Comments on: Canadian Young Inventor Redefines Online Shopping With New Personal Payment Device

By: New Invention: The Personal Credit Card Reader for Online Shopping | How to New Invention: The Personal Credit Card Reader for Online Shopping video | HowTubely - How to Videos

Wed, 09 Jun 2010 18:32:20 +0000

[...] http://www.yourworldtoday.ca/2009/04/… [...]

By: ????-????? ??? ??????? ? ?????????

????-????? ??? ??????? ? ????????? — Tue, 15 Dec 2009 19:01:26 +0000

[...] ?? ?????????? YourWorldToday. [...]

By: issmat

issmat — Mon, 20 Apr 2009 21:55:10 +0000

Thanks for the correction, Dan! Perhaps a more accurate description of your long term plan is for SmartSwipe to replace existing payment gateways and become the number one preferred Payment Gateway, not eliminate the requirement for gateways altogether.

By: Daniel McCann

Daniel McCann — Mon, 20 Apr 2009 17:11:42 +0000

A slight correction to the article – we would actually still use a Payment Gateway, but in a non-traditional sense. Users and merchants would still benefit from the PCI compliance of the acquiring partner for the added security.

I believe Issmat is going to be doing a product review that can help provide answers to some of your concerns. We actually encrypt the card information in the reader device as you swipe. Credit card duplication is a non-issue because the output of the reader is encrypted and modulated for every transaction, so the card information isn’t available except to the receiving party.

“End user’s computers are not secure, and until people stop clicking ‘Ok’ on every box that pops up in front of them, they never will be.” – I couldn’t agree more. That’s precisely the reason we invented this product. Any solution which is reliant on the end user’s computer, no matter how “secure”, is susceptible to hackers, malware, etc.. That’s why we’ve taken the computer out of the equation. By encrypting the card information in an external device that isn’t accessible to hackers, malware, etc.. and keeping the information encrypted until it reaches its destination, we bypass all the vulnerabilities on the end user’s computer. Malware cannot target the device because it has no way to communicate with the device.

Hope that answers some of your questions. Feel free to fire back with any others.

By: Warf

Warf — Sun, 19 Apr 2009 19:03:41 +0000

Maybe I’m missing something, but this seems dangerous. Online payment gateways don’t simply take a slice of cash for nothing, they run highly secure environments that provide protection on the final leg of the journey (the connection between the gateway and the credit card company). This security provides credit card companies a measure of trust (see, for example, PCI Certification) because the environment in which the data is transmitted and stored conforms to guaranteed minimum security standards.

Removing the payment gateway means that the connection will be made directly between the user’s computer and the credit card company, and there’s literally hundreds of different ways that info from a swiped card could end up in the wrong hands. Not to mention that swiping a card through a magnetic reader gives you enough information to duplicate it (the info you type into a website merely gives you enough information to pass authorization checks). There could be a whole new breed of malware created to take advantage of these home-based card readers.

Magnetic readers work well in controlled environments like ATM machines and POS systems. End user’s computers are not secure, and until people stop clicking ‘Ok’ on every box that pops up in front of them, they never will be. It sounds to me like a lot of people would buy this product under the assumption that it will somehow help protect them against credit card fraud, when in reality it will probably just make it easier.