tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
May 31, 2012, 02:49:00 PM Last edit: August 22, 2012, 12:22:10 PM by tbcoin |
|
Updated:
PVC CARDS at the end of OP.Hi The first apologize for my English;), I do not participate much in the forum but I'm a bitcoin enthusiast for about 7 months, although like many of us already knew of its existence for over a year and did not pay much attention (big mistake). From the beginning, I thought the use of bitcoin on physical commerce was interesting goal, but forcing the common user to have a last generation mobile phones, 3G connectivity and knowledge required to operate bitcoin applications is an important barrie, it is as if we had to bring the dataphone in your pocket to use the cards bitcoincard.org is very interesting and nice, but is a device, not a passive method of payment. Bitcoin cards we all know, only allows you to make deposits, not very useful for shopping, you have to be able to pay directly with card. This past week I've been kicking around this idea and here I show the first card (that I know of) for deposit and payment (debit card) Is a double-sided card that contains all necessary to generate an encrypted wallet of a single addresses. Commercially, the password would be attached to the purchase of the card or the user would establish if the establishment where acquired having capacity to create wallets and print cards in situ. Although it can also be home made. You do not need a bitcoins client created specifically for this purpose The same wallet can be used in another location simultaneously, so that not only is a card type "reload", can operate as a debit card of a wallet of daily use. Test Card--- Side A shows the deposit address Side B contains the private key and encryption data, encrypted both fields The bar code contains an id, expendable, only useful in its commercial form to identify the card at the time to attach the password that was encrypted. I made a simple POS to demonstrate the functionality, I'm not a developer, this is very basic but perfectly functional. Operation of payment: 1) Reading the deposit address was used to generate the wallet and as change addresses 2) Reading private key 3) The POS creates a temporary encrypted wallet from scanned data 4) Once defined the amount receivable, the customer will have to authorize the payment with your password, just like a common card. 5) The wallet, which remains encrypted, it is deleted Load data from a csv file, the fields are editableContinue automatically when reading the card Continue automatically when reading the card My handmade card Xd I appreciate your opinion thanks UPDATE: First PVC cards
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
May 31, 2012, 03:16:50 PM |
|
So the POS device has the ability to empty the private key presented to it?
|
|
|
|
tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
May 31, 2012, 04:22:07 PM |
|
So the POS device has the ability to empty the private key presented to it?
Only if the POS capture your password and copy your data, but always take this risk when making a card payment, the cloners put captors at ATM, any employee can copy the data from our card, we give data of our credit card to internet services with confidence, knowing that they are sensitive to being hacked. The target are small amounts for daily use.
|
|
|
|
Daily Anarchist
|
|
May 31, 2012, 04:31:14 PM |
|
So, let me make sure I understand it.
You have a specific amount alloted to the private key, say 10 BTC.
The POS empties the private key. I guess it would get the whole 10 BTC?
Then, if there is any change, say, 8 BTC, the POS sends payment back to the receiving address?
|
|
|
|
tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
May 31, 2012, 04:40:12 PM |
|
So, let me make sure I understand it.
You have a specific amount alloted to the private key, say 10 BTC.
The POS empties the private key. I guess it would get the whole 10 BTC?
Then, if there is any change, say, 8 BTC, the POS sends payment back to the receiving address?
Is a normal transaction, except that no creates a new direction for change, the change back to the origin address. You can look at the test transactions http://blockchain.info/address/1FyCrA7hAxxahGYtLDjFjfABCtc8k6F6D6
|
|
|
|
Vernon715
|
|
May 31, 2012, 05:39:30 PM |
|
Sounds like a usefull system... How much would one cost?
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
May 31, 2012, 09:07:17 PM |
|
But you are describing sending the change back to the address that the merchant now has the private key for. For a digital currency that can be used anonymously, that's financial suicide. If you only used it with a single merchant, then if a later transaction spend goes through you might have an inkling as to who might be responsible, as it was either you or the merchant (presuming you kept your card protected from view by anyone else). But as soon as you use a second merchant, now either can claim innocence and you would have no inkling as to which was more likely to have been the thief. This really wouldn't work -- not even for church donations. The closest might be what cbeast suggests here: - http://bitcointalk.org/index.php?topic=74978.msg831067#msg831067With that, there is the risk that the merchant doesn't really send you your change, but given a receipt and the blockchain you would have a convincing argument that there was a problem. In that approach, the change goes to a new address that the merchant never saw. This isn't anywhere near as convenient as the more typical mobile wallet to merchant POS system that we will soon see more widely used, but it would be an acceptable method, as trust by the consumer only needs to be extended for a relatively short amount of time (before a problem is noticed).
