Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
The Almighty Buck Communications Privacy Security Wireless Networking News Technology Games Hardware Science

Olympic Athletes To Sport Visa's New Payment Ring In Rio (engadget.com) 129

An anonymous reader writes from a report via Engadget: Visa is introducing a new ring at the Olympic Games in Rio that will let people pay for things by waving their hand -- no phone, wallet, or battery is needed. The ring, which has yet to be named, features a secure microchip from Gemalto, and an embedded antenna. It is crafted of black or white ceramic, as metal would interfere with the antenna. There will be 20 sizes available during its trial run where it will be available exclusively for employees and partners, as well as the 45 athletes sponsored by Visa. The athletes inspired the creation of the ring, as wallets and typical wearables can be an annoyance to them when they're constantly changing uniforms. The ring is even fit for Olympic swimmers, as it is water resistant up to 50 meters. It never needs to be charged since it draws a tiny amount of power from the payment terminal and transmits far less data than Apple Pay or Android Pay. As for security, the ring can be deactivated from a smartphone, and thanks to tokenization, sensitive data is replaced by a digital identifier that can be used to process payments, so thieves won't be able to use it. There has been some controversy surrounding the Olympic Games in Rio de Janeiro. Some doctors have warned that the games could spark a "full-blow public health disaster" with the spread of the Zika virus.
This discussion has been archived. No new comments can be posted.

Olympic Athletes To Sport Visa's New Payment Ring In Rio

Comments Filter:
  • Have they even finished building the stadiums yet??

    • I'd be willing to bet that those are separate teams.
  • One ring to rule them all

  • Only 50m (Score:5, Funny)

    by C3lt ( 3644813 ) on Friday June 03, 2016 @04:20PM (#52245077)
    Unfortunately it is only "water resistant up to 50 meters" and most Olympic swimming events involve swimming more than a single length of the pool.
    • by ihtoit ( 3393327 )

      WR50m is a standard mark on equipment suited to surface swimming. For snorkelling or inshore SCUBA diving, the mark to look for is WR200m.

      What the claim here basically means is that aside from the corrosive effects of chlorine, which is a moot point since the ring is made from glazed ceramic (which is chemically inert), you could do lap after lap wearing this thing and it won't or shouldn't come to any harm.

      • by Macdude ( 23507 )

        Hey, look way over there. It's the joke you missed.

        • There is no rule that stupid jokes based on pretending to misunderstand something need to be taken as intended. It is perfectly reasonable to instead look down on the idiot who thinks it is "funny."

          The funnier part is that you thought people misunderstood the joke. No, they're explaining why it is so stupid. And you missed that, and accused them of missing it. Talk about "d'oh!"

          It is up to the person telling the joke to be funny, it is not up to the reader to laugh. Sneering or derping are also expected rea

      • WR50m is a standard mark on equipment suited to surface swimming. For snorkelling

        You can't snorkle in Brazil. Turds get stuck in the tube.

  • Hey buddy, give me a high-five! Missed! Ha ha, you paid for my groceries.

  • barcode (Score:5, Interesting)

    by Orgasmatron ( 8103 ) on Friday June 03, 2016 @04:22PM (#52245095)

    So, this is a fancy RFID tag then? Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?

    Ooh, future.

    • by jopsen ( 885607 )

      So, this is a fancy RFID tag then? Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?

      Ooh, future.

      Don't be surprised if it turns out this thing does one-time-tokens or something like that... Meaning the thief will have to shake your hand and use the token immediately.

      • Without a battery?

        • by LiENUS ( 207736 )

          Draws power from the payment terminal like existing wireless payment systems. It's existing tech Visa just put it in a ring.

          • Draws power from the payment terminal like existing wireless payment systems. It's existing tech Visa just put it in a ring.

            I don't think a ring can carry a large enough antenna to draw power from the terminal, but power requirements are very low, so you could power it from a battery built into the ring for quite a long time. Months at least, if not years.

            • by LiENUS ( 207736 )

              I don't think a ring can carry a large enough antenna to draw power from the terminal

              http://nfcring.com// [nfcring.com] Those draw power from nfc terminals.
              Wireless payments are done via NFC, they just use one time tokens. Old tech been around quite some time. They inject them into animals even.

