Tag Archives: EMV

Weekly output: credit-card fraud, SaaS developers, Amazon and Crystal City, digital marketing, CTO life, Roborace, For The Web, DMCA exemptions

Posted on by
2

I fell seriously behind on tweeting out new stories this week, as Web Summit occupied most of my mental processor cycles during my stay in Lisbon. I also didn’t keep up with headlines in my RSS feed or even setting aside a minute or two a day to plod along in Spanish tutorials in the Duolingo app.

The Summit organizers usually post video of every session not long after the conference, but that hasn’t happened yet; when it does, I’ll embed those clips below. They now have.

11/5/2018: Why those chips in your credit cards don’t stop fraud online, Yahoo Finance

The story assignment came from inside the house, in the form of my having to call up a bank to have our cards reissued after somebody spent close to a thousand dollars on that account at Lenovo’s online store.

11/6/2018: Disrupting the traditional SaaS business model: The rise of the developer, Web Summit

My first panel at Web Summit featured two people running software-as-a-service shops: Nicolas Dessaigne of Algolia, and Adam FitzGerald of Amazon Web Services. This topic was well outside of my usual consumer-tech coverage, but a 20-minute panel isn’t too much airtime to fill if you do some basic research.

 

11/6/2018: Why Crystal City would be the right call for Amazon’s HQ2, Yahoo Finance

When I saw the Post’s scoop about Amazon getting exceedingly close to anointing Crystal City, I e-mailed my Yahoo editors volunteering to write any sort of “10 things to know about Arlington” post they might need. They didn’t require that, but they did ask me to write a summary of my county’s advantages–and some of its disadvantages, as noted in a few grafs that reveal the nerdiest bit of verbiage you’ll hear around Arlington.

11/8/2018: Marketing performance in a digital age – complexity to clarity, reaction to action, Web Summit

This was my most difficult panel at this conference, thanks to some reshuffling of questions late in the game and poor acoustics onstage that left me and my conversations partners Vincent Stuhlen (L’Oreal) and Catherine Wong (Domo) struggling to hear each other.

 

11/8/2018: CTO panel discussion: A day in life, Web Summit

Barely 30 minutes later, I had my second panel of Thursday, and this conversation with Cisco’s Susie Wee and Allianz SE’s Markus Löffler went much better.

 

11/8/2018: The human-machine race for the future, Web Summit

What’s not to like about interviewing the head of a robot-racecar company onstage? As a nice little bonus, this chat with Roborace CEO Lucas Di Grassi got introduced by my conference-nerd friend Adam Zuckerman.

 

11/8/2018: The man who created the World Wide Web needs you to help fix it, Yahoo Finance

I wrote up Web inventor Tim Berners-Lee’s Monday-night keynote about his initiative to improve his creation, as informed by a conversation Thursday with the CEO of his World Wide Web Foundation.

11/9/2018: Primer: What new DMCA exemptions mean for hackers, The Parallax

It had been a few years since I’d last unpacked the government’s ability to tell companies and researchers not to worry about the thou-shalt-not-mess-with-DRM provisions of the Digital Millennium Copyright Act. Spoiler alert: I remain a skeptic of this ill-drafted law.

Updated 11/16/2018 with embedded YouTube clips.

Advertisement

Credit-card fraud doesn’t care how much you obsess about security

Posted on by
6

Once again, I have a credit card cut into pieces and dumped in a trash can, thanks to somebody trying to treat themselves to a spending spree on our account.

This time, the card was a Citi Double Cash MasterCard, and the transaction that got my attention was a $969.90 Lenovo purchase. Neither my wife nor I had any recollection of making that–and neither Citi nor Intuit’s Mint personal-finance app had flagged it as suspicious.

After spotting that in our account, I saw two other, sub-$10 transactions with “OTC Brands” that also didn’t match up with anybody’s memory. A 14-minute call later, Citi had canceled our cards and ordered up replacements–I can already shop online with the new number–and pledged to investigate these three sketchy purchases.

So overall, we got off easy. But the experience has been a useful reminder that sometimes security is entirely out of your hands. There’s nothing we could have done to stop this from happening; at best, Citi’s security would have flagged the Lenovo purchase and asked me to approve or deny it, as it did when an unknown party tried using our card in March of 2016 at a Ukrainian site.

And no, having an EMV chip on this card did not enhance its security for card-not-present transactions. Even if this card had required me to key in a PIN instead of sign for in-person purchases, that also would have likely made no difference online.

Sometimes you just have to hope that the system works–and when it doesn’t, hope that you don’t wait too long for the system to get your money back. Having gotten Equifaxed last year, I can confirm that things could be worse.

