yarn that was like a precursor to decide why those for a few years now because of went about our drive-through is in the sense of like a McDonald's well you know you don't throw money at the window and a coin collector should a file is always headed to a person or at least that's always been my experience someone will have a little fun offer donation to change you know but the whole idea is that you've got money going from inside the car across the gap to a person in a window and is possible to drop that money and is a pain in the neck so arm touch take notwithstanding now moved to the credit cards or debit cards with the magnetic strip on so all that stuff now mine hanging in the car they take the card they do what they could do that they have the card back sometimes your sign something which is the good old-fashioned way dominant or it's a pin numbers that they push this thing out the winning at punch and a pin number and an accord isn't long enough for the causal stretchy and it's all been stretched too far and then when a contract that stretches back in on itself the twists of up to a big knot and then the next time you done next hundred time you try and do it then the knotting is so bad you can't untie untangled citrine untangled secondary to sing out the window to the to the customer try to pay and it won't go and it's not up to badly and you want talk about right I guess that sucks right entering a pin number hand listing into someone's card and is on's car window I that's that's that's a bad experience so NSC seems like a good idea because what it means is I can now arm have a terminal which is much easier to reach I can move over slightly close the car they don't punch a pin number in my coordination necessary really Disney just put a cart up in front of you done or now were going to NSC in a smart phone I hold the phone up to it always got an Apple watch like a hold my Apple watch up to a could not but in theory but what side I've wearing my wrist on my wrist watch on what wrist to my wearing it on to traditionally the left hardly did did that hang on is it really because the tradition as I understand it is that wearing a wrist watch it's worn on the wrist that is non-dominant well and I guess it's just a side effect of the fact that the majority of the population is right-handed are yes so because I'm me and this is the sort of stuff to go through my head unfortunately is 10% of the worlds population I did a bit of checking on this are approximately 10% are left-handed okay now then let's think about the side of the car you're on okay because the cider car that you're on the side of the car were here in America when you drive on the correct side of the road you're on the left-hand side is called the right hand side of the road not the correct side of the road logistically about that but anyhow okay fine I am forced to drive on the side of the road that I'm forced to drive on and there is nothing I can do about that so let's not dwell much too much but you raise a good point so what the centre was population drive on the right hand side of the road not to correct the right-hand side you know the percentage I do not okay will I do because I looked it up 65% I would not be surprised to find out that we here in America are unique to the fact that no no no you're not yet know America actually algorithm and are large continental areas are dry drive on the right hand side of the road at 65% of the world's population live in countries that drive the right inside the well so you are in the majority and I'm in the minority never percentages are very different if you cover the amount of kilometres of road that are or miles of road or furlongs of road I guess purchase whatever the distances of road the length of road of right-hand drive countries are is that it is even more skewed towards right-hand drive but that's only because a lot of the countries that drive the right-hand side are somehow more roads built so that's not really fair it's really fair about which format risks and wristwatches that would your basin population to 65% it was population live in the right-hand live in a country drive on the right-hand side 10% of the world's people are left-handed so if you assume that 80% of the people that wear a watch whereon the non-dominant risk is you gotta think that 1/5 people were on the other hand or something like that Go they percent to the majority people but not all will wear their rest on their non-dominant hand okay so if we figure this out we have two bad combinations the bad combinations therefore are the people have to reach their arm across from the opposite side to the drive-through that the risk that Apple pushes on in order to reach across to get the NSC scanner those the people and a curse this because if you take it off your wrist you've just obviated the hot you just cancel that right which case there is no point so what okay back operations are left-handed people in right-hand drive countries and right-handed people in left-hand drive countries were guess what I'm in a left-hand drive country and I'm right-handed summer watches on my left hand so was on the wrong side of the dam drive-through is net so I figured well you know what I wonder what that works out to it works out to 30.4% approximately of the world's population that drive a vehicle through drive-through are going to have this problem so just under 1/3 way interesting is that so I remember that I would have speculated well it's yet you can add both combinations in right so here's the thing all of that presupposes that a day drive a vehicle for starters hence necessitating one of necessitating that even okay let so they drive a vehicle or the other then the next thing is that the other food or drink they wish to purchase arm has a means to purchase that involves a drive-through and that they have a drive-through that they can locally access with the vehicle that they have so what's people don't have a car lots of people live in places where they don't do drive-through it's true right there a place that is on inventory where you can't find drive-through historically and say become a more recent thing so anyway are it also assumes that they are lazy enough that they would go through drive-through rather getting out of the car and walking in this other advantages to