Olympic Athletes To Sport Visa's New Payment Ring In Rio (engadget.com) 129
An anonymous reader writes from a report via Engadget: Visa is introducing a new ring at the Olympic Games in Rio that will let people pay for things by waving their hand -- no phone, wallet, or battery is needed. The ring, which has yet to be named, features a secure microchip from Gemalto, and an embedded antenna. It is crafted of black or white ceramic, as metal would interfere with the antenna. There will be 20 sizes available during its trial run where it will be available exclusively for employees and partners, as well as the 45 athletes sponsored by Visa. The athletes inspired the creation of the ring, as wallets and typical wearables can be an annoyance to them when they're constantly changing uniforms. The ring is even fit for Olympic swimmers, as it is water resistant up to 50 meters. It never needs to be charged since it draws a tiny amount of power from the payment terminal and transmits far less data than Apple Pay or Android Pay. As for security, the ring can be deactivated from a smartphone, and thanks to tokenization, sensitive data is replaced by a digital identifier that can be used to process payments, so thieves won't be able to use it. There has been some controversy surrounding the Olympic Games in Rio de Janeiro. Some doctors have warned that the games could spark a "full-blow public health disaster" with the spread of the Zika virus.
Re: (Score:3)
Let's see you keep a wallet with cash in your Olympic sized Speedo while you're between races.
On second thought, no... Let's not see that. Helluva way to start a weekend...
Re: Solution looking for a problem (Score:2, Insightful)
Where exactly would Olympic swimmers be going to buy things between races? Also what would they be buying?
Re: (Score:2)
Where exactly would Olympic swimmers be going to buy things between races? Also what would they be buying?
Steroids, of course!
Re: (Score:2)
Re: Solution looking for a problem (Score:4, Insightful)
Condoms. The Olympics are basically a two-week orgy which is why Zika is going to be a problem.
Re: (Score:2)
Re: (Score:2)
Where exactly would Olympic swimmers be going to buy things between races? Also what would they be buying?
Antibiotics?
Re:Solution looking for a problem (Score:5, Funny)
Let's see you keep a wallet with cash in your Olympic sized Speedo while you're between races.
Depending on how large the available rings, male swimmers could carry them *in* their Speedo -- though waving it at or plunking it down on the pos-terminal may be problematic. No word yet on whether Visa will be offering a version of the ring suitable for piercings.
Re: (Score:2)
Wait, I think you may be onto something here. How about a VisaPay cock ring? Kills two birds with one stone. Keeps you tumescent and let's you breeze through checkout! You just have to bump your junk at the kiosk. Maybe a VisaPay Prince Albert?
For women, they could make a VisaPay IUD.
Visa, you can contact me if you're interested in my concept. Actually, it's probably better than you don't contact me. Just go ahead and use them.
Re: (Score:2)
It could be a great boon for prostitutes too. They just need to get the PayPussy installed and they can charge by the stroke!
Re: (Score:2)
Apple already holds the patents on a similar product for male prostitutes.
Re: (Score:2)
sir, I think you are referring to the famed iprod (tm)
Re: (Score:2)
For women, they could make a VisaPay IUD.
Hella fun extracting a payment there!
Re: (Score:1)
Depending on how large the available rings, male swimmers could carry them *in* their Speedo -- though waving it at or plunking it down on the pos-terminal may be problematic.
Yeah, no kidding. You'd be worrying about more than just the spread of the Zika virus.
Plus the SJW's would be getting all pissed off and we'd need nipple rings for the women, or strap ons, or something.
Never mind new-fangled cashless payment (Score:2)
Have they even finished building the stadiums yet??
Re: (Score:2)
Re: (Score:2)
Have they even finished building the stadiums yet??
Matter of fact, yes. It's all prepared.
Y'all clean up the open sewers that are your shores?
Re: (Score:2)
By "prepared" he meant, "this is as good as it gets, this is Olympics third-world pandemic version."
In a normal year, I might share concerns about open sewers. But with zika? That's a minor concern.
