I'm disappointed that they didn't mention that this is hooked to an online service until you get well into their FAQ:
Maintaining the integrity of your Coin’s data is
critical to your peace of mind. That’s why our servers,
mobile apps and the Coin itself use 128-bit or 256-bit
encryption for all storage and communication (http and
bluetooth). Additionally Coin can alert you in the
event that you leave it somewhere.
If this were purely a hardware device and software than ran on my phone, I might be interested. Adding in an online service appears to add more points of failure, and more opportunity for yet another third party to snoop on my behavior. It would be nice if they described in more detail why this online service was necessary, what data was stored there, and what privacy protections they provide.
Also disappointing that it doesn't support chip and pin. Whenever I travel to the UK, I find that people are increasingly surprised by cards that don't have a chip, and need to fumble around trying to remember how to use the card reader; it would be nice if this would be an opportunity for me to get a chip and pin compatible card out of my mag stripe card to avoid that problem (though on reflection, it's likely that a mag stripe doesn't contain sufficient information to make a valid chip and pin card).
$100 for something that lasts for two years and solves only a minor annoyance seems a bit steep. I'm sure that there will be plenty of people who will buy it, but I don't know if I would find it worth the cost beyond the novelty value.
The cloud part concerns me just from a functionality point of view. Does it require internet connectivity just for basic operation? It doesn't seem totally clear. I would certainly hope not.
I hate to sound incredibly cynical, but this sounds like a perfect example of Silicon Valley fluff that will never become mainstream. They aren't even the first SV company to be working on this product.
You picked a valid point of concern (if Coin requires connectivity for basic operation), assumed the negative, and then used that assumption to denounce the company as "Silicon Valley fluff that will never become mainstream". Stylised: if A then shit -> I think A -> hence shit.
Q. What if I lose my phone?
A. When you pair your Coin with your phone, it is associated with your account and not that specific phone/device. If you lose your phone, it is possible to pair your Coin with your new phone after installing the Coin mobile app and signing in.
I think the online service has the potential to be the most valuable part of this whole product. All your transactions, across multiple accounts, tracked in one place allowing breakdowns of your spending and clarity on our outgoings. I also see a big win here for Coin, think Mint but with an opportunity to also suggest better products & services to spend your money on (since they'll know almost everything you're buying) - a marketer's dream.
Marketers already have access to all your purchases.
Your bank statement has ads. Your credit card issuer sells your transactions to their partners. Retailers sell your data to data processing companies. The three big scoring companies have access to all your key financial information - and they sell it back to you (in the form of credit score monitoring services), and to marketers. DSPs allow marketers to bid on impressions at a very precise level, based on which sites you visited yesterday.
Marketer's dreams were already fulfilled years ago. They have a more data than most can handle.
Coin can become the credit card of credit cards. They could offer financing, revolving credit, analytics (like Mint), and tons of other financial products based on credit history. These are a lot more interesting - and profitable - than selling ads (or data) to marketers.
It's an obvious idea, but (apparently) nicely executed. It's a perfect acquisition target for Square. Or Visa/MC/Amex.
> I think the online service has the potential to be the most valuable part of this whole product.
This is assumed to be from the user's point of view (rather than from the point of view of the company -- generating revenue -- or from an interested 3rd party).
Then you end with this:
> a marketer's dream
So is Coin targeting marketers, and the users are the product to be sold like so many other start-ups to come out of the Valley?
Super cool idea! but, terrible name choice, no one is ever going to call it just "Coin" they're gonna call it their "coin card". "Coin" is already slang for money in general like, "dough" or "clams" and is also already a form of money.
Do you have a coin?
I lost my coin.
Check out my coin.
I paid for that with coin.
Coin is so convenient.
I got rid of all my credit cards, I just use coin.
All of those will be "coin card" if this catches on.
Similarly, I have an account at Simple. And while it's a product I absolutely love it's hard to explain to people what I mean by "I do my banking online at Simple" or "I like simple because they charge no fees" It seems like I'm just being grammatically incorrect and I honestly feel like it contributes negatively to peoples perception of the company. Also search is a bitch when you've got such a crappy name.
I think one of the hardest things about having one would be convincing retailers you're not trying to somehow scam them. Especially in the case of loyalty cards. Sure I CAN load my card onto the Coin, but what is a merchant going to do when I pass them something strange that looks nothing like their card?
Often, a loyalty card is nothing but a piece of plastic with a number printed on it. For example, for airlines and hotels I just give them the number, they never need to see the card.