walking in some people say I don't you to do drive-through men if you list the lethal weapon you know that wonder what was Leah get sacred is the a faith you at the drive-through of a of the drive-through is my best Leah gets voice so you save your member that line so yes so promptly one Prince won't go through tribalism may be one of those people and of course that all presupposes that it also is that the NSC payment method is even supported in that drive-through and that if the method involves Apple pay and that you have an Apple watch and that your iPhone or iPad also supports Apple pie as well so if you meet all of those conditions that subset of that 3430.4% may end up being significantly smaller a lot smaller but it's all about ratios and percentages out and it all seems in the uneven distribution of all those things and while Barbara Abiola but it's I don't access it was irresolvable and I don't know the number is to give any numbers that don't actually give you an idea of the number is I just know that is greater than zero people I am one data point Lego so they go arm excellent so now it's a little bit about stealing and I don't mean like physical stealing I mean about stealing arm credit card information via NSC but before we do like to about a second sponsor of this episode and that is once again our friends at many tricks the many tricks they are great software development Company says apps do you guessed it many tricks like their name suggests in their apps include Butler chemo Leach desktop curtain time sink Usher Moon name angler and which and is a new one they're working on too which is cool but will want to mallet at let's see this so much talk about each app but will touch on this forum so let's start with which you think that which is a supercharger view command plus tab app switcher which is great for arm and is very popular with ex-Windows users like myself never got 34 door documents open at once in any one out then which is beautifully simple pop up quickly lets you pick exactly the one you are looking for now name angler if that's a got a whole bunch of files you need to rename quickly and efficiently in huge numbers will name angler can extract meta data from the files used to rename those files a search replaced as well spreading stage renaming sequences and if you mess it up you can just revert back to when you started and have another go Moon I use it every day it makes it so easy to move any of the windows to whatever positions you want a screen harvest corners and edges fractions of the screen and then you can even save and recall your favourite window configure arrangements with a special auto arrange feature when you connect and disconnect your external displays it really is awesome I love Usher you can access any video store and iTunes aperture iPhoto on any connected hard drives on your Mac allowing you to easily group sought tag and organise them in one app if you're still parrying a flipper Mac there is no need to convert anything to an iTunes format to watch so if you've got a video collection that scattered across different programs in different drives while like I have then Usher can help you straighten it all out in one place is for their great apps are still five more of you to check out the novel on the way all of those apps have free trials you can download from many tricks all one word.com/pragmatic and you can try them out before you buy them there are also available to buy from their respective pages or through the Mac App Store if you prefer but if you visit that URL yes they've extended this offer once again the pragmatic business you take advantage of a special discount out of all their apps simply use the code pragmatic 25 that's pragmatic the word and 25 the numbers in the discount code box and a shopping cart you receive 25% off all of their any of their apps this offer is only available to pragmatic lessons for a limited time so please take advantage of it while you can once again thank you so much to many tricks for condemn continued support of pragmatic okay I cells in a circle back to stealing information why satin specifically called out that the go that's what I was alluding to so have you ever heard of people saying NSC is less secure than magnetic stripes because you can read from a distance and you can have your credit card details stolen without you even knowing have you had that what I have heard from others about that year while list I thought it might just be interesting before we wrap this up talk about that quickly stealing NSC card information well so here's the idea if you had a scanner arm and NSC scanner you should be able to if you are within 40 to 50 mm which is now 1/2 to 2 inches away from the card you should be able to scan information just like a legitimate terminal and use that information to make purchases now that's sorta easy if the other person you're trying to steal it from a standing upwards in the hip pocket or if the if there is an visible bulge in their clothing that is most likely a wallet or purse or something yea it's probably possible to get away that sites are packed in my computer a packed train a robust summary public words now it's not obvious you walk up to someone and grabbed an NFC reader up against their ask that you notice excuse me Sir please stop rubbing up your NFC reader against my bite thank you anyway arm but seriously arm note it's gonna be it is possible it has been done and the court the question is though do you have anything have much to fear from that the thing is there is one feature that contactless cards do offer a security feature the traditional cards the magnetic strip don't and can't that's because they have a microchip built into them as they provide a one-time CVB code with every scan and that it's essentially the rolling code and that rolling code can only be used for one transaction is in the next transaction so when you query a card it gives you the current transaction code were once that transaction is put through with that code that code is been used any need a fresh code that is generated in a fit in the correct sequence in order for pain subsequent transaction and because the code is uniquely generated and is a rolling code you can't predict what the next code will be unless you go back to the card and query it again so