              • I don't think a ring can carry a large enough antenna to draw power from the terminal

                http://nfcring.com// [nfcring.com] Those draw power from nfc terminals. Wireless payments are done via NFC, they just use one time tokens. Old tech been around quite some time. They inject them into animals even.

                NFC (which is a mobile phone technology) is actually a combination of two protocols, contactless smart cards, which use a variant of the T=1 protocol to communicate between a smart chip and a terminal, and RFID, which in which the tags have no processing power. RFID tags have very low power requirements and can operate with a tiny antenna.

                Those NFC rings you linked are just passive RFID tags that transmit a fixed code when powered by a field. They don't contain a microprocessor, and couldn't get enough po

                • by LiENUS ( 207736 )

                  but doing so requires a larger antenna (roughly the size of a credit card, conveniently enough).

                  You should look into the yubikey neo. They're significantly smaller than a credit card and include nfc as well as usb connectivity for u2f. Powered passively by the reader.

                  • but doing so requires a larger antenna (roughly the size of a credit card, conveniently enough).

                    You should look into the yubikey neo. They're significantly smaller than a credit card and include nfc as well as usb connectivity for u2f. Powered passively by the reader.

                    Duh. I have some of them. Somehow I never bothered to think about how they could work with such small antennas. I'll have to ask the Yubikey engineers next time I talk to them.

                    • by LiENUS ( 207736 )

                      It's a moo point, according to visa this is doing full tokenization and not just a dumb serial number. The trick is antenna orientation not size You kind of do an awkward fist bump ensuring the ring makes an O facing the terminal otherwise its unreliable at best.

                • by LiENUS ( 207736 )

                  Ah here we are

                  For many consumers, part of the hesitation to embrace new technologies surrounds security, or their perception anyway that these solutions are somehow less safe. For its part, the Visa payment ring prototype takes advantage of “tokenization” technology similar to what is used in the Apple Watch. A unique digital identifier is used to process payments without exposing actual account details on the ring itself.

                  Source: http://www.usatoday.com/story/tech/columnist/baig/2016/06/02/visa-shows-ring-olympians-can-use-pay-rio/85308242// [usatoday.com]

                  So according to visa they do in fact contain a microprocessor and according to the videos they work with standard terminals using the standard contactless payment methods.

      • by Anonymous Coward

        So what you're saying is, there's a local area token ring handshake vulnerability?

    • So, this is a fancy RFID tag then? Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?

      Ooh, future.

      Precisely. Just a (admittedly clever) repackaging of the same ol' SAW (Surface Acoustic Wave) technology that has been around since the late 1970s.

      Also means that Visa gets to be in the middle of all those transactions...

    • In the future, everything is chrome.

    • So, this is a fancy RFID tag then? Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?

      More likely it's a contactless smart card, which means it has a microprocessor and does a cryptographic exchange with the terminal. This has been doable for many years. In fact, I did a consulting gig with a company making such a ring about 15 years ago. It was going to revolutionize payments, of course.

      In all seriousness, once we get fully transitioned to contactless payment, it really opens up the options for the payment form factors. I still think NFC (in your mobile phone) will be the most convenient

    • It's a contactless EMV card without the plastic.
      http://www.smartcardalliance.o... [smartcardalliance.org]

      Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?

      So yeah, more complicated than that. It's also *possible* that it's contactless MSD, which is essentially reading MSR data at a distance, but I'm guessing it's EMV since the latter is extremely insecure.

    • As far as I can tell from the different reports it's the same paywave chip as used in credit cards, just repackaged in a ceramic ring.
  • by Anonymous Coward
    Seriously, what's the deal with BeauHD and his penchant for adding a completely non-sequitur comment to submitted topics?
    • I came here specifically to say this. It's cluttering bullshit that doesn't belong there. Might as well have linked to a story about the bus service in Brazil.

