Bitcoin Forum
September 16, 2019, 05:14:01 PM *
News: If you like a topic and you see an orange "bump" link, click it. More info.
 
   Home   Help Search Login Register More  
Pages: 1 2 [All]
  Print  
Author Topic: Bitcoin card for deposit and payment + Little POS  (Read 6733 times)
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
May 31, 2012, 02:49:00 PM
Last edit: August 22, 2012, 12:22:10 PM by tbcoin
 #1

Updated:

PVC CARDS at the end of OP.


Hi

The first apologize for my English;),

I do not participate much in the forum but I'm a bitcoin enthusiast for about 7 months, although like many of us already knew of its existence for over a year and did not pay much attention (big mistake).

From the beginning, I thought the use of bitcoin on physical commerce was interesting  goal, but forcing the common user to have a last generation mobile phones, 3G connectivity and knowledge required to operate bitcoin applications is an important barrie, it is as if we had to bring the dataphone in your pocket to use the cards

bitcoincard.org is very interesting and nice, but is a device, not a passive method of payment.

Bitcoin cards we all know, only allows you to make deposits, not very useful for shopping, you have to be able to pay directly with card.

This past week I've been kicking around this idea and here I show the first card (that I know of) for deposit and payment (debit card)
Is a double-sided card that contains all necessary to generate an encrypted wallet of a single addresses.
Commercially, the password would be attached to the purchase of the card or the user would establish if the establishment where acquired having capacity to create wallets and print cards in situ. Although it can also be home made.

You do not need a bitcoins client created specifically for this purpose
The same wallet can be used in another location simultaneously, so that not only is a card type "reload", can operate as a debit card of a wallet of daily use.

Test Card
---

Side A shows the deposit address
Side B contains the private key and encryption data, encrypted both fields
The bar code contains an id, expendable, only useful in its commercial form to identify the card at the time to attach the password that was encrypted.

I made a simple POS to demonstrate the functionality, I'm not a developer, this is very basic but perfectly functional.

Operation of payment:

1) Reading the deposit address was used to generate the wallet and as change addresses


2)  Reading private key


3) The POS creates a temporary encrypted wallet from scanned data

4) Once defined the amount receivable, the customer will have to authorize the payment with your password, just like a common card.

5) The wallet, which remains encrypted, it is deleted


Load data from a csv file, the fields are editable



Continue automatically when reading the card

Continue automatically when reading the card




My handmade card Xd



I appreciate your opinion
thanks

UPDATE:
First PVC cards  Grin






Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1568654041
Hero Member
*
Offline Offline

Posts: 1568654041

View Profile Personal Message (Offline)

Ignore
1568654041
Reply with quote  #2

1568654041
Report to moderator
1568654041
Hero Member
*
Offline Offline

Posts: 1568654041

View Profile Personal Message (Offline)

Ignore
1568654041
Reply with quote  #2

1568654041
Report to moderator
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
May 31, 2012, 03:16:50 PM
 #2

So the POS device has the ability to empty the private key presented to it?


Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
May 31, 2012, 04:22:07 PM
 #3

So the POS device has the ability to empty the private key presented to it?



Only if the POS capture your password and copy your data, but always take this risk when making a card payment, the cloners put captors at ATM, any employee can copy the data from our card, we give data of our credit card to internet services with confidence, knowing that they are sensitive to being hacked.

The target are small amounts for daily use.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
Daily Anarchist
Hero Member
*****
Offline Offline

Activity: 615
Merit: 500



View Profile WWW
May 31, 2012, 04:31:14 PM
 #4

So, let me make sure I understand it.

You have a specific amount alloted to the private key, say 10 BTC.

The POS empties the private key. I guess it would get the whole 10 BTC?

Then, if there is any change, say, 8 BTC, the POS sends payment back to the receiving address?


Discover anarcho-capitalism today!
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
May 31, 2012, 04:40:12 PM
 #5

So, let me make sure I understand it.

You have a specific amount alloted to the private key, say 10 BTC.

The POS empties the private key. I guess it would get the whole 10 BTC?

Then, if there is any change, say, 8 BTC, the POS sends payment back to the receiving address?



Is a normal transaction, except that no creates a new direction for change, the change back to the origin address.

You can look at the test transactions

http://blockchain.info/address/1FyCrA7hAxxahGYtLDjFjfABCtc8k6F6D6

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
Vernon715
Full Member
***
Offline Offline

Activity: 182
Merit: 100



View Profile
May 31, 2012, 05:39:30 PM
 #6

Sounds like a usefull system... How much would one cost?