Re: (Score:2)
By "prepared" he meant, "this is as good as it gets, this is Olympics third-world pandemic version."
In a normal year, I might share concerns about open sewers. But with zika? That's a minor concern.
Why so many people put so much stock into a corrupt proceedings as the Olympics, I don't know. I'd at least suggest that they take all of the athletes to some islan to quarantine them for a few months after it is over.
http://www.sportsonearth.com/a... [sportsonearth.com]
http://deadspin.com/5919183/a-... [deadspin.com]
https://www.techdirt.com/artic... [techdirt.com]
A long time ago, I watched them, but darn it, it's sleaze greed and bribes from beginning to end.
I'm pretty certain that they'd hold it among the corium in the Chernobyl reactor if pa
Re: (Score:2)
I'd at least suggest that they take all of the athletes to some islan to quarantine them for a few months after it is over.
There are only a few athletes. There will be 500,000 tourists. We might need to just leave them there, and quarantine Brazil.
Re: (Score:2)
I'd at least suggest that they take all of the athletes to some islan to quarantine them for a few months after it is over.
There are only a few athletes. There will be 500,000 tourists. We might need to just leave them there, and quarantine Brazil.
You're right - I forgot about the tourists. Garr, I don't think this is going to end well.
Re: (Score:2)
Only 50m (Score:5, Funny)
Re: Only 50m (Score:5, Funny)
I don't think that's what it means. That refers to the static test pressure for new devices, not a swimming distance.
What's "Whoosh" in Portuguese?
Re: (Score:3)
WR50m is a standard mark on equipment suited to surface swimming. For snorkelling or inshore SCUBA diving, the mark to look for is WR200m.
What the claim here basically means is that aside from the corrosive effects of chlorine, which is a moot point since the ring is made from glazed ceramic (which is chemically inert), you could do lap after lap wearing this thing and it won't or shouldn't come to any harm.
Re: (Score:2)
Hey, look way over there. It's the joke you missed.
Re: (Score:2)
There is no rule that stupid jokes based on pretending to misunderstand something need to be taken as intended. It is perfectly reasonable to instead look down on the idiot who thinks it is "funny."
The funnier part is that you thought people misunderstood the joke. No, they're explaining why it is so stupid. And you missed that, and accused them of missing it. Talk about "d'oh!"
It is up to the person telling the joke to be funny, it is not up to the reader to laugh. Sneering or derping are also expected rea
Re: (Score:2)
WR50m is a standard mark on equipment suited to surface swimming. For snorkelling
You can't snorkle in Brazil. Turds get stuck in the tube.
Re: (Score:2)
I guess that means it should be "10-50m" instead of "up to 50m."
Re: (Score:2)
well played.
Three rings within range of a terminal - who pays? (Score:1)
Hey buddy, give me a high-five! Missed! Ha ha, you paid for my groceries.
barcode (Score:5, Interesting)
So, this is a fancy RFID tag then? Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?
Ooh, future.
Re: (Score:2)
So, this is a fancy RFID tag then? Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?
Ooh, future.
Don't be surprised if it turns out this thing does one-time-tokens or something like that... Meaning the thief will have to shake your hand and use the token immediately.
Re: (Score:2)
Without a battery?
Re: (Score:1)
Draws power from the payment terminal like existing wireless payment systems. It's existing tech Visa just put it in a ring.
Re: (Score:2)
Draws power from the payment terminal like existing wireless payment systems. It's existing tech Visa just put it in a ring.
I don't think a ring can carry a large enough antenna to draw power from the terminal, but power requirements are very low, so you could power it from a battery built into the ring for quite a long time. Months at least, if not years.
Re: (Score:1)
I don't think a ring can carry a large enough antenna to draw power from the terminal
http://nfcring.com// [nfcring.com] Those draw power from nfc terminals.
Wireless payments are done via NFC, they just use one time tokens. Old tech been around quite some time. They inject them into animals even.
Re: (Score:3)
I don't think a ring can carry a large enough antenna to draw power from the terminal
http://nfcring.com// [nfcring.com] Those draw power from nfc terminals. Wireless payments are done via NFC, they just use one time tokens. Old tech been around quite some time. They inject them into animals even.