However, if you mean a gift card with pre-loaded money, things may be different, but then it'd probably be a similar reaction if you tried to use Coin instead of a proper debit/credit card?
I'm just thinking about the reaction I would get if I walked into my grocery store and handed them my Coin. I'm not sure they would take it. Debit and credit cards may be a problem too, although they're diverse enough that unfamiliarity is less of an issue. Plus, you can handle the card yourself in many transactions. Usually loyalty cards need to be given to the merchant.
This is potentially useful for the US market as chip/pin is very new to us and only recently rolled out via major banks this year (I literally just got my new Visa card with a chip). I can see how Europe is far ahead of the curve.
My initial questions/concerns are as follows:
Will this be usable in ATMs? I can't visibly tell if it's too wide to fit.
Is there any planned security functionality to lock the card via your paired mobile device? I'd like to be able to supply a password to unlock for a short period of time for usage.
1. Yes, it should be usable with ATMs without issue.
2. You cannot lock your coin with a password, but it will deactivate after it loses contact with a phone after a user-specified amount of time. In theory, I'd assume you can disable Bluetooth on your iPhone and it will effectively "lock" your Coin until it can pair with your device again.
That's a neat solution to the security problem also.
You go to the app on your phone and select the card you want. The coin will now function as that card for the next 5 minutes only. Otherwise, the coin is nothing.
Now even if your wallet is stolen, without your phone (+ unlock code, etc.) they don't have any of your cards!
1) This can already be done using a simple stripe reader.
2) Coin can identify, investigate and proactively block anyone who has more than the average number of cards, so Coin actually seems well positioned to reduce fraud. Also, Coin could identify that multiple Coin cards have the same credit/whatever cards on them and, the next day, prompt you to swipe your card again to confirm. [Provided that Coin uploads suitable data to its servers...] In fact, using a Coin card could be a signal to fraudsters not to commit fraud against your card.
Yes, credit card duplicators have been available for a long time, but the average minimum-wage worker doesn't know that. This changes the game -- kinda like how how the prevalence of high quality camera phones changed the game for sexting. You could do it before, but it happens a lot more now that it's so convenient and the technology is available to the masses.
You have to take pictures of the cards. I assume it would work similarly to how I can take photos of checks to deposit them where, within some tolerance, you have the check/card inside of a "frame" allowing the check to be read. Maybe they can also sort of OCR the card name and make sure it matches your own.
Just because I am using coins hardware doesn't necessarily mean I need to use their software. And if it does catch on in the main stream, I doubt many people will check to see if it is your card if a check actually exists.
Yes I really want to have a reprogrammable CC that I hand to a waiter NOT - Why not just have the fed mandate Chip and Pin after a certain date like Europe did.
Because it's not worth the cost. On the consumer side, chargebacks are easy. Credit card companies bear the brunt of the cost of fraud. They all have the incentive in the world to start rolling out chip and pin technology. The fact that they haven't probably demonstrates that the math doesn't work out.
It's actually the end merchant (seller) that bears the cost of fraud. So credit card companies have little incentive to fix this, beyond customer support costs.
Say you sell a camera to someone using a stolen credit card.
The real owner of the card gets his money back after doing a chargeback. The thief keeps the camera. The merchant loses a camera, the money, and gets a ding in his credit card merchant reputation.
I agree. It's a tricky problem. Chargebacks are really easy for the consumer - too easy. There has to be a happy medium, but I can't quite think what it is.
Bitcoin, on the other hand, is sided on the other extreme. The merchant has almost all the power. However, the merchant still has a reputation, which might be sufficient incentive.
Neither are airbags in cars, yet the government stepped in and made them mandatory.
> [Credit card companies] all have the incentive in the world to start rolling out chip and pin technology.
No, their incentive is to make sure people keep using credit cards.
They've done the math and concluded that the amount of user confusion resulting from chip and pin technology resulting in less credit card use is less than the cost of fraud. The fact that chip and pin works in Europe, and also that credit card processors still exist in Europe proves that implementing chip and pin isn't going to drive Visa and Mastercard out of business.
this testimony is from 1997, and even with mostly first generation airbags in play at that time it's still wrong.
They are even more effective at saving lives now, and many of the problems with passenger side airbags have now been alleviated.
saved lives = saved money (unless you're looking at cost-to-state of an entire life rather than cost-to-state for medical/funeral costs, but that's outside the scope of this)
Merchants bear the brunt of the cost of fraud. Credit card companies and consumers bear none. And as the credit card company oligopoly currently* has no viable replacement, merchants are stuck bearing the cost of fraud.
