One would hope that such devices *could not operate* unless there was a secure connection.
I have more fundamental concerns: what would prevent the creation of a validation device that was completely functional but managed to copy and transmit the credit card information? What would keep an unscrupulous restraunt manager or waiter from substituting such a device? For that matter, what would keep an unscrupulous customer from swapping a trojan horse wireless validater widget while the waiter wasn't looking?
AFAICT, any system which counts on the secrecy of a number is simply problematic today. Challenge/response systems are the only way to go:
- The vendor sends the details of the transaction: your credit card number (which is no longer sacrosanct), the vendor's account number, and the amount of the transaction. Optionally, there could be a customer-supplied number shipped up for the customer's own tracking of transactions. These are sent to a centralized validation authority.
- The validation authority issues a challenge code for this transaction.
- The customer enters the code in their personal validation card which generates the response code. The customer manually enters the validation code; the vendor relays the validation code to the centralized authority and the transaction is validated.
The personal validation card would be protected with a PIN and biometrics.
AFAICT, having such a system would eliminate a massive amount of fraud. Besides using the card for validating transactions, any alteration of my credit information: applying for a new "credit card", change of address, etc. would require exactly the same validation.
--phil