NFC (which is a mobile phone technology) is actually a combination of two protocols, contactless smart cards, which use a variant of the T=1 protocol to communicate between a smart chip and a terminal, and RFID, which in which the tags have no processing power. RFID tags have very low power requirements and can operate with a tiny antenna.
Those NFC rings you linked are just passive RFID tags that transmit a fixed code when powered by a field. They don't contain a microprocessor, and couldn't get enough po
Re: (Score:1)
but doing so requires a larger antenna (roughly the size of a credit card, conveniently enough).
You should look into the yubikey neo. They're significantly smaller than a credit card and include nfc as well as usb connectivity for u2f. Powered passively by the reader.
Re: (Score:2)
but doing so requires a larger antenna (roughly the size of a credit card, conveniently enough).
You should look into the yubikey neo. They're significantly smaller than a credit card and include nfc as well as usb connectivity for u2f. Powered passively by the reader.
Duh. I have some of them. Somehow I never bothered to think about how they could work with such small antennas. I'll have to ask the Yubikey engineers next time I talk to them.
Re: (Score:1)
It's a moo point, according to visa this is doing full tokenization and not just a dumb serial number. The trick is antenna orientation not size You kind of do an awkward fist bump ensuring the ring makes an O facing the terminal otherwise its unreliable at best.
Re: (Score:1)
Ah here we are
For many consumers, part of the hesitation to embrace new technologies surrounds security, or their perception anyway that these solutions are somehow less safe. For its part, the Visa payment ring prototype takes advantage of “tokenization” technology similar to what is used in the Apple Watch. A unique digital identifier is used to process payments without exposing actual account details on the ring itself.
Source: http://www.usatoday.com/story/tech/columnist/baig/2016/06/02/visa-shows-ring-olympians-can-use-pay-rio/85308242// [usatoday.com]
So according to visa they do in fact contain a microprocessor and according to the videos they work with standard terminals using the standard contactless payment methods.
Re: (Score:1)
So what you're saying is, there's a local area token ring handshake vulnerability?
Re: (Score:2)
So, this is a fancy RFID tag then? Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?
Ooh, future.
Precisely. Just a (admittedly clever) repackaging of the same ol' SAW (Surface Acoustic Wave) technology that has been around since the late 1970s.
Also means that Visa gets to be in the middle of all those transactions...
Re: (Score:2)
In the future, everything is chrome.
Re: (Score:2)
So, this is a fancy RFID tag then? Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?
More likely it's a contactless smart card, which means it has a microprocessor and does a cryptographic exchange with the terminal. This has been doable for many years. In fact, I did a consulting gig with a company making such a ring about 15 years ago. It was going to revolutionize payments, of course.
In all seriousness, once we get fully transitioned to contactless payment, it really opens up the options for the payment form factors. I still think NFC (in your mobile phone) will be the most convenient
Re: (Score:2)
It's a contactless EMV card without the plastic.
http://www.smartcardalliance.o... [smartcardalliance.org]
Basically, you wave your radio-barcode through the induction field and the payment terminal then goes online using the ring's serial number instead of your credit card number?
So yeah, more complicated than that. It's also *possible* that it's contactless MSD, which is essentially reading MSR data at a distance, but I'm guessing it's EMV since the latter is extremely insecure.
Re: (Score:2)
And now for something completely different (Score:1)
Re: (Score:2)
I've almost 100% moved to Ars for tech news now. At least there's an article to read. I still come here to follow the comments, but it's less and less all the time.
Any other suggestions for decent nerd news?
Re: (Score:2)
I came here specifically to say this. It's cluttering bullshit that doesn't belong there. Might as well have linked to a story about the bus service in Brazil.
For a brief moment when Slashdot changed hands, I thought we might be on to a winner. But no, here we are suffering a fate worse than Dice. Just pure unadulterated shite on the back of promises to sort stuff out. We don't REALLY care about UTF8 that much, what we DO care about is the integrity (hah) of the news and information provided. It's what we c
Re: (Score:2)
I like the idea that it can be instantly deactivated, and it should be easy to allow for more fine grained access control. I
So, you REALLY want your car to have to do a wireless (cellular) internet transaction before it will let you in, while the three thugs walking up the street get closer, ever closer?