* the replacement will be when folks like Square, PayPal, etc grow large enough that merchants can replace credit card systems with them for a decent % of customers
Because chargebacks are relatively easy with credit cards and the merchant bank bears the cost of fraud. With Bitcoin, if you steals your coins, there's no way to undo that.
On top of that, there's all the convenience issues that plastic brings when out in the real world. Using bitcoin requires a computing device of some sort that's significantly less robust than Coin, a chip & pin card, or a piece of plastic.
it takes too long to confirm a transaction with bitcoin. Also the risk of having your bitcoins stolen is high - the reason credit cards exist is because reversible transactions are preferred to using cash. The credit card company acts as an escrow system.
I could imagine someone making a credit card that was denominated in bitcoin, but that would be a whole different technology stack than using raw bitcoins.
Because Bitcoin as a replacement for credit cards is currently just a pipe dream since less than 0.01% of people even know what it is, let alone have it. That plus its insane volatility is why it's only accepted by a handful of online merchants, mostly only for virtual goods and mostly just for show.
I assume it's easier in the sense that your waiter could add your card to his Coin, then immediately go buy a TV at the store with it. Not having to make a fake card or needing the address of the card holder to use it online.
As with some other people in cousins comments to your post, I think you may not realize that that attack is already perfectly feasible today. By "feasible" I mean real criminals already do this today, not merely that some academics hypothesize that it may be possible. It's all very off-the-shelf stuff. If you're worried about this attack, the solution isn't "don't use Coin someday in the future", it's "don't use anything with a magnetic strip, today".
Except that the CVV from the magstripe is missing - wich means ypu can only use the printed CNP CVV, ie. only use the card data for internet transactions.
It's so easy to steal someone's credit card that I can name at least 10 people off the top of my head who have had it done, and I'm not even trying. I myself have had it happen twice. The good news is, you just cancel it, there's a paper trail to track the people who did it, and you have fraud protection.
All of that can be done better though when you get off the credit card rail, which is what I'm working on. tommy@thecityswig.com if you wanna talk
That's because you need Royal Assent in order to be a bank in Canada. Unlike the US that has hundreds (if not thousands) of banks, Canada only has 5 (or is it 6 now?) massive banks.
Having only a few big banks makes it much easier to roll out new technology.
> That's because you need Royal Assent in order to be a bank in Canada. Unlike the US that has hundreds (if not thousands) of banks, Canada only has 5 (or is it 6 now?) massive banks.
This isn't really accurate, in that creating a bank nowadays requires only conformation to The Bank Act, not any royal (or by-proxy Governor General) consent. There are 44 domestic or domestic-subsidiary-of-foreign-corporation Schedule 1 banks in Canada, and 600+ credit unions. The big 5 dominate, but more for historical reasons than anything else.
The long prevalence of things like chip-and-pin and email money transfers and other modern amenities that are just starting to show up in the US has more to do with a marked preference for standardization governed by industry consortiums like Interac in Canada, rather than multiple competing, incompatible credit networks that debit piggybacks on top of, I suspect.
Most credit unions in Quebec are part of the Desjardins group. They don't seem especially widespread outside of Quebec.
Quickly glancing at the ownership of 9 of the 10 largest credit unions outside of Quebec, 8 of the 9 were unrelated to Desjardins. The 4th largest (Meridian Credit of Ontario) was the sole exception. I couldn't find info on the 9th largest, Cambrian Credit of Manitoba.
No, not next year, and not in any meaningful way until 2015 at earliest. They only required backend processing networks be capable of handling chip-and-pin transactions by mid-2013, which is a prerequisite for any acquirer/merchant using that network actually putting a reader in any store. Between then and 2015, nothing changes except recommendations that if a merchant is replacing their POS equipment, they choose one that supports reading chips, and that banks start issuing more cards with chips. Only in 2015 will Visa start incentivizing switching to chip-and-pin readers by, for example, removing the requirement that merchants validate PCI compliance if at least 75% of their transactions annually are chip-and-pin instead of swiped.
There's been another company working on this for many years: http://www.dynamicsinc.com/ I've seen the working models, they are decent, but it's a surprisingly hard problem.
Wallaby is a passive/proxy card, routing to a BIN range controlled by them. Cheaper to produce (it's just dumb plastic), more expensive to run (since they're sitting in the middle of each transaction) -- but that's also where they can build value.
