Original URL: http://www.theregister.co.uk/2012/08/24/something_for_the_weekend_mobile_payments/

Mr Bank Manager, help yourself to my smartphone contents

Bend over for a thorough digital rogering

By Alistair Dabbs

Posted in Phones, 24th August 2012 11:00 GMT

Something for the Weekend, Sir? Hacking through the 1,100 press releases waiting for me upon my return from vacation has been a daunting task and has, as yet, revealed few surprises. Once I disposed of the misdirected (“I thought you might be interested in a case study from Golfbreaks.com...”) and semi-literate (“Hi hope your well?”) missives, most of the remainder appear to be anticipated product launch updates and scores of less-than-fascinating VP appointments.

To be fair, August is a challenging month for selling anything other than flipflops. Not to worry, though: the computer silly season begins shortly, with lots of appropriately gadgety products being announced, specifically targeting shut-ins and Johnny-no-mates in the run-up to Christmas. Note how Apple prefers to launch iPhones during this period.

One press release that did stand out was one about LevelUp, an American pay-by-phone ‘innovator’. It initially stood out because of its striking lack of newsworthiness.

NFC applications

Big in Japan: NFC everywhere

I am not criticising LevelUp for entering the market for smartphone-based payment transaction systems or for trying to publicise itself as a fairly new startup business during the traditional summer lull. What grabbed my attention was the implication that the concept of till transactions by mobile phone was new and that fulfilment products were just around the corner.

Any visitor to Japan over the last few years is likely to have witnessed teenagers paying for things in shops with their mobile handsets already. Perhaps “just around the corner” is a literal geographic expression by which American ‘innovators’ mean “head across the Pacific ocean and turn left when you see the China coast”. In fact, there are heaps of these products in the West too, ready and working today, from Google Wallet to Quick Tap.

But what singled out the LevelUp announcement for me was the worrying blind acceptance of its inevitability. We’ve been phasing out handwritten cheques in favour of credit cards, and now we’re sleepwalking past contactless credit card transactions straight to contactless mobile handset transactions. It’s all very gadgety and sci-fi, sure, but it’s also utter madness.

Google Wallet

Welcome to the Bank of Google: here, interest takes on a whole new meaning

I want to believe that contactless transactions are secure but please forgive me for having doubts about the security effectiveness of all banking systems, and much more so when communication is sent wirelessly to a half-broken shop till staffed by a 16-year-old casual who couldn’t care whether you dropped your phone or dropped dead.

The ghost in the machine

Apparently, I’m not alone in my paranoia. Back in Japan, where public-use RFID devices have been mainstream for longer than here, there’s an episode of the bonkers Japanese teen anime Sayonara, Zetsubo Sensei in which the eponymous main character expresses concern that passing his wallet over an RFID reader at the automated exit gates of his train station might allow hi-tech yakuza to scam all the credit cards in his wallet at the same time. This episode dates from 2007 - Japan’s been biting its fingernails over this for at least five years already.

Talking of anime, fans of the Ghost in the Shell sci-fi films and TV series will be familiar with the process by which the characters with cyberbrains can hold conversations remotely over the air but, when security is important, they connect brains by old-fashioned cable. Otherwise, as the clip above suggests, you metaphorically risk punching yourself in the face.

It’s not just me, Major Motoko and suidical Japanese schoolteachers, either: there appears to be a rapidly growing market in the West for metallic ‘RFID-shielded’ (so the claim goes) credit card wallets. The manufacturers would like you to believe that touchless cards can be hacked through your trouser pocket by digital thieves brushing past you in the street or when crushed against you on public transport. Is this really any more unlikely than the elaborate scams involving cash dispenser machines?

Flipside RFID-shielded wallet

It all seemed such a good idea at the time... er, Flipside Wallet RFID shielding, anyone?

Look, the entire system of currency and exchange is based on trust, and we seem to be hell-bent on handing that trust to organisations who have been proven time and time again to be thoroughly untrustworthy. It’s bad enough that we have to deal with serial offenders such as the banks, but now we’re about to entrust our personal finances to mobile phone operators too. Come on, these guys can barely keep their own phone networks up and running, let alone secure from hacking by tabloid journalists, and you want to give them unchecked access to your current account?

Once your phone data and bank details are hacked simultaneously, you’ll be shafted by everyone from Russian gangsters to Nigerian scammers before lunchtime. If we’re going to drop our digital trousers, bend over and spread our digital butt-cheeks to the world, we shouldn’t be surprised to find ourselves being ruthlessly rogered. ®

Alistair DabbsAlistair Dabbs is a freelance technology tart, juggling IT journalism, editorial training and digital publishing. He would like to live in a carefree world of wireless but, unfortunately, there are bad people around. Some of them have even been known not to work for banks or mobile phone companies.