No thanks. I'll continue to stick my physical key into the physical door lock, thank you. MUCH quicker, and nothing to sniff out of the air (considering the (laughable) "security" of the common Microchip KEELOQ protocol used in about ALL of the wireless key-fobs for cars, I NEVER use my keyfob to UNlock my car door. EVER).
Re: (Score:2)
t's very possible to provide adequate security that is protected against snooping.
Oh, I know.
The reason I know that KEELOQ is such a joke is that I developed a keyless entry system for delivery trucks (think "UPS"). After researching KEELOQ, which was the easiest path to victory (the place I was doing this for was a BIG Microchip house), I decided to use AES-128 instead (there are actually some PICs that have hardware AES-128 encryption engines, saving me the trouble of getting that working (and hoping I didn't introduce any vulnerabilities)).
Worked great, and was MUCH more secure th
Sponsored by Visa (Score:2)
You had me at Gemalto (Score:2)
The company who supplies SIM cards for all the carriers and is rumored to be compromised by the NSA and GCHQ... sign me up...
Re: You had me at Gemalto (Score:2)
Re: (Score:2)
Hot presentation at DefCon 25: hacking those rings
"can be deactivated using a smartphone" (Score:2)
Unless they took your smartphone also when they robbed you...
Which is why ApplePay still is far more secure, if the Apple watch leaves your wrist no-one is using ApplePay from it, or if you lose your phone they cannot use ApplePay without being able to use the fingerprint reader.
Re:"can be deactivated using a smartphone" (Score:4, Informative)
It is more secure, by far, in two ways (Score:2)
Apple Pay is way more secure than a credit card in two ways:
1) The merchant is only getting a one time token to record, so if their payment databases are hacked you have not had your CC info leaked. This reason alone is why I use ApplePay whenever possible, including for large purchases like AirBnB rentals.
2) As mentioned there's the whole "secure element" aspect of the hardware to deal with. Someone stealing your device CANNOT use it without you unlocking it for them. If someone steals a CC they can use
Re: (Score:2)
if you lose your phone they cannot use ApplePay without being able to use the fingerprint reader
Fingerprints are good for keeping you kids from buying stuff, but won't stop a motivated attacker any more than a pin code...
But right now, anything other than stupid credit cards with numbers you can read and use online, is super safer because attackers always target the weakest sheep.
Re: (Score:2)
The only way even a very motivated hacker can get your pin code is if he can convince you or otherwise trick you into giving it to him. There is no foolproof way to convince people or trick people into doing what you want, however.
Pin is ultimately the most secure identification because it cannot be stolen, unlike any kind of physical object, and in the unfortunate event of a security breach, can be easily changed to mitigate future damages, unlike biometrics.
Re: (Score:2)
The ring is much worse than a credit card. They would have to get your wallet to get to a credit card, getting a ring off someone is much easier, and you can do so without them noticing easily. Then it's off to a few vendors until the ring stops working.
Re: (Score:2)
Re: (Score:2)
or if you lose your phone they cannot use ApplePay without being able to use the fingerprint reader.
All the more reason to saw off your hand. That's not a good thing.
Re: (Score:2)
Make sure to get both, just in case.
UN asking whether to cancel Olympics (Score:3)
Jun 3, 1:31 PM EDT
UN ASKING EXPERT PANEL TO ASSESS ZIKA RISK AT RIO OLYMPICS
BY MARIA CHENG
AP MEDICAL WRITER
OLYMPICS NEWS
LONDON (AP) -- The World Health Organization's chief says she will convene an expert committee to consider whether the Rio de Janeiro Summer Olympics should proceed as planned, following concerns raised about the threat of the Zika virus.