It doesn't seem to apply to inserting, and in Europe we don't really use swiping (also we have to type a PIN code).
Although as a US product only it seems surreally cool and practical. I wouldn't use that for my credit card, but for a membership card? I have way too much H&M card, Levis' card, Virgin Megastore card, Cinema Card...
One of the things I noticed about the chip and pin migration in Canada was that when merchants all upgraded their point-of-sale terminals to handle EMV, many new terminals also happened to handle contactless payments.
I've been on two internships in the valley, and despite the availability of Google Wallet, I couldn't find a merchant that would accept it (apart from McDonald's) because everyone was still using magstripe-only terminals. (There were even a few merchants at trade shows who were still using triplicate carbon-copy forms...!)
I think Coin is a product that makes sense for the US market right now as a transitionary product, and wouldn't be surprised if Google acquired them some time in the next year or so and rolled them into the Wallet product offering. When and if US merchants upgrade to chip-and-pin capable offerings, (almost) everyone who owns a Nexus device made in the last two or three years will be ready with unified wallet offerings that already exist.
Q. Where can I use Coin?
A. You can use a Coin everywhere cards are accepted including dip-style card readers and ATMs. Use a Coin just like you use your cards now at gas stations, restaurants, the mall, the gym, or other places you frequent.
Dip-style card readers do not pull the card into the machine.
Maybe in the EU. The US is dragging its feet on the whole PIN/CHIP migration. I had to specifically request my Platinum Amex have a chip on it, and Amex still doesn't support pin and chip with it, only chip and signature (which means it still fails often enough for me in the EU to be a pain).
You mean the USA has non standard tech/standards and companies have to produce two SKU's one for export one for home - you fail production engineering 101.
The fiasco over not implementing GSM like the rest of the developed world did is a good example - less NIH might help.
It means merchants will be liable for counterfeit card fraud if the transaction mechanism used isn't EMV aka chip and pin, i.e. magnetic swipe cards are done.
Coin is betting the EMV deadline will be pushed out indefinitely or is using this gadget as a trojan horse for something bigger.
For more information on the liability shift: http://www.tsys.com/acquiring/engage/white-papers/United-Sta...
The gist: October 1, 2015 – Liability will shift to acquirers for domestic and cross-border counterfeit fraud card-present POS transactions if the merchant does not have an EMV-enabled POS device
It means that as of 2015, merchants in the US who accept magstripe (as opposed to chip and pin) are responsible for any fraud that occurs when the payment was made with magstripe.
Even if US retailers were accepting magstripe and taking on the risk, I doubt they would accept a sketchy-looking unlabelled card.
I love this idea, but I don't think it would solve one of the biggest reasons why I would want something like this:
Royalty Cards. I simply don't use them because that's way too many cards to have in your wallet. But say I'm at a restaurant, without coin, you give the waiter your credit card and your royalty card. With coin, do you make him run back twice so you can hit the button to switch from your credit card to your royalty card?
I guess you could get 2, one for credit / debit cards, another for royalty cards, but that seems to start defeating the purpose.
I will get one for loyalty cards only, will reduce major clutter. For credit/debit transactions, Canada has high penetration of chip/pin terminals and Coin will be useless here.
Is this a real problem? I'm going to go out on a limb and say that you can't determine a problem by telling me this is a problem we all have. I'm not buying the angle, sorry. Not like I'm against this idea, but the sell is a little ridiculous.
How would this work with chip-based cards? In Canada, some of the banks have ditched the magstripe, so not sure how scalable this is - since the encryption on the chip is specifically engineered to prevent this kind of interception.
Sure, but in the spirit of longevity, you're talking about a stop-gap solution at the most. There's also this: they aren't solving a real problem. My wallet going from 1 inch to 1/2 inch isn't a selling point.
I'll give you your second point. I bought one because I thought it was neat. If I can reduce the size of my wallet, then sure, that's great, but the biggest draw for me is "OOh. That's neat tech, how did they fit it in a credit card?"
This is awesome but I'm concerned about how it would be too easy to switch cards (accidentally). In the FAQ they say it's fine if its dropped, handed into a booklet, etc. Sounds fine in theory but what happens when you hand the card to the waiter/bartender and they happen just to grab it where the circle is? Won't that change the card?
Another concern is in bars - your CC# gets a tiny bit wet (drunk ppl, spilled drinks on table, etc.). Does this card stop working if its splashed a little?