Please donate: 1FfJzfpGCXD6saKqmMs8W1qt9wouhA98Mj

http://bitcoinpyramid.com/r/1642

100101011010100100101010010111001010010101010100101001000100101010101010101010
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1001


View Profile
May 31, 2012, 09:07:17 PM
 #7

Is a normal transaction, except that no creates a new direction for change, the change back to the origin address.

You can look at the test transactions

http://blockchain.info/address/1FyCrA7hAxxahGYtLDjFjfABCtc8k6F6D6

But you are describing sending the change back to the address that the merchant now has the private key for.  For a digital currency that can be used anonymously, that's financial suicide.  If you only used it with a single merchant, then if a later transaction spend goes through you might have an inkling as to who might be responsible, as it was either you or the merchant (presuming you kept your card protected from view by anyone else).  

But as soon as you use a second merchant, now either can claim innocence and you would have no inkling as to which was more likely to have been the thief.

This really wouldn't work -- not even for church donations.

The closest might be what cbeast suggests here:



 - http://bitcointalk.org/index.php?topic=74978.msg831067#msg831067

With that, there is the risk that the merchant doesn't really send you your change, but given a receipt and the blockchain you would have a convincing argument that there was a problem.  In that approach, the change goes to a new address that the merchant never saw.  This isn't anywhere near as convenient as the more typical mobile wallet to merchant POS system that we will soon see more widely used, but it would be an acceptable method, as trust by the consumer only needs to be extended for a relatively short amount of time (before a problem is noticed).

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
May 31, 2012, 09:50:17 PM
Last edit: June 01, 2012, 01:23:01 AM by tbcoin
 #8

Is a normal transaction, except that no creates a new direction for change, the change back to the origin address.

You can look at the test transactions

http://blockchain.info/address/1FyCrA7hAxxahGYtLDjFjfABCtc8k6F6D6

But you are describing sending the change back to the address that the merchant now has the private key for.  For a digital currency that can be used anonymously, that's financial suicide.  If you only used it with a single merchant, then if a later transaction spend goes through you might have an inkling as to who might be responsible, as it was either you or the merchant (presuming you kept your card protected from view by anyone else).  

But as soon as you use a second merchant, now either can claim innocence and you would have no inkling as to which was more likely to have been the thief.

This really wouldn't work -- not even for church donations.

The closest might be what cbeast suggests here:



 - http://bitcointalk.org/index.php?topic=74978.msg831067#msg831067

With that, there is the risk that the merchant doesn't really send you your change, but given a receipt and the blockchain you would have a convincing argument that there was a problem.  In that approach, the change goes to a new address that the merchant never saw.  This isn't anywhere near as convenient as the more typical mobile wallet to merchant POS system that we will soon see more widely used, but it would be an acceptable method, as trust by the consumer only needs to be extended for a relatively short amount of time (before a problem is noticed).


Hi,

Thanks for your opinion  Smiley

I think not is a method more dangerous than the credit card of all life, even more, could be said to be more secure to data theft because the credit card is written in plain text on the surface everything you need to make use of it, meanwhile, in this case not only is not legible to the naked eye, but this encrypted.

Quote
But you are sending Describing the change back to the address That the merchant now has the private key for

The merchant (unless you steal your password) only knows the private key
encrypted and is not retained (unless have the intentions to steal, which is not the rule)

Quote
For a digital currency can be Used That anonymously, that's Financial suicide.
If you are paying in a physical establishment the anonymity does not exist in any case.

Quote
(Presuming you Kept your card protected from view by anyone else).

The test card is in the OP at the sight of all, it does not necessarily make it unsafe (in case of a good encryption password, which is not the case as it is for test)

Anyway not a bad idea to renewal date in case of much use, since cracking a password is a matter of time and processing power. While bearing in mind that should not be used for large amounts and the balance of the card is obviously public, no one would be worth the effort, less not knowing whether to continue with balance when obtained the password.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
May 31, 2012, 09:53:28 PM
 #9

OK, so the password is hard coded into the QR code, and the POS terminal is trusted not to steal funds. It could work IRL, because an evil POS terminal the stole things would be very obvious, and less likely to happen when a customer is there. However, sending the funds back to the same address is the problem - you have to assume the POS deletes the keys once it has finished with them, but what happens if it doesn't? Or what happens if it is hacked somehow?

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
May 31, 2012, 10:41:05 PM
Last edit: June 01, 2012, 01:31:39 AM by tbcoin
 #10

OK, so the password is hard coded into the QR code, and the POS terminal is trusted not to steal funds. It could work IRL, because an evil POS terminal the stole things would be very obvious, and less likely to happen when a customer is there. However, sending the funds back to the same address is the problem - you have to assume the POS deletes the keys once it has finished with them, but what happens if it doesn't? Or what happens if it is hacked somehow?