In a request last month, U.S. Senator Jeanne Shaheen asked WHO Director-General Dr. Margaret Chan to evaluate whether the Rio games this year should be delayed or postponed. Chan said in a letter released by Shaheen on Friday that WHO has sent senior scientists to Brazil four times to assess the risk of Zika to the approximately 500,000 athletes and visitors expected to attend the Aug. 5-21 games in Brazil.
Follow the linky for the rest of the story.
No such thing as foolproof (Score:2)
Is there a PIN that you need to use with this ring? Or is it literally single-factor authentication, and as soon as someone divests you of it, they can go nuts with it until it gets deactivated?
On a less serious note, are sex workers in Rio going to have payment terminals compatible with this by the time the athletes arrive? That'll be the most common use for athlete's dollars, I'd t
Re: (Score:2)
On a tin-foil-hat conspiratorial note, anyone else wonder if someone has weaponized Zika and seeded the world with carrier mosquitos, to create an extinction-level event for the human race? Thought's occurred to me..
That would be more "fun" with Ebola than Zika. AFAIK, Zika isn't immediately deadly like Ebola.
I think you have to wait a generation to see the REAL deleterious effects of Zika.
Re: (Score:2)
Tom Clancy already did it [wikipedia.org].
Re: (Score:2)
I think you have to wait a generation to see the REAL deleterious effects of Zika.
Sure, that would be the selling point of weaponizing something like Zika: the damage isn't immediate, it takes a while for it to start being noticed. By then it's too late to really stop it. If Zika was in fact weaponized then that's the point we're at now: it probably can't be stopped, and the damage will be widespread.
Re: (Score:2)
They want to blame the Zika virus (Score:1)
The real problem is the air and water contamination. Zika will be the convenient diversion to cover it up
Re: (Score:2)
No, the real problem is the widespread corruption and embezzling of funds. That's why the stadiums are behind schedule, why the air and water hasn't been cleaned up like it was supposed to be, and why they can't seem to afford a comprehensive mosquito-control program.
Secure microchip (Score:1)
"features a secure microchip from Gemalto,"
Yeah, okay. Who wants to bet one of these rings is hacked within 24 hours of the opening ceremony? I'll give it 72 hours, at most.
Unless you've been smoking something (Score:2)
Perhaps you mean full-blown?
$50 max liability still in place? (Score:2)
$50 max liability still in place?
Why? (Score:2)
...because taking your credit card out just takes TOO DAMNED LONG! What if there's something else you need to buy in another place and you're WASTING 3.5 seconds fiddling with your credit card here?
Ash nazg durbatuluk (Score:2)
There will be 20 sizes available during its trial run where it will be available exclusively for employees and partners
Let me guess:
Three Rings for the Elven-kings under the sky,
Seven for the Dwarf-lords in their halls of stone,
Nine for Mortal Men doomed to die,
One for the Dark Lord on his dark throne
In the Land of Mordor where the Shadows lie.
Easy to steal? (Score:2)
Re: (Score:2)
Re: (Score:2)
This is about it. All the rest is marketing bullshit. I have something like that in my MasterCard. Most insecure thing you can imagine.
Contactless MSD is insecure. Contactless EMV is more secure. Like all smart cards you can't just read the card data and clone it to another card. A payment requires a secure handshake between the card and terminal.
Visa: buy shit easier. (Score:2)
Visa: buy shit easier.
Just one question... (Score:2)
How much of a kickback is the IOC chairman getting? Because everything about the Olympics involves money and scandals and payoffs of some sort. I can't believe that VISA would stupid enough to introduce something like a new payment system at the Olympics of all places - the absolute epitome of dirty money, scandal ridden events.
I mean seriously, is this some sort of joke? So future Olympic bribes can now be conducted using the VISA payment ring...untraceable, discreet, no more bulky envelopes in a dark alle
Great Idea (Score:2)
This should help the athletes pay for the drugs they'll need to deal with all the loathsome diseases they'll get from swimming in sewage, drinking sewage, and being feedbags for mosquitoes infected with everything from malaria to zika virus to some freakin' disease we've never heard of that makes your eyeballs melt and your bowels erupt through your mouth.