While copying magstripes is already easy, no merchant will accept a stock magstripe card for a credit transaction, because it's clearly fraudulent.
If merchants will accept coin, it creates trust for this devices, and lookalikes. I think it would be much easier to create Coins, or Coin clones with stolen credit card data. This is rather concerning.
On another note, I really want one of these to tear apart and mess with. The hardware is pretty slick.
A. Currently you cannot lock your Coin, but you don’t have to. Coin will automatically deactivate if it loses contact with your phone for a period of time that you configure in the Coin mobile app.
Bummer! Seems like there should be a way to use your phone to lock it down. Either way this is cool as hell.
The iCache (from 2007) had an interesting solution to the security issue that everyone is mentioning:
[A]ctivate the device with a fingerprint on its biometric strip, scroll through a list of cards on its screen and choose one. Out pops a plastic card with a magnetic stripe, temporarily loaded with the chosen card's data. Just swipe the card and pop it back into the iCache. After one use, the information on the card disappears.
I was thinking a fingerprint scanner is exactly what's missing on these devices (what I've seen so far, Coin, Echo & Wallaby), but this is also an interesting solution with iCache.
Too bad about what happened to it. (Actually just found out about iCache and what exactly happened and while I'm sad, I can't say I'm surprised.)
Something not answered by the FAQ: when the battery starts to die, do you get some kind of a warning? If so, great. If not, I'd be worried that one day my battery would die without warning while I'm out of town and I'd be stuck without access to any of my cards.
Of course I could mitigate this by carrying my cards with me, but that kind of defeats the point, right?
I suppose I could also replace it after two years like they suggest in the FAQ. But at $100 a pop I'd like to get as much use as possible out of it. And from the usage numbers they cite for the 2-year estimate, it sounds like you could probably get well over 2 years of battery life in practice.
It also appears to rely on your phone. It's certainly needs to be carried with an emergency card, but two cards as opposed to eight doesn't still preserves it's utility.
It isn't that it relies on it, per se. You can set it to require authentication with your phone so it can disable itself if it's lost or stolen, but it works just fine without constant connection.
Hopefully you don't mean to imply that just because something has been around for more than 20 years (much more in this case) that it is inherently insecure.
Conversely, you hopefully don't mean to imply that technology that is newer is much more likely to be secure.
I am not making a judgment call one way or the other as to your intentions. I just think it is important to the discussion.
It seems easy to me, in modern cultures, to think that newer always equals better/faster/bigger/smarter and in all other ways superior. I think this is exacerbated by the fact that modern technology has made so many things possible that most people 200 years ago would never have dreamed of. From automobiles to computers to smartphones, the technology of today is very impressive. Because all of those things are "modern" it is easy to develop the mindset that anything over a certain age is likely to be inferior. However, we need to remember that all of those technologies were built upon things learned by people in the past. Also, often newer technologies make things cheaper, but manufacturers often chose to make those with poorer materials, and thus they don't last as long. In some cases, newer isn't better. Right now I'm wearing a sweatshirt that is over 20 years old. It was a high-quality product to begin with (and I recognized that when I bought it), and it has been worn very frequently. The silk-screened logo on it is still intact, and looks very good. The material has a few small tears here and there from abuse, but overall the shirt has held together very well. A lot of the clothing I've purchased recently (in the same cost-adjusted price range) has turned out to be junk that doesn't last. There are probably better examples of newer != better, so do what you will with that one.
There is also an inverse mindset which is equally as bad. That is the idea that anything older is bound to be better. Not surprisingly, the first mindset is often held by younger people, and the second by older people. As people get older, they often fall into thinking the "old school" way is always better. The important thing to realize is that, yeah, sometimes the old way is better (and probably more often than many young people realize). However, it is equally bad to assume that just because an item or an idea is older that it is better. I certainly don't want to get out of my car and turn the engine over by hand to get it started, and I'm glad I don't have to hitch up the horses to go into town (though, admittedly a lot of things about having horses would be cool).
The long and the short of it is this, we should evaluate thing on the basis of their own merit, not on their age. There are new treasures and old treasures, new junk and old junk. I realize that this is probably just common sense, but even so I still think it is worth talking about.
... I'd like to again point out that I'm not saying that Kiro was implying a direct newer=better/older=worse relationship -- I just wondered if he might be.
Oh, and yes, if you "haven't seen a merchant where you swipe in ages", then it is very unlikely that you live in the U. S. (at least, not in any part of it that I've been to recently).