      For a brief moment when Slashdot changed hands, I thought we might be on to a winner. But no, here we are suffering a fate worse than Dice. Just pure unadulterated shite on the back of promises to sort stuff out. We don't REALLY care about UTF8 that much, what we DO care about is the integrity (hah) of the news and information provided. It's what we c

  • in a partnership with Zika
  • The company who supplies SIM cards for all the carriers and is rumored to be compromised by the NSA and GCHQ... sign me up...

  • Unless they took your smartphone also when they robbed you...

    Which is why ApplePay still is far more secure, if the Apple watch leaves your wrist no-one is using ApplePay from it, or if you lose your phone they cannot use ApplePay without being able to use the fingerprint reader.

    • by spire3661 ( 1038968 ) on Friday June 03, 2016 @04:41PM (#52245257) Journal
      Banking is based on TRUST, not massive security (at the consumer level). Apple Pay is just a fancy credit card, its not 'secure' in any way that really matters. Dont put too much stock in any one implementation, its mostly a dog and pony show. Back end detection is so sensitive now that i sometimes get locked out of my account if i buy things out of my normal pattern.
      • Apple Pay is way more secure than a credit card in two ways:

        1) The merchant is only getting a one time token to record, so if their payment databases are hacked you have not had your CC info leaked. This reason alone is why I use ApplePay whenever possible, including for large purchases like AirBnB rentals.

        2) As mentioned there's the whole "secure element" aspect of the hardware to deal with. Someone stealing your device CANNOT use it without you unlocking it for them. If someone steals a CC they can use

    • by jopsen ( 885607 )

      if you lose your phone they cannot use ApplePay without being able to use the fingerprint reader

      Fingerprints are good for keeping you kids from buying stuff, but won't stop a motivated attacker any more than a pin code...
      But right now, anything other than stupid credit cards with numbers you can read and use online, is super safer because attackers always target the weakest sheep.

      • by mark-t ( 151149 )

        The only way even a very motivated hacker can get your pin code is if he can convince you or otherwise trick you into giving it to him. There is no foolproof way to convince people or trick people into doing what you want, however.

        Pin is ultimately the most secure identification because it cannot be stolen, unlike any kind of physical object, and in the unfortunate event of a security breach, can be easily changed to mitigate future damages, unlike biometrics.

        • The ring is much worse than a credit card. They would have to get your wallet to get to a credit card, getting a ring off someone is much easier, and you can do so without them noticing easily. Then it's off to a few vendors until the ring stops working.

          • by mark-t ( 151149 )
            Getting a ring off of a person also requires taking it past the first knuckle, which on many people will cause some level of discomfort as a ring is removed, although it can still definitely be done. However, there is no possible way to remove it without them noticing unless the subject's fingers are numb.
    • or if you lose your phone they cannot use ApplePay without being able to use the fingerprint reader.

      All the more reason to saw off your hand. That's not a good thing.

  • Not so fast, buddy [ap.org]

    Jun 3, 1:31 PM EDT

    UN ASKING EXPERT PANEL TO ASSESS ZIKA RISK AT RIO OLYMPICS
    BY MARIA CHENG
    AP MEDICAL WRITER

    OLYMPICS NEWS

    LONDON (AP) -- The World Health Organization's chief says she will convene an expert committee to consider whether the Rio de Janeiro Summer Olympics should proceed as planned, following concerns raised about the threat of the Zika virus.

    In a request last month, U.S. Senator Jeanne Shaheen asked WHO Director-General Dr. Margaret Chan to evaluate whether the Rio games this year should be delayed or postponed. Chan said in a letter released by Shaheen on Friday that WHO has sent senior scientists to Brazil four times to assess the risk of Zika to the approximately 500,000 athletes and visitors expected to attend the Aug. 5-21 games in Brazil.

    Follow the linky for the rest of the story.

  • A talented pickpocket can get your wallet, phone, wristwatch, and the rings off your fingers, and you'll never even know it.

    Is there a PIN that you need to use with this ring? Or is it literally single-factor authentication, and as soon as someone divests you of it, they can go nuts with it until it gets deactivated?

    On a less serious note, are sex workers in Rio going to have payment terminals compatible with this by the time the athletes arrive? That'll be the most common use for athlete's dollars, I'd t
    • On a tin-foil-hat conspiratorial note, anyone else wonder if someone has weaponized Zika and seeded the world with carrier mosquitos, to create an extinction-level event for the human race? Thought's occurred to me..

