Radio Frequency Identification, or RFID, is nothing new. A small piece of metal or a microchip reacts to a weak radio signal, and information is communicated through a computer system based on the response it gives. (The industry term is "Near Field Communication", or NFC, but you may hear them called "blink" cards, too.) Stores have been using them for years to control inventory and reduce shoplifting. Vets have been using them to locate lost pet owners. Libraries have been using them to track their books. High school kids have been using them to play practical jokes on their friends.
And identity thieves have been using the technology to get your credit card information.
Technology to the Rescue?
The FTC has reported for years that only a small percentage of identity theft happens online. Yet, most people believe technology is the root of identity theft. The cast of villains is impressive – hackers, spammers, spoofers, phishers, shoulder-surfers, etc. The problem has far more to do with companies that collect your payment information (credit card number, etc.) than eBay, online banking or bill payment systems. When a would-be identity thief wants to beef up her inventory of stolen information, she knows if she gets onto your computer, she may get a bank account number or two, maybe even a credit card number. But if she hacks into a credit card payment processing center, she'll get millions. So the real threat is to business owners who handle this information. Statistically speaking, you'll be eaten by a shark before your home computer will be hacked by an identity thief.
Now technology is stepping up to the plate to take a swing at the identity theft problem. The question has always been, "How do I make a credit purchase without giving away my identity?" (That was where we came up with credit cards in the first place, right?) Now that credit cards have become personal information as well, we need to hide those, too.
Or, maybe just get rid of the card completely? The credit card has become an icon of a promise to pay. But all a "vendor" is concerned with is getting paid, when push-comes-to-shove. Or maybe "push-comes-to-pull".
Push-Me Pull-Ya
In a "pull" transaction you give a vendor your banking information. The agreement is that she will take the money from your bank account in the amount of your purchase. She'll usually keep the information on file until the transaction has processed, 2-3 business days. There are various laws that tell her how long she can keep the information, how she must get rid of it, etc.
The problem has been that merchants aren't always following the laws. Information may be kept longer than necessary, may not be watched properly, might be hacked, or any number of other things. This is the biggest reason it is impossible to stop identity theft – you don't have control of your personal information.
In a "push" transaction, the only thing the merchant has is a computer response: "Approve" or "Decline". All of the banking information is stored on a secure server, which communicates directly with your bank. One advantage to this set-up is that the transaction is instantaneous, or "real-time". The merchant will have the money in their account instantly. The transaction is over, no reason to keep any information at all. Your receipt comes in the form of a text message. (No one's brought up the subject of returns, yet.)
This can go a long way toward combating identity theft. Meyer Malka, founder and co-CEO of Bling Nation, says their encrypted RFID chips only work with their point-of-sales device. For a few thousand dollars a bank can get set up on their network. Your bank can then give you an RFID tag (a sticky patch with a metal coil on it) which you put on the back of your cell phone. There's not even a card with numbers printed on it.
And most importantly, if a would-be identity thief gets your RFID number, they only have part of the information they need to cash in on it.
A nice benefit with the system is you can choose to spend reward-points instead, if you participate in a points program with your bank. (Since the communication between the terminal and server is "real-time", your next Starbucks® could be free.) Being able to offer this to customers will no doubt appeal to business owners.