If the POS wants to steal, just to keep the wallet generated from the QR and capture the password when you authorize a payment.

Within the limitations of typical resolution of a webcam, you could modify the QR of payment to that contains  a complete wallet with a different address from the side of deposit/change . The problem is that debit function disappears and is removed option to pay multiple times until the balance of cards are empty , because the change would go to another direction, we would have to wait to access the wallet that contains the private key of deposit/change addresses to return the balance to the card

But as recargases the direction of payment, if your fear is they have copied your wallet and password, you're just like before.

EDIT:
For the most paranoid, dispense a nice pvc card for a simple printing and make card wallet of a single use is a good option.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 03, 2012, 08:57:20 AM
 #11

Sounds like a usefull system... How much would one cost?

Homemade, no pvc card = free
The price of the plastic card depends of the service that you use to design and print the card, usually require a minimum order of 100. If the system were accepted and implemented by someone, would be more feasible because it could place orders for these amounts at affordable prices

Does not appear be the case, fear of stolen is very apparent in bitcoin, even above our local currency. Concentrate an impenetrable security system in a single piece of plastic, not even the pvc veterans  have been able even (visa / mastercard ...).

When multisignature transactions are fully implemented in bitcoin clients, the operation of the cards could be adapted to the multisignature, so that each transaction must be authorized for a second private key, so even if we steal the private key of the card and our password to decrypt it, they could not operate ( could even dispense with encryption and key ) . Of course, this would add a further complication to the use of the card, a merchant will not let you go with the merchandise, hoping that later you grant permission the transaction.

Right now I can not think a simple option, anonymous and without relying on a centralized system to implement a system like this. Accepting all these drawbacks, one option would be to use a service like Twilio+CardAuthorizerServer, to link each card to the mobile phone number of user,  in this way when making a transaction the CardAuthorizerServer may call immediately the customer, and through an key ( hold in the mobile keypad ) authorize the transaction, as the CardAuthorizerServer would have the second private key.


everything will come

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
Vernon715
Full Member
***
Offline Offline

Activity: 182
Merit: 100



View Profile
June 03, 2012, 02:02:25 PM
 #12

Thanks. I thought it might be a system you offer for sale.

Please donate: 1FfJzfpGCXD6saKqmMs8W1qt9wouhA98Mj

http://bitcoinpyramid.com/r/1642

100101011010100100101010010111001010010101010100101001000100101010101010101010
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 03, 2012, 02:24:04 PM
 #13

Thanks. I thought it might be a system you offer for sale.

The money are always welcome;), if you are willing to pay I'll be willing to charge, the only drawback is minimum orders and time to develop a POS in good conditions.

If you are the owner of McDonalds / Starbucks / etc ... I will be happy to sell you thousands of cards and POS terminals;) Wink

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
Vernon715
Full Member
***
Offline Offline

Activity: 182
Merit: 100



View Profile
June 03, 2012, 02:37:55 PM
 #14

Thanks. I thought it might be a system you offer for sale.

The money are always welcome;), if you are willing to pay I'll be willing to charge, the only drawback is minimum orders and time to develop a POS in good conditions.

If you are the owner of McDonalds / Starbucks / etc ... I will be happy to sell you thousands of cards and POS terminals;) Wink


HAHA

You could build one and post the design on a website and the code on github.

Please donate: 1FfJzfpGCXD6saKqmMs8W1qt9wouhA98Mj

http://bitcoinpyramid.com/r/1642

100101011010100100101010010111001010010101010100101001000100101010101010101010
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 03, 2012, 03:05:04 PM
 #15

Thanks. I thought it might be a system you offer for sale.

The money are always welcome;), if you are willing to pay I'll be willing to charge, the only drawback is minimum orders and time to develop a POS in good conditions.

If you are the owner of McDonalds / Starbucks / etc ... I will be happy to sell you thousands of cards and POS terminals;) Wink


HAHA

You could build one and post the design on a website and the code on github.

Wink I will update this post with any new developments.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
Vernon715
Full Member
***
Offline Offline

Activity: 182
Merit: 100



View Profile
June 03, 2012, 03:19:30 PM
 #16

Thanks. I thought it might be a system you offer for sale.

The money are always welcome;), if you are willing to pay I'll be willing to charge, the only drawback is minimum orders and time to develop a POS in good conditions.

If you are the owner of McDonalds / Starbucks / etc ... I will be happy to sell you thousands of cards and POS terminals;) Wink


HAHA

You could build one and post the design on a website and the code on github.