essentially what you're up up for is if I'm standing around in a crowd and someone is able to read my card information and they are able to decrypt it and they are able to take that CVB code are as long as they use that information before I use that card again than they are able to extract value from my card so it's true it can be done however if for example I use the card first and I beat them to the punch that bank will then see their attempted transaction and will instantly know orbs the same has been used more than once it'll disable the card and set off all sorts of alarm bells and trained ninjas from the bank will come and hunt them down in to Take them something Axel yeah I know parallel low rent these days is better than my yeah well you know my mate doesn't have any training that injures one time they they they nicely suspended my card because they thought they were struggling card activity and they didn't bother to tell me that they suspended by card conflict but there is fraudulent activity and it actually did turn out that there was fraudulent activity so in the end they was grateful for that but I wasn't so grateful when I guard an email from the cell phone company about my RLP payment that they had set up onset card was declined to hear was it the ninjas what they need to have a coffee break a smoke break every now and then to so they just were busy at that point I couldn't help you but the point is that alarm bells will go off so the first stumbling block is that most of these cards of contactless payments have a fixed limit and I think the universal limit in Australia releases $100 per transaction I've heard that a similar amount in North America believe failure you so you exceed that they can say not need the pin number and a lot of people said either whole that obviates then the whole advantage of doing anything the first place trying to waive manner and to the whole point of NSC was to make small fast small of a fast payments more quickly if you're making a transaction if you're making a transaction I'm that's got a dollar value of two $300 chances are you buying groceries are you buying more expensive while not you can hang around for another 10 to 15 seconds and punch the pin number for your own safety because 100 or limit basically means that the maximum these people are gonna be a get out your card without rereading a second time so that it's really a saving you from being ripped off and screwed for more than $100 pop okay so I think that's perfectly reasonable in time we might see that value increased certainly as encryption improves so our inner ultimately though in order for it to be an effective scam are it needs to work like this the people that the persons that are that are performing a scan really need to have someone remote so someone locally to scan the card information person-to-person in a crowded area and then someone and transmit the data someone remote and that then person remotely then runs through a bunch of $99.99 transactions are using those card numbers that have just been lifted and is doing all of that are together stringing together to a bunch of purchases that can be really difficult is gonna limit how much you can actually purchase with you limited bunch of small transactions and that's beyond the capabilities of most credit card scammers you know was certainly there will be some that would do it certainly is a possibility but honestly it's can be difficult and that presupposes you know that you actually can get a terminal that can scan these cards and can break the encryption so here's the next the next problem so you actually gonna need an authorised terminal that can decrypt the information is information going across the is encrypted now banks have introduced end-to-end encryption in more recent times so it's even harder to break that because a mean SCSI it's getting incrementally more difficult but I think the final stumbling block to all of this is the idea of I now have to have a touch ID authorisation or I need to have a tap on the screen on my Apple what I've read the code in and some arrest in order to say yes I'm good to go because that is the final kick in the pants because it means that the transaction simply cannot go ahead without your okay using apple pie so let's assume that you don't carry credit card anymore you we have is your iPhone or your Apple watchers and my dad all spores apple pie there is now no way scam can extract information that they need and even if they could extract that there is no way they could initiate transaction without your touch ID without your input at that moment of transaction so just think how can they do that apart from stealing your iPhone is the only option left and frankly if they stole your credit card you be in the same freedmen same problem right you Davis go. Shop until 99999 sent transaction that they do and couldn't and wouldn't stop them so you never gonna be protected against theft but you can be protect pretty much as protected as you can get and it's you in many ways it's better than other than that because it prevents the scheming problem right so the skimmer card with the pin number is a problem because they get your pin number and they skim the numbers in your vulnerable until you cancel the card as this way only available for the next transaction and that's assuming that they can decrypt information as you moved apple pie you just taken off the table is located read the data and I can't initiate transaction unless you initiate soap or they can offer for YOUR forearm yes without hatchet you mentioning yes your hatchet and arm severing fixation state disturbed me but I do you go to that you are actually enrolling on axe murderer you're like a limb Sabra which is a step up from the step down from a backs manner there little and had several limbs have seven limbs in the manufacturing making this broadcast good excellent soap before we wrap this up and call another accorded day is one last thing or two about and that is forget Apple pay forget arm and our Google wallet or any other mechanisms that are building season finds let's say you've got the card right now that has NSC built into it and you are protected from being skimmed there are people make these wallets or inserts for your card you can store them in that supposedly protect them from being