Weekly output: HP and ink, cybersecurity, journalism and biz-school PR, unlimited data, EMV chip cards

Posted on by
1

Once again, the Nationals are headed to the postseason. Since our last two bouts of October baseball ended badly–the excruciating game 5 of the 2012 NLDS still haunts me–and the team has gotten whacked with injuries lately, I’m not super-optimistic about this one. Fortunately, I have the election to distract me by providing an alternate source of stress.

9/26/2016: How HP’s decision to reject some ink cartridges reflects a much bigger problem, Yahoo Finance

First I thought this post would be a great opportunity to use a still image of the printer-execution scene from “Office Space,” then I realized there was a good point to be made about the risks of using automatic security updates to deal with business-model problems. Two days later, HP confessed that it “should have done a better job of communicating” about the software update that disabled some third-party ink cartridges and said it would provide an optional patch to disable the offending feature.

9/27/2016: Here’s the cybersecurity debate Clinton and Trump should have had, Yahoo Finance

I wrote a quick recap of the cybersecurity issues that Hillary Clinton and Donald Trump could have gone over during Monday’s debate. Will these topics get a reasoned discussion during the two other debates? I’m going to say no.

bam-media-panels9/29/2016: Media Panel, Business Access Media

My role in this conference for business-school PR and communications types was to speak briefly about what I cover, then answer questions from attendees. As the one freelancer speaking, I could offer a different perspective than my fellow panelists, all full-time staff: Economist finance editor Tom Easton, the BBC’s Anthony Zurcher, CNN national correspondent Ryan Nobles and Marketplace Radio education reporter Amy Scott.

(Zurcher and I not only went to Georgetown, the conference venue, but worked together at the Georgetown Voice. You can imagine my disappointment that nobody in the audience asked “how did you all get into journalism?”)

10/2/2016: Why you may be able to finally ditch that old unlimited plan, USA Today

Right after my editor asked me to revisit this question, I had two different people show per-app data usage details on their iPhones that had not been reset since 2013, making them useless for getting a sense of how much data they should get. Apple, please fix that feature so the count resets once a month.

10/2/2016: Why the chip card isn’t the disaster everybody says it is, Yahoo Finance

I don’t know if I’m going to convince anybody with this, but the small extra wait to have an EMV chip-card payment read–far less time than I lose to checkout lines–doesn’t bother me much. I do, however, appreciate being able to pay with plastic overseas without getting funny looks or (most of the time) having my card rejected by a ticket-vending machine.

Weekly output: EMV cards, wearable gadgets, cable-TV apps, Apple, upload speeds

Posted on by
2

I’m halfway through an obnoxiously transatlantic fortnight: I spent four days in New York this past week for CE Week, and Tuesday I fly to Paris to moderate a handful of panels at the VivaTechnology conference. But when I step off the plane at Dulles a week from today, I’ll have more than a month before my next work trip.

6/20/2016: What Home Depot’s Chip-and-Pin Lawsuit Means to You, Consumer Reports

If you’re wondering why people get so insistent about having a PIN on their credit cards, this story may clear things up for you. (Spoiler alert: It won’t do much for the biggest source of credit-card fraud.)

CE Week wearables panel 20166/23/2016: Is that Tech You’re Wearing?, CE Week

I talked about the design, features and use of wearable gadgets with UNICEF Ventures’ Jeanette Duffy, WARE founder Pamela Kiernan, and ŌURA co-founder Kari Kivelä. Afterwards, GearDiary’s Judie Stanford interviewed the four of us, and the organizers posted that clip next week.

6/23/2016: Big cable has a plan to help you dump the cable box you’re renting, Yahoo Finance

While I was in NYC, I stopped by Yahoo’s offices to record an interview with Yahoo Finance editor-in-chief Andy Serwer about the prospect of replacing cable boxes with cable apps; it runs atop this story.

6/25/2016: Rob Pegoraro on technology, plus a presentation by MacRecycleClinic, Washington Apple Pi

I drove over to the general meeting of this Apple user group to share my thoughts on the state of Apple–and to donate the 2002-vintage iMac I used for four years before handing it off to my mom, who relied on that computer until replacing it with an iPad Air last year.

6/26/2016: How to compare Internet service providers — by upload speed, USA Today

After a reader of last week’s USAT column commented that I should have addressed upload speeds–and some quick searching revealed that many Internet providers treat them as a bit of a state secret–I realized I had a column topic on my hands.

Updated 9/6 to add a link to Stanford’s interview.

Weekly output: EMV credit cards

Posted on by
Reply

Last week’s flurry of work–enough for me to lose track of it when trying to inventory it here–was evened out by this week. I also didn’t have to travel any further for work than Capitol Hill and downtown D.C., although one of this week’s events did require me to dust off the tuxedo I hadn’t worn since maybe 2009. (Can we not talk about how the pants fit before the intervention of a tailor?)