|
|
|
|
tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
May 31, 2012, 09:50:17 PM Last edit: June 01, 2012, 01:23:01 AM by tbcoin |
|
But you are describing sending the change back to the address that the merchant now has the private key for. For a digital currency that can be used anonymously, that's financial suicide. If you only used it with a single merchant, then if a later transaction spend goes through you might have an inkling as to who might be responsible, as it was either you or the merchant (presuming you kept your card protected from view by anyone else). But as soon as you use a second merchant, now either can claim innocence and you would have no inkling as to which was more likely to have been the thief. This really wouldn't work -- not even for church donations. The closest might be what cbeast suggests here: - http://bitcointalk.org/index.php?topic=74978.msg831067#msg831067With that, there is the risk that the merchant doesn't really send you your change, but given a receipt and the blockchain you would have a convincing argument that there was a problem. In that approach, the change goes to a new address that the merchant never saw. This isn't anywhere near as convenient as the more typical mobile wallet to merchant POS system that we will soon see more widely used, but it would be an acceptable method, as trust by the consumer only needs to be extended for a relatively short amount of time (before a problem is noticed). Hi, Thanks for your opinion I think not is a method more dangerous than the credit card of all life, even more, could be said to be more secure to data theft because the credit card is written in plain text on the surface everything you need to make use of it, meanwhile, in this case not only is not legible to the naked eye, but this encrypted. But you are sending Describing the change back to the address That the merchant now has the private key for The merchant (unless you steal your password) only knows the private key encrypted and is not retained (unless have the intentions to steal, which is not the rule) For a digital currency can be Used That anonymously, that's Financial suicide. If you are paying in a physical establishment the anonymity does not exist in any case. (Presuming you Kept your card protected from view by anyone else). The test card is in the OP at the sight of all, it does not necessarily make it unsafe (in case of a good encryption password, which is not the case as it is for test) Anyway not a bad idea to renewal date in case of much use, since cracking a password is a matter of time and processing power. While bearing in mind that should not be used for large amounts and the balance of the card is obviously public, no one would be worth the effort, less not knowing whether to continue with balance when obtained the password.
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
May 31, 2012, 09:53:28 PM |
|
OK, so the password is hard coded into the QR code, and the POS terminal is trusted not to steal funds. It could work IRL, because an evil POS terminal the stole things would be very obvious, and less likely to happen when a customer is there. However, sending the funds back to the same address is the problem - you have to assume the POS deletes the keys once it has finished with them, but what happens if it doesn't? Or what happens if it is hacked somehow?
|
|
|
|
tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
May 31, 2012, 10:41:05 PM Last edit: June 01, 2012, 01:31:39 AM by tbcoin |
|
OK, so the password is hard coded into the QR code, and the POS terminal is trusted not to steal funds. It could work IRL, because an evil POS terminal the stole things would be very obvious, and less likely to happen when a customer is there. However, sending the funds back to the same address is the problem - you have to assume the POS deletes the keys once it has finished with them, but what happens if it doesn't? Or what happens if it is hacked somehow?
If the POS wants to steal, just to keep the wallet generated from the QR and capture the password when you authorize a payment. Within the limitations of typical resolution of a webcam, you could modify the QR of payment to that contains a complete wallet with a different address from the side of deposit/change . The problem is that debit function disappears and is removed option to pay multiple times until the balance of cards are empty , because the change would go to another direction, we would have to wait to access the wallet that contains the private key of deposit/change addresses to return the balance to the card But as recargases the direction of payment, if your fear is they have copied your wallet and password, you're just like before. EDIT: For the most paranoid, dispense a nice pvc card for a simple printing and make card wallet of a single use is a good option.
|
|
|
|
tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
June 03, 2012, 08:57:20 AM |
|
Sounds like a usefull system... How much would one cost?