skimmed scanned for Flickr fairly well like a Faraday white yes some people in call and that and I refer you back to episode one Faraday cage of this forecast why talk about Faraday cages of the named episode in fact so the idea is you put a conductive arm material and completely encompass a device that conducts our electronic radiation and by killing the electric field you are killing the magnetic field and hence no electronic wave propagates this therefore means that it is not possible for you to extract the data from RFID chip if you are contained within a Faraday cage the problem is that for a Faraday cage to be perfect or frequencies has to be solid for it to be perfect at most frequencies has to be a mesh but has to be continuous mash and has to be sealed correctly now I learned what very early on when I was doing testing idea I done MIM CER compliance testing previously in my career and you learn very quickly in the okay chamber if you haven't got a correctly sealed plates on the device you are testing because you will get leakage from these things so and that's when is a radio source inside them so anyway what's the point the point is that many of the ones you buy will not protect you to a reasonable degree the ones that are solid metal keep inside a solid box yet that'll work but here's the pole is the question that that that puzzles me that protects your bands are being accidentally read ways in the box stuff take it out of the box to use so you still vulnerable in that time. However you are significantly less vulnerable because you're physically handling the card and is far more obvious a summons image that close to your notice you and most of us will still just handed off to a waiter at that they can completely disagree with it that's a North American thing and that's not as I yes it is dull practice not the way it is done he handing over a credit card here is just weird might you will it should be wearied here to play split companies become practice because I guess is my things that make the transactions pleasant as possible for the customer because it's all a bit so we targeted I think covers with tipping a little bit of what few episodes back armoire talked about some sales and stuff in working retail right we talked about this so arm is one of those things are in a in a straying in in cultures outside the United States handing over your credit card to a stranger and trusting them with it is sort of considered to be a little bit insane and we generally would not do that so we would go up the touch the counter we would pay at the counter arm now that we would do all they'll bring a more became more prevalent these days is doubling the point-of-sale terminals you like they do in Apple Store and there are some restaurants will do that now would lead to those which are mentioned in the previous episode yet exact I refer you to that and that absent so only should you do it should you not do it you protect your cards something even safe fried in the microwave three seconds is good but don't offer five because you'll make the car explode my car well it doesn't sound very reliable to me so pass but no I would be shoving my my card in the microwave know and I would be bothering to put it out in a protective shell because AI don't take a protective shield and feel particularly comfortable shop in my pocket and secondly I don't think the ones that I'm going to get a gonna be that good anyway where are the well is already three quarters of an inch thick visitors are you very much Ronnie they gave me a thought's comments criticisms things in far one mention I think we covered a pretty good Dragon to negotiate show they are and how many minutes when a designer may be spent now bigger than a short dish further if you want to warrant this in reach me on Twitter at John Geagea and you can check out my writing in this podcast another sidebar made hosted my site to exhaustion.com this brand spanking new are brand-new layout if you got in touch with our vehicles and persuading them they convey me on Twitter at because it won't excellent and that you also make a point customarily I do that will be our story podcast indeed and recently just who is your last guest was someone like Greg Pearce from graphs yes that's right good episode I really enjoy doing that is what my favourite amps it was a pleasure every month you are not just saying this because my co-host on the showboat farm and honestly are that episode was very very interesting to him talk about dancing the next call back your roster so I think as I currently got ready and if you'd like this any feedback please feedback from the website and the pragmatic piping makes a decision announcements and other related stuff and I liked also are finally thanked out to sponsors of this episode are firstly thank our little.com sponsoring our if there's anything you'd like to learn about and you're looking for an easy and affordable way to Loma Linda.com can help you out instantly string thousands of fields of business software development graphic design and lots and kickstart your New Year and challenges of something new visit LY NDA.com/pragmatic to get a free 10 day trial something for everyone waiting for also like to thank many supporters show you're looking for some Mac software that can do many tricks remember specifically with this URL many tricks all one word.com/pragmatic more information about their amazingly useful and using discount code pragmatic 25 to 5 numbers save 25% of the total price of your hurry is only for a minute make sure you check them out everybody and don't forget the T-shirt 11 they are available now so go grab one way can guarantee that we doing this again so chance and our thanks again everyone for listening and thank you as always you will catch you next week not physically because that would have made a joke before recycling my jokes because what's come to only low yes and it is downhill from our visible my good jokes that of course presupposes I have had projects to start with which is not necessarily the case all this talk was, says only a short show where 50 minutes in I thought about making a joke when you sell it but the players are becoming Syracuse and you said you think you can clip it out I will be offended�
Duration 1 hour, 8 minutes and 37 seconds Direct Download