Yahoo Finance EMV-update post5/6/2016: Those chip cards have a long way to go, Yahoo Finance

Watching a panel at the Rayburn Building Tuesday reminded me of two things: It’s been over six months since the “liability shift” that was supposedly going to end the tenure of old-school magnetic-stripe credit cards, and it’s been almost as long since I covered this topic. Revisiting the issue convinced me that making people enter a PIN at each purchase won’t solve the bigger security issues of paying with plastic–and that my earlier writing about “EMV” cards should have acknowledged the extra time spent with your card in a point-of-sale terminal.

(Notice the new Web address? Stay tuned for more about that.)

Weekly output: mobile payments, FCC regulations, Apple and the FBI, flash drives to North Korea, smart cities, Apple at 40, fiber Internet hardware fees

Posted on by
1

I wrote three of the stories below before this week–in one case, months before this week–so don’t get the wrong idea about my personal productivity over the last six days.

Yahoo Tech mobile-payments post3/29/2016: Don’t take my money: Why mobile payments haven’t taken off — yet, Yahoo Tech

In what I can only call epic timing, I had to have one of my credit cards reissued only hours after I filed this last week. Some joker had somehow obtained the number and used it for an online transaction at a random Ukrainian merchant. That’s the scenario that mobile payments could have prevented–if the unknown merchant that lost my card’s digits had accepted NFC phone payments, which is nowhere near a sure thing.

3/29/2016: Shining the Spotlight on the FCC: How Rules Impact Consumers and Industries, American Action Forum

I moderated a debate about the Federal Communications Commission’s recent regulatory initiatives with AAF’s Will Rinehart, Public Knowledge’s Meredith Rose and Tech Knowledge’s Fred Campbell. Rose and the other two come at this topic from different perspectives, as you can see below, but we had a civil and entertaining exchange.

3/29/2016: Lessons from the Apple-FBI fight, Yahoo Tech

When I wrote this, it still seemed possible that the FBI might disclose the vulnerability it exploited to unlock the phone used by one of the San Bernardino murderers. That now seems exceedingly unlikely. My hunch is that the Feds have bought themselves a short-term advantage that’s likely to set them back in the long run.

3/30/2016: New use for old flash drives: Subverting the regime in North Korea, Yahoo Tech

This story came about because I set aside a couple of hours on my last day at SXSW to tour the show floor and therefore came across this fascinating demo. The idea of smuggling flash drive into the “Democratic” “People’s” “Republic” of Korea might seem a wildly optimistic exercise in slacktivism, but two experts on North Korea told me it’s worth doing.

3/31/2016: The Internet of Things Drives Smart Transportation Projects, StateTech

I filed this piece about interesting smart-city projects in Chicago and Washington quite some time ago, but the story got held up for various reasons until the appropriate “publish” button was finally clicked this week.

4/1/2016: Apple turns 40, Al Jazeera

The news network’s Arabic channel had me on (overdubbed in Arabic by a translator) to talk about Apple turning 40. I answered a question about the state of the company post-Steve Jobs by saying that its hardware looked as innovative as ever, but its services remain a mess.

4/3/2016: Hardware fees not just for cable Internet, USA Today

Your e-mails asking about cable-modem costs at U-verse (note: not a cable system) got me thinking, and then I realized that AT&T’s mandatory hardware fee for its fiber service makes most cable operators’ price structure look reasonable.

Updated 4/4, 8:26 a.m. to add Friday’s Al Jazeera interview.

Weekly output: Google news, Apple vs. Google, EMV credit cards, OS X Photos

Posted on by
Reply

LAS VEGAS–I’m here for the last time this year, I think, to moderate a panel at Tech.Co’s Celebrate conference. It only seems fitting that I booked my flights to CES 2016 on the flight into Vegas this afternoon.

9/29/2015: Google’s new phones and tablet, WTOP

Washington’s news radio station quizzed me about Google’s introduction of the Nexus 5X and Nexus 6P phones (the former is looking like my next phone), Android 6.0 Marshmallow and Pixel C convertible tablet.

Yahoo Tech Apple-Google copying post9/29/2015: Apple and Google Just Can’t Stop Copying Each Other, Yahoo Tech

I was having a hard time coming with some kind of illustration for this reaction to Google’s news when I remembered staging a similar shot for a Discovery News post (which, of course, I can’t find now) exploring a comparable imitate-and-improve dynamic between Apple and Microsoft.

10/1/2015: Your Old Credit Card’s Now Obsolete. Now What?, Yahoo Tech

I wrote an extra column for Yahoo about the shift to “EMV” credit cards and what it will and won’t do to stop the next account compromise.

10/4/2015: Extensions can make OS X’s Photos app more useful, USA Today

I know that Photos is supposed to replace iPhoto, but I’m still not sure that I’m ready to make that transition.