I can't tell from the site if your card data is stored on your phone or not. If it is, then you're going to have to replace all of your cards if you lose your phone.
Also, shouldn't the merchants be checking the signature on the card?
This is the biggest downside in my opinion. Theoretically any merchant should deny any card without a signature, End of Story. In the merchant agreement they sign with Visa and MasterCard, they agree that any fraudulent charges where they did not check the signature are their responsibility.
How often are the cashiers checking the back of the card? Many of the card readers I see are on the customers' side of the counter, and I swipe it myself, often because I'll enter a pin. Also there are self-checkout kiosks with little or no supervision. I don't think that the lack of a signature line is the _biggest_ downside.
They should but only 40-50% do, I write "Ask for ID" on the signature portion. The ones that read it, ask me for it. Better than a signature that a cashier won't question anyhow.
I was curious about this and browsed through their operating regulations. It says something to the effect of "Visa considers a signature box that only says See ID to be blank".
So the pedantic response to your second sentence is that they consider the See ID irrelevant (and once there is a signature, it is apparently a violation of the merchant agreement to ask for ID, but I didn't look for that in the operating regulations).
Why wouldn't a VC back this and subsidize their business model until they could get critical mass, then sell to retailers and create the first real competitor for the major card companies.
Conversely, if I were MasterCard or visa I would bar merchants from taking this card for my transactions to maintain competitive advantage.
Atually, I wouldn't be surprised if the currently existing rules would already bar merchants from taking such a card - technically, this is a cloned card that is not issued by a member of MC or VISA; and there are security rules/training for identifying cloned (blank) cards and refusing/detaining them as fraudulent.
Yeah, actually after I made the comment I realize that that issue of acceptance is probably the reason they are selling this on kickstarter instead of a VC backing it. It may have been identified as a risk during YC and now they are still trying to make it work.
I hope the founder comments on this point. If it is usable and merchant contracts are in place for long enough, this is really cool. If there is a whole in the legal side, this feels like something that may not be ideal to back on kickstarter.
Coin apparently aren't a MC/Visa issuer, so they can't claim to issue a valid card or mobile payment device. In addition, merchants are supposed to judge cards by the system logo - and Coin can't have MC or Visa logo if they aren't an issuer, and certainly no card is allowed to have both MC and Visa logo (even if they would technically support both), MC/Visa prohibit that.
On an anecdotal basis, the recommendation given to cashiers when teaching them how to handle cards and detect fraud is not really in-depth but more or less "if you see something suspicious that is not a normal card, call the cops", or something like that.
Programmable mag stripe cards are really nothing new. This implementation is quite nice and sexy though. I can see immediate problems with it though:
1) Card thickness. Most makers of programmable mag stripe cards try to make their card the same thickness as a normal sized credit card. Why? Because thicker cards might scrape or get stuck in credit card readers (as old Amex black cardholders know). Unfortunately it has to be think because of the following:
2) Older iterations of this idea usually involved the bank/card issuer supplying cards with multiple card numbers preloaded on it. This card in novel in the sense that it has some writable memory that you can personally store your existing cards to. However this involves a few elements that add to the thickness of the card: It involves a non-volatile memory module for storing the cards, it involves a volatile memory module for holding information about new cards, it involves a bluetooth module for communicating between the volatile memory and your smartphone and it involves a battery to run it all.
3) The battery is non-rechargeable (because any existing type of charging point would add too much to the thickness), so the card only lasts for a specific length of time before needing to be replace.
4) There is a move away from mag stripe everywhere in the world but the US as mag stripe is really shit compared to chip and PIN for security. Even in the US, mag stripe will be phased out within the next 10 years. This card can't even store CVC security codes (the 3 digits on the back of your normal card).
5) They have added a security feature that ties the card to your smartphone such that it becomes "deactivated" (locks the non-volatile memory) once it is loses contact with your smartphone for too long. What this means in essence is that you cant use your card without your smartphone. So that begs the question: Why would the consumer adopt this instead of adopting a smartphone based NFC wallet if its available to them? Google Wallet stores any credit card I put on it, and if the merchant doesn't support NFC Google Wallet still displays an image of the card for manual number input. You might say that a merchant might get scared away from a transaction if you ask them to do that, but a merchant might get scared away by asking them to run a unfamiliar looking unmarked black card.
Regardless of the above, it is cool stuff and there is a niche that it will be useful for, at least until chip and PIN / NFC wallets become widespread in the US. I'm working on some similar ideas so I thought I'd toss in my two cents.
