boklm's weblog: Why I don't like credit cards

October 05, 2004 1:33 AM

Why I don't like credit cards

Yesterday (Sunday) I thought about this. I really don't like credit cards : It is not secure at all. When you want to give money to someone, you have to insert your card and enter your key on his computer. You have to trust him for not stealing your key code and card number. And you don't really know how much money he takes. On the internet this is the same, when you give you card number to someone, he can take all the money he wants from your account. Also, who really knows what a credit card is made of ? They don't want to tell us how everything work (security throught obscurity). You have to trust something, but have no proof that it's working (actually some had proof that it's not, but got in trouble for this). And it's not flexible at all.
I hope that some day all of this will be replaced by a pgp key (or equivalent). Everybody has a public and a private key. When you want to open an account at the bank, you give them your email (which is like an id) and your pgp public key. Then you save your private and public key on your PDA. When someone ask you some money, you plug your PDA to his computer (it's also possible with a remote computer throught the internet for exemple). Then his computer sends to your PDA a message like "give $100 to me@me.com". Your PDA display the message, then if you accept, it will sign a message like "I give $100 to me@me.com" and send it back to the other computer. But of course, your private key always stay inside, and there is no way that someone could steal it when you plug your PDA somewhere (if there is no hole in the softwares of course). You gave him a signed message, then when that someone brings it to your bank, they will take the money from your account. That way, you can control the hardware and software that will sign your messages and allow you to identify.
And maybe everything will use this. For exemple when you want to take the train, you buy a ticket, but instead of giving you a paper, they give you a signed message. Or they just rememeber you and ask you to sign or decrypt a message when you enter the train as a proof that it's really you.

Anyway, it's time to go to sleep now :)

Posted by boklm | Categories: Not Interesting