Weekly output: NSA surveillance, Tech Night Owl

Posted on by
Reply

It’s a short list of stories this week, because USA Today elected to run this weekend’s column on Monday instead of today (they figure it will get more readers then than today, which seems fair enough to me). Next week will be busier: I’ll be in San Francisco from Wednesday through Saturday for Google’s I/O conference.

Yahoo Tech NSA-surveillance post5/19/2015: The NSA’s Bulk Surveillance is Nearing its Expiration Date, Yahoo Tech

This column was a hairball to write–between recapping two years’ worth of breaking news about the National Security Agency’s bulk surveillance and then trying to summarize the key differences between possible reforms of that, I had a draft balloon to about 1.5 times my usual word count.

5/23/2015: May 23, 2015 — Josh Centers and Rob Pegoraro, Tech Night Owl

My conversation with Gene Steinberg about Comcast’s customer-service initiatives, NSA reform, EMV credit-card security and more was repeatedly interrupted by my coughing fits. I feel bad about the extra editing work I inflicted on my host, and I wish I knew what could escalate a slight scratchiness in my throat so badly.

Weekly output: wearables and privacy, Verizon Custom TV, Tech Titans, EMV credit cards

Posted on by
Reply

My streak of never getting an invitation to the White House Correspondents Dinner continued, although I once again partook of Yahoo’s hospitality at their pre-dinner reception. I am okay with that streak; I look at it as one of my few remaining bits of indie cred.

4/20/2015: A Conversation on Wearables, State of the Net Wireless 2015

At the end of this half-day policy conference, I quizzed Center for Democracy and Technology president Nuala O’Connor about the privacy issues posed by wearable gadgets like the Apple Watch.

4/21/2015: Verizon’s ‘Custom TV’ Fixes Overpriced Channel Bundles — or Does It?, Yahoo Tech

I applauded Verizon for finally taking a step I’d suggested back in 2004: letting viewers buy packs of related channels instead of making them buy up to a higher tier of service. I was a lot less excited to see equipment fees and other surcharges inflate the advertised $54.99 price by over a third.

Washingtonian Tech Titans page4/23/2015: Tech Titans, Washingtonian

Every two years, the magazine puts together this list of “the most important people in digital Washington,” and this time around enough D.C.-tech types apparently spoke well of me to get me included in this list. I am honored and flattered by that. (The story’s not online yet, but I’ll add a link once it is. 5/4: Link added.)

4/26/2015: Chip-card security remains scarce in wallets, USA Today

A half-day conference I attended Thursday gave me some useful material for this update on the “EMV” chips that remain absent from all but one of our credit cards–and which have yet to see any retail use on that Amex. There’s also a tip about a new Sprint international-roaming offer with a nasty surprise in its fine print, something I first covered in an April 13 update to my Wirecutter guide to wireless carriers that was too small to mention here.

Weekly output: iPhone upgrades, iPhone 6 cases, safer retail payment options

Posted on by
Reply

Although I was out in the Pacific time zone this week, I didn’t go to Cupertino for Apple’s event Tuesday. I was in Las Vegas instead for CTIA’s Super Mobility Week trade show–but most of the writing I did there was not directly related to the show. It’s been a strange and tiring week, and made more so by the last piece I filed.

9/9/14: Don’t Be That Person Who Buys a New iPhone Every Year, Yahoo Tech

My contribution to Yahoo Tech’s new-iPhone coverage was this column questioning the financial wisdom and basic judgment of rushing to buy a new iPhone, at a real cost of $650 and up, every year. What I didn’t know when I wrote this Monday evening was just how confusing three of the four major wireless carriers could make their iPhone 6 deals–and you may see more about that from me soon.

Yahoo Tech iPhone-cases post9/12/2014: iPhone 6 Cases: The Best-Guess Editions, Yahoo Tech

This is the one story to emerge from all the notes I took in Vegas: a look at how case vendors found it so easy to get advance access to specifications about the size and shape of the iPhone 6 that they could promise to have compatible cases available when that device goes on sale Friday.

9/14/2014: Home Depot breach lesson: Safer payment options, USA Today

This was a worthy topic poorly executed. I didn’t take advantage of chances to quiz mobile-payment experts in person while I was at CTIA’s show, then latched on too readily to one source’s finding of fault in the Softcard NFC-payment service (until recently known by the terrorism-tarnished moniker “Isis”); another expert had made the same critique and it seemed to match Softcard’s public documentation, but Softcard says it ain’t so. And I managed to take my time getting this iffy column to my editor; I filed it after 6:30 on Friday, which even in her West Coast workday is way too late for a story not based on breaking news. Gah!

You know what would have been a better-grounded way to close out the column than a digression about this in-the-weeds issue? A simple reminder that paying with the device-independent, offline-enabled medium known as “cash” also leaves no traceable link to your bank or credit-card accounts.