I don’t know if anyone else has seen this but if I were a best buy customer I would honestly be upset about this. A few people I know were sent an e-mail stating that they had been automatically enrolled in the "Tag" program and would be receiving their tag in the mail. Basically what this is, is a sticker with an rfid tag of some kind with their account information in it. The suggestion from Best Buy is to put this sticker on your cell phone so that you can just wave your phone over the reader in their stores to pay for purchases, and that for any purchase under $50 they don’t require a signature. My first reaction to this is that this is just a huge security issue since customers don’t even have a choice about whether or not they can enroll in this program.
The Best Buy page provides the following in their FAQ about security concerns on the Tag website.
"The PayPass™ feature uses special security technology and typically, at the checkout when you tap your tag it must be within an inch or two of the "contactless symbol" on the payment reader"
https://www.rzmctag.com/
To some people security is not a concern and so they sign up for credit cards that come with RFID tags, but it seems to me to violate a customer’s desire for security by simply sending them the tag with no choice. Obviously you can choose not to use the tag, and those who have this concern don’t have to, and can probably destroy the tag. I just think that, especially with a technology such as rfid that has had questions raised before, that a company should be obligated to ask its customers before just signing them up.
I was just wondering if anyone else had seen these and had any thoughts about it. Im mostly curious about how good the "encryption" is on the card that would prevent someone from just scanning the card and making a copy with another rfid tag. I know there are technologies that prevent this, but it just seems like a risk that shouldn't just be pushed onto customers without their permission
The Best Buy page provides the following in their FAQ about security concerns on the Tag website.
"The PayPass™ feature uses special security technology and typically, at the checkout when you tap your tag it must be within an inch or two of the "contactless symbol" on the payment reader"
https://www.rzmctag.com/
To some people security is not a concern and so they sign up for credit cards that come with RFID tags, but it seems to me to violate a customer’s desire for security by simply sending them the tag with no choice. Obviously you can choose not to use the tag, and those who have this concern don’t have to, and can probably destroy the tag. I just think that, especially with a technology such as rfid that has had questions raised before, that a company should be obligated to ask its customers before just signing them up.
I was just wondering if anyone else had seen these and had any thoughts about it. Im mostly curious about how good the "encryption" is on the card that would prevent someone from just scanning the card and making a copy with another rfid tag. I know there are technologies that prevent this, but it just seems like a risk that shouldn't just be pushed onto customers without their permission
Comment