Coin is taking something that's outdated -- and unnecessarily physical, and offering a layer of digital on it to create many cards into one.
Yes, this is "doable" with existing technology, but not for the common man.
Security is going to be an issue, sure. If Kanishk can get the security tech concerns AND human worries calmed down - he's on to something that can fundamentally change how we use credit cards.
Until we realize there's really no need for a device this physical... or something beyond what we're currently carrying. But this'll require losing the magnetic strip need, and that'll take time.
I can actually see myself using this. There are times where certain stores have these promotions where I can buy a $30 gift card for $20, but I never bother doing it because I know that I will probably leave the gift card at home the time I come back. I also like the automatic locking feature as well when it loses the bluetooth connection with your phone.
Another benefit I see is that it doesn't actually have the credit/debit numbers printed on the card, so nobody could take a picture of your card and use it to fraudulently purchase things online.
This product is overly restricting it's market, I feel, since in Europe EMV (or "chip and PIN" as it's known in the UK) is ubiquitous. Payments worldwide are moving over to this system from magnetic strip cards, so I fear that this (useful) product has been invented too late once the tech it relies on is already speedily in decline!
I imagine, due to how the cryptography works, it might not be as simple to create a product like this for chipped cards.
In the US the chip and pin is hardly used. None of mine or my wife's cards even have them. I can't say that I've even seen a card with a chip in it that wasn't in a commercial. The readers are nowhere near common here either, not even in major stores. We've still got a LONG ways to go on that front.
It appears that they plan to do EMV in the future. This is rather scary, since you're trusting their hardware, and probably your phone, with the private key in your chip card.
As far as I know, EMV has no way for the user (or bank's employees, for that matter) to get that private key out of the chip card; if it was possible then the whole concept would be pretty much useless and allow easy cloning of those cards just like the old magstripes.
The system doesn't allow to "trust other hardware", the card itself has to sign every transaction.
The moment this gets turned down by a merchant you visit frequently, there goes the magic. That means you'll have to keep your regular card in your wallet along with your Coin, and the whole value prop comes crashing down. It seems interesting as a novelty, but I'm not sure I'd pay $100 to play with the cool kids in this case.
I have mixed opinions on this - it feels like a cosmetic solution to a somewhat non-problem.
Would I carry it?
As of yet - no, I would rather use iphone apps etc.
The other problem that it misses is the show that people like to make of using a certain card.
I have an amex platinum for business purposes, but I still get a bit of thrill every time I use it and I get a look, how does Coin approach that problem?
credit cards only make up 10% of what's actually in my wallet. Now if they could minimize health insurance cards, loyalty cards, etc.. etc... then we're talking.
"Q. Will my Coin work outside the U.S.?
A. Not in all cases.
U.S.-based customers: Coin will work overseas, but we recommend that you bring a backup card when you travel.
Customers located outside of the U.S.: Coin does not support EMV yet. If the country you live it requires it we recommend holding off your purchase for now."
"Coin does not support EMV" is an interesting statement - I can't see how they could ever support EMV without explicit cooperation from every issuing bank, which they won't have.
I've got a few cards and travel somewhat regularly to Europe. I've specifically been asking various card vendors that I have for chip and pin/EMV based cards. For the most part, they seem to be rolling them out at the high end rather than making them available at the normal "consumer"/reward cards.
$100/2 years lifetime for something that is just a bump in convenience seems high. I was real excited but don't think I'll find it worth it at that price.
A "better" solution would be a reverse square. Something that connected to my phone / had an app that I could then swipe in a card reader.
Moving beyond all the security concerns and potential technology shifts in this space, I'd be concerned with durability. By the time my credit cards expire, I typically have had to replace them at least once due to wear.
I'm not charged an additional fee to get those cards, but this would cost me.
Requiring ID is against the rules of every major card network; so are things like adding surcharges, and having minimum transaction amounts. Think about it, anything that adds friction to using a card makes it more likely you might use cash, eating into the card network's revenues. Anything that does that is likely to be frowned upon or prohibited.
> The card brands explicitly train merchants to check signatures against government-issued ID.
When the card is unsigned. Every card I have is marked "NOT VALID UNLESS SIGNED". It absolutely is a merchant violation to demand government issued ID when presented with a valid signed card. A card signed "SEE ID" is clearly not valid.
As far as you're other points, the US is not the only legal jurisdiction or market in the world.