Show Notes

Related TechDistortion Articles:

T-Shirt Direct Link:

Previous Pragmatic Episode Links:

Related Links:


Lynda.com: Lynda.com is the easy and affordable way to learn where you can instantly stream thousands of courses created by experts in their fields of business, software, web development, graphic design and lots more. Visit the URL below to get a free 10-day trial. If you’ve ever wanted to learn something new, what are you waiting for? Visit lynda.com/pragmatic to learn more.


SUBSCRIBE PREMIUM* PATREON BREAKER
*Premium subscriptions are ad-free, released early and have back-catalogues of previous episodes
SUPPORT PATREON PAYPAL ME
CONTACT FEEDBACK FEDIVERSE TWITTER
SUBSCRIBE RSS ITUNES SPOTIFY GOOGLE PLAY STITCHER IHEART RADIO TUNEIN RADIO OVERCAST POCKETCASTS CASTRO

People

Vic Hudson

Vic Hudson

Vic is the host of the App Story Podcast and is the developer behind Money Pilot for iOS.

John Chidgey

John Chidgey

John is an Electrical, Instrumentation and Control Systems Engineer, programmer, podcaster and runs TechDistortion and the Engineered Network. John has produced and appeared on many podcasts as well as Pragmatic.

What Happened to Mastodon? You can reach me on the Fediverse as explained here, just search for me on your instance of Mastodon, Misskey or Pleroma and you’ll be able to follow/remote follow me wherever you are!