Blink Goes Your Credit

A number of credit card companies have started embedding RFID (radio frequency) chips in credit cards so they can be read over the air without having to swipe the cards at a terminal. The advantage to these credit card companies is that paying with a credit card becomes faster.

The risk to individuals is that your private information usually retained on the card may now be transmitted over the air and readable by someone with the right technology. Some banks encrypt the data. Some don't. You can read more about the risk here and here. Some people like the technology. Some don't. I don't want it in my credit card.

Citibank makes RFID an option for its customers. You have to specifically request the technology if you are comfortable with it.

What does Chase bank do with it's Blink branded RFID chip? It ships it without your request when your card is up for renewal. Chase includes a pamphlet that says the card now has 'blink!'. I bet that many Chase customers don't know they have Blink and don't know what it does.

Would Chase make a customer whole if someone stole their id off a Blink card and used their credit? I'm not waiting to find out.

If Chase doesn't replace my credit card with a non-Blink version, I'll resort to a drill or punch press to get that chip out. Click on the image below for a video on how one guy removed his RFID chip from his credit card.



Chase is a company acting badly for assuming I want technology in my wallet that is broadcasting my credit card information.

Boo to Dotblu

I've recently received two emails like the one in this image:



They both imply that there's some secret important message from a trusted source just awaiting my signing up for their service. Both of my friends who sent them, indicated that they were unaware until too late that Dotblu had retrieved their entire address book and sent this message.

Why did my friends sign up? They were trying to read a "private message" stored at Dotblu that one of their friends had sent. Sound like automated 'chain mail'?

It gets messier if you should click through... don't! Just delete.
(click to enlarge)



What happened to the secret message? Now there's some gift awaiting me. Here's where my friends got in trouble and should have hit manual instead of their address book (click to enlarge).



If you should happen to sign up (don't!) you will get this page.



The gift? A digital image of a cheap car that's not yet for sale to use on your profile at a site you never heard of before.

No mention of a private message from your friend. And if you click on the envelope icon...



That's right. What started as an email telling you to retrieve a private message from a trusted friend has you sign up at a betting site and there's no email to be found. Boo to Dotblu. Another Company Acting Badly.

Countrywide - Not On Your Side

Let's see if I'm on this list...

Countrywide's IT security was so loose that an employee was able to take 20,000 customer records off-site each week for two years and sell that data. That's roughly 2 million + customers whose identity is at risk. You can read more about the story here and here.

What's Countrywide's response? Per the article: "Countrywide, which is now a division of Bank of America, is analyzing the stolen data to determine whether any customer identities have been compromised. If they have, the company says it will notify the customers, according to a statement from the FBI."

Now that's priceless. Same shxx different company.

How will Countrywide know if the most recent credit card was taken out by me or someone pretending to be me? Instead of notifying all 2 million customers that due to Countrywide's lack of controls their identity is at risk, Countrywide will make a sole analysis and determination of who gets informed.

No Labor at Work in New York

Tried again to reach the folks at the New York State Unemployment office. Same deal. Six plus minutes of working through menus to then be hung up on.