      That would be more "fun" with Ebola than Zika. AFAIK, Zika isn't immediately deadly like Ebola.

      I think you have to wait a generation to see the REAL deleterious effects of Zika.

      • by sconeu ( 64226 )

        On a tin-foil-hat conspiratorial note, anyone else wonder if someone has weaponized Zika and seeded the world with carrier mosquitos, to create an extinction-level event for the human race? Thought's occurred to me.

        That would be more "fun" with Ebola than Zika. AFAIK, Zika isn't immediately deadly like Ebola.

        Tom Clancy already did it [wikipedia.org].

      • I think you have to wait a generation to see the REAL deleterious effects of Zika.

        Sure, that would be the selling point of weaponizing something like Zika: the damage isn't immediate, it takes a while for it to start being noticed. By then it's too late to really stop it. If Zika was in fact weaponized then that's the point we're at now: it probably can't be stopped, and the damage will be widespread.

    • by tlhIngan ( 30335 )

      Is there a PIN that you need to use with this ring? Or is it literally single-factor authentication, and as soon as someone divests you of it, they can go nuts with it until it gets deactivated?

      On a less serious note, are sex workers in Rio going to have payment terminals compatible with this by the time the athletes arrive? That'll be the most common use for athlete's dollars, I'd think. XD

      On a tin-foil-hat conspiratorial note, anyone else wonder if someone has weaponized Zika and seeded the world with car

  • The real problem is the air and water contamination. Zika will be the convenient diversion to cover it up

    • No, the real problem is the widespread corruption and embezzling of funds. That's why the stadiums are behind schedule, why the air and water hasn't been cleaned up like it was supposed to be, and why they can't seem to afford a comprehensive mosquito-control program.

  • "features a secure microchip from Gemalto,"

    Yeah, okay. Who wants to bet one of these rings is hacked within 24 hours of the opening ceremony? I'll give it 72 hours, at most.

  • Perhaps you mean full-blown?

  • $50 max liability still in place?

  • ...because taking your credit card out just takes TOO DAMNED LONG! What if there's something else you need to buy in another place and you're WASTING 3.5 seconds fiddling with your credit card here?

  • There will be 20 sizes available during its trial run where it will be available exclusively for employees and partners

    Let me guess:

    Three Rings for the Elven-kings under the sky,
    Seven for the Dwarf-lords in their halls of stone,
    Nine for Mortal Men doomed to die,
    One for the Dark Lord on his dark throne
    In the Land of Mordor where the Shadows lie.

  • Sounds incredibly easy to steal, so not for use by general public...
  • This is about it. All the rest is marketing bullshit. I have something like that in my MasterCard. Most insecure thing you can imagine.

    It is for smaller payments, Wave the card and you paid. All you need now is a portable reader and get all the monies.

    Reminds me that I need to figure out how to disable it, because it is sooo insecure.

    • This is about it. All the rest is marketing bullshit. I have something like that in my MasterCard. Most insecure thing you can imagine.

      Contactless MSD is insecure. Contactless EMV is more secure. Like all smart cards you can't just read the card data and clone it to another card. A payment requires a secure handshake between the card and terminal.

  • Visa: buy shit easier.

  • How much of a kickback is the IOC chairman getting? Because everything about the Olympics involves money and scandals and payoffs of some sort. I can't believe that VISA would stupid enough to introduce something like a new payment system at the Olympics of all places - the absolute epitome of dirty money, scandal ridden events.

    I mean seriously, is this some sort of joke? So future Olympic bribes can now be conducted using the VISA payment ring...untraceable, discreet, no more bulky envelopes in a dark alle

  • This should help the athletes pay for the drugs they'll need to deal with all the loathsome diseases they'll get from swimming in sewage, drinking sewage, and being feedbags for mosquitoes infected with everything from malaria to zika virus to some freakin' disease we've never heard of that makes your eyeballs melt and your bowels erupt through your mouth.

All laws are simulations of reality. -- John C. Lilly

Working...