It is a violation to make ID a condition of accepting Visa at all. It is not a violation to ask for ID from specific customers, regardless of whether the card is signed or not. It says this very clearly in the "Card Acceptance Guidelines for Visa Merchants" booklet. The closest they get to forbidding it is a recommendation that you don't make it part of your standard procedure as, and I quote, "it can slow down a sale and annoy the customer".
In the case of a suspicious transaction, the merchant is also supposed to call Visa for a "Code 10 Authorization". One of the things Visa may do is instruct you to check the customer's ID.
If a store asks you for your ID, calling up Visa to report a violation won't do you any good as they haven't violated anything. As far as your jurisdiction punt, we're talking about a product intended (and only really usable) for the US.
OK, but what says merchants are required to accept this "coin" card as your Visa?
Even if they aren't allowed to check ID, they certainly are allowed to check signatures.
Since merchants are held at least partially responsible for fraud, I would be surprised if most merchants accept the "coin" card. It doesn't look like a normal credit card.
> OK, but what says merchants are required to accept this "coin" card as your Visa?
Nothing. Coin is not an authentic card. BTW that wasn't my point, it was that it's a merchant violation to demand ID when presented with an authentic signed card.
On all of my cards I have not signed them but written "REQUEST ID" instead. And yet I very, very rarely get asked for my ID when using them. So rarely, in fact, that I make a point to thank them when they do. Some even turn it over to look and then just move on.
This would not work in my country, since most places also ask for an ID to check you are the owner of the credit card. Maybe for debit cards ( because of the pin), but I can see it raising some fraud alerts ;)
C'mon guys. Let's ease up. It's an elegant product in a physical package that I think most everyday people would use, especially if they're able to get the price down to free like square.
The real issue I see is that I don't want to carry a phone AND a card. I just want to pay with my iPhone 5S + thumbprint.
Or, if I'm in NYC and want to go running through the streets slash central park, I want to pay with my iPod Nano for the train, for some water, and even some food.
Heck, take it a step further. Just imbed a bluetooth chip inside my thumb so I just have to press it to a payment terminal anywhere.
It's just a roadmap, but you have to start somewhere.
Dynamics Inc out of Pittsburgh created the first card with a programmable magnetic strip in 2010. I wonder if Coin is licensing their technology. Does anyone know?
The average consumer is not an early adopter of brand new technology products. Early adopters pay higher prices for new products to come to market and, eventually, reach sufficient scale to lower costs for mass market.
I always use a credit card, just for the fraud protection...no idea how, but my CC has been used fraudulently 3 times over the years, and each time, with a quick phone call, the charge is gone, basically no questions asked (they assume fraud and go from there)...contrast that with a debit card where the money is actually being taken out of your account.
My wife recently used her debit card at a restaurant and they accidentally double-charged her. The restaurant recognized their mistake, but were being pains getting us refunded, requiring bank statements and such, so instead I called the bank (Wells Fargo), and it was 2 weeks before they said "Sorry, nothing we can do, take it up with the restaurant." We ended up getting the money back, but it was a real pain.
Thanks for the explanation. Thankfully, I've never been a victim of financial fraud. I also do my banking with a local bank, so I have a great relationship with them. If something bad happened, I feel confident that they would take care of it quickly.
1) Establish and grow credit rating
2) An extra layer of defense against bad merchants (the CC companies will be your goon squad)
3) Bonus miles/points/etc
I'm disappointed that they didn't mention that this is hooked to an online service until you get well into their FAQ:
If this were purely a hardware device and software than ran on my phone, I might be interested. Adding in an online service appears to add more points of failure, and more opportunity for yet another third party to snoop on my behavior. It would be nice if they described in more detail why this online service was necessary, what data was stored there, and what privacy protections they provide.Also disappointing that it doesn't support chip and pin. Whenever I travel to the UK, I find that people are increasingly surprised by cards that don't have a chip, and need to fumble around trying to remember how to use the card reader; it would be nice if this would be an opportunity for me to get a chip and pin compatible card out of my mag stripe card to avoid that problem (though on reflection, it's likely that a mag stripe doesn't contain sufficient information to make a valid chip and pin card).
$100 for something that lasts for two years and solves only a minor annoyance seems a bit steep. I'm sure that there will be plenty of people who will buy it, but I don't know if I would find it worth the cost beyond the novelty value.
I do appreciate their Bluetooth LE Arduino dev kit: http://blog.onlycoin.com/posts/2013/10/3/coin-arduino-ble-de...