Still want a payment implant?

There’s a reason why many here wait and don’t just implant a converted card…
Don’t know what I would do with a useless chip in my arm. Probably leave it in.

Sry for the paywall, but the headline is enough I guess: someone stole the master keys to 12M cards.

1 Like

I don’t know the specifics but I doubt any payment card (regardless of it being a standard credit card or the upcoming apex) would survive having it’s master keys leaked…

2 Likes

But an Apex isn’t useless after the keys leaked.
Even if you can’t ‘repair’ that (new keys?) you can still do stuff with it.

1 Like

Right so it’s more about the additional functionality the apex has than a payment implant vs conversation? Makes sense :slight_smile:

1 Like

Well, you could. If you got your own master key via a leak, then you could update your own master key.

1 Like

So it’s not just about extra features, in theory I could go to Fidemso and get the payment function restored.

But yeah, a big part of Apex > Conversion is the extra features.

I think the main reason is because they have an expiry date - i.e. you implant it and you know you’ll have to take it out in 2 years. I’d implant one without an expiry date, but not one I know I’ll have to be cut open again to replace.

Matter of fact, I wonder why regular payment cards expire. It’s a PITA each time I have to reset my PIN number, and the bank has to distribute millions of those things regularly to their customers. Anybody has an idea why they do that?

1 Like

“Security”

Also a lack of technology when card standards were created… but rotation of the account numbers was just about the only long term security mechanism at their disposal.

1 Like

Payment industry is changing for sure … banks also are moving at a quicker pace now challenger banks have opted and created new cloud architecture that smashes the older banks systems.

In all fairness someone leaking the master key is extremely rare and it’s the sort of attack that’s once in a lifetime news. You have to be in a serious position to get those keys and know that do you.

If you think reusing master keys for cards is bad then you’ve got a massive shock to see where that’s common practice haha.

Incidents like this will have a knock on affect and will create some near in future improvements for sure.

Having a payment card converted offers the same benefits and flaws of any normal card (e.g expiry) but this isn’t an easy attack to pull off so shouldn’t be anyone’s day to day.

Tokenisation for payments using Apple/android pay is totally the way forward for most. That’s a switch you can do now without any big difficulties. Those payment methods use a very different process for handling card data and keys.

3 Likes

Just for the record I want a payment implant now. I hope it’s all figured out until I need to replace it. Part of the reason is that it can’t be bad for the progress of this if some people just do this.

chuckle

3 Likes

It’s really for security purposes. In case someone has your card details (such as from online website data breaches, card skimming, etc.), the card will be invalid after 2 years and the cardholder will get a new card.

Today with credit card logs viewable online, this isn’t so necessary anymore as you can quickly spot fraud and report it, and get a new card. But I guess this hasn’t changed for years despite it not being very necessary. If card companies want to send people new cards for other reasons (such as rollout of contactless cards), they can send a new card before it expires.