Homemade, no pvc card = free The price of the plastic card depends of the service that you use to design and print the card, usually require a minimum order of 100. If the system were accepted and implemented by someone, would be more feasible because it could place orders for these amounts at affordable prices Does not appear be the case, fear of stolen is very apparent in bitcoin, even above our local currency. Concentrate an impenetrable security system in a single piece of plastic, not even the pvc veterans have been able even (visa / mastercard ...). When multisignature transactions are fully implemented in bitcoin clients, the operation of the cards could be adapted to the multisignature, so that each transaction must be authorized for a second private key, so even if we steal the private key of the card and our password to decrypt it, they could not operate ( could even dispense with encryption and key ) . Of course, this would add a further complication to the use of the card, a merchant will not let you go with the merchandise, hoping that later you grant permission the transaction. Right now I can not think a simple option, anonymous and without relying on a centralized system to implement a system like this. Accepting all these drawbacks, one option would be to use a service like Twilio+CardAuthorizerServer, to link each card to the mobile phone number of user, in this way when making a transaction the CardAuthorizerServer may call immediately the customer, and through an key ( hold in the mobile keypad ) authorize the transaction, as the CardAuthorizerServer would have the second private key. everything will come
|
|
|
|
Vernon715
|
|
June 03, 2012, 02:02:25 PM |
|
Thanks. I thought it might be a system you offer for sale.
|
|
|
|
tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
June 03, 2012, 02:24:04 PM |
|
Thanks. I thought it might be a system you offer for sale.
The money are always welcome;), if you are willing to pay I'll be willing to charge, the only drawback is minimum orders and time to develop a POS in good conditions. If you are the owner of McDonalds / Starbucks / etc ... I will be happy to sell you thousands of cards and POS terminals;)
|
|
|
|
Vernon715
|
|
June 03, 2012, 02:37:55 PM |
|
Thanks. I thought it might be a system you offer for sale.
The money are always welcome;), if you are willing to pay I'll be willing to charge, the only drawback is minimum orders and time to develop a POS in good conditions. If you are the owner of McDonalds / Starbucks / etc ... I will be happy to sell you thousands of cards and POS terminals;) HAHA You could build one and post the design on a website and the code on github.
|
|
|
|
tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
June 03, 2012, 03:05:04 PM |
|
Thanks. I thought it might be a system you offer for sale.
The money are always welcome;), if you are willing to pay I'll be willing to charge, the only drawback is minimum orders and time to develop a POS in good conditions. If you are the owner of McDonalds / Starbucks / etc ... I will be happy to sell you thousands of cards and POS terminals;) HAHA You could build one and post the design on a website and the code on github. I will update this post with any new developments.
|
|
|
|
Vernon715
|
|
June 03, 2012, 03:19:30 PM |
|
Thanks. I thought it might be a system you offer for sale.
The money are always welcome;), if you are willing to pay I'll be willing to charge, the only drawback is minimum orders and time to develop a POS in good conditions. If you are the owner of McDonalds / Starbucks / etc ... I will be happy to sell you thousands of cards and POS terminals;) HAHA You could build one and post the design on a website and the code on github. I will update this post with any new developments. Thanks
|
|
|
|
TeslaUa
|
|
June 07, 2012, 01:29:06 PM |
|
Good idea. My proposal of dirt cheap plastic QR-code tags was the same but just for receiving. As for the pay method criticism I agree with it and I think it is comparable with so-called "Visa Internet" plastic-less cards. They are charged with small sums and often used for just a couple of purchases. So as Mythbusters say - the idea is plausible It could be useful where mobile internet penetration is low.
|
|
|
|
mc_lovin
Legendary
Offline
Activity: 1190
Merit: 1000
www.bitcointrading.com
|
|
June 07, 2012, 09:43:55 PM |
|
sweet project! /watching
|
|
|
|
tbcoin (OP)
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
June 09, 2012, 02:18:30 AM |
|
Good idea. My proposal of dirt cheap plastic QR-code tags was the same but just for receiving. As for the pay method criticism I agree with it and I think it is comparable with so-called "Visa Internet" plastic-less cards. They are charged with small sums and often used for just a couple of purchases. So as Mythbusters say - the idea is plausible It could be useful where mobile internet penetration is low. Thanks as Mythbusters say - the idea is plausible
is more than I needed to hear Deposit cards are and will, increasingly, very useful. The problem of massive printing of these cards is the private key, that the client must have in any other medium.
|
|
|
|
Bitcoin Oz
|
|
June 09, 2012, 05:28:00 AM |
|
Would be nice to create bitcoin business cards with a code on them.
|
|
|
|
|