Wink I will update this post with any new developments.

Thanks

Please donate: 1FfJzfpGCXD6saKqmMs8W1qt9wouhA98Mj

http://bitcoinpyramid.com/r/1642

100101011010100100101010010111001010010101010100101001000100101010101010101010
TeslaUa
Full Member
***
Offline Offline

Activity: 168
Merit: 100



View Profile WWW
June 07, 2012, 01:29:06 PM
 #17

Good idea. My proposal of dirt cheap plastic QR-code tags was the same but just for receiving.

As for the pay method criticism I agree with it and I think it is comparable with so-called "Visa Internet" plastic-less cards. They are charged with small sums and often used for just a couple of purchases. So as Mythbusters say - the idea is plausible Smiley

It could be useful where mobile internet penetration is low.
mc_lovin
Legendary
*
Offline Offline

Activity: 1162
Merit: 1000


www.bitcointrading.com


View Profile WWW
June 07, 2012, 09:43:55 PM
 #18

sweet project!  /watching

tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 09, 2012, 02:18:30 AM
 #19

Good idea. My proposal of dirt cheap plastic QR-code tags was the same but just for receiving.

As for the pay method criticism I agree with it and I think it is comparable with so-called "Visa Internet" plastic-less cards. They are charged with small sums and often used for just a couple of purchases. So as Mythbusters say - the idea is plausible Smiley

It could be useful where mobile internet penetration is low.

Thanks

Quote
as Mythbusters say - the idea is plausible
is more than I needed to hear  Grin Grin

Deposit cards are and will, increasingly, very useful. The problem of massive printing of these cards is the private key, that the client must have in any other medium.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


Wat


View Profile WWW
June 09, 2012, 05:28:00 AM
 #20

Would be nice to create bitcoin business cards with a code on them.

BitPay Business Solutions
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500


View Profile WWW
June 09, 2012, 05:59:43 AM
 #21

I'm not convinced putting private keys out there is really the way to go.

The difference is really between push and pull...

for thousands of years, if you wanted to pay money to someone, whether it was gold, or cash, you just handed them $20 or what you owe them.  piece of cake.  done.

The invention of credit cards flipped it around.  Now, if i want to pay someone $20 with my credit card, I have to give them my account number, and my $20,000 line of credit, and trust them to only pull 20 bucks.  That's crazy when you think about it!

I think the key to bitcoin is getting back to the basics of money.  Push.  I owe you $19.85, ok, I push you $19.85.  You don't get access to my $20,000 line of credit to pull from.  No.

That being said, the key to bitcoin is keeping it in a push transaction.  text message is a push.  email is a push.  the bitcoin clients are all push.  I think this is the right way to do it.






BitPay : The World Leader in Bitcoin Business Solutions

https://bitpay.com

Does your website accept bitcoins?
TeslaUa
Full Member
***
Offline Offline

Activity: 168
Merit: 100



View Profile WWW
June 09, 2012, 06:28:33 AM
 #22

You are right.
As long as the bitcoin holder do not operate any computing and communication he/she has to rely on the merchant for that. And I see no way to do computing with cardboard or plastic tags.
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 09, 2012, 01:57:25 PM
 #23

I'm not convinced putting private keys out there is really the way to go.

The difference is really between push and pull...

for thousands of years, if you wanted to pay money to someone, whether it was gold, or cash, you just handed them $20 or what you owe them.  piece of cake.  done.

The invention of credit cards flipped it around.  Now, if i want to pay someone $20 with my credit card, I have to give them my account number, and my $20,000 line of credit, and trust them to only pull 20 bucks.  That's crazy when you think about it!

I think the key to bitcoin is getting back to the basics of money.  Push.  I owe you $19.85, ok, I push you $19.85.  You don't get access to my $20,000 line of credit to pull from.  No.

That being said, the key to bitcoin is keeping it in a push transaction.  text message is a push.  email is a push.  the bitcoin clients are all push.  I think this is the right way to do it.

Although the format and utilization is homologous to debit cards, it really must be seen as a bill or coin of variable value. If you have a $20 bill and pay a product of $9.55, even push, also you give your $20 bill hoping that give you the change, but in this way the change would be like another bill of $10.45 and so on.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
BitPay Business Solutions
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500


View Profile WWW
June 09, 2012, 02:15:10 PM
 #24

Although the format and utilization is homologous to debit cards, it really must be seen as a bill or coin of variable value. If you have a $20 bill and pay a product of $9.55, even push, also you give your $20 bill hoping that give you the change, but in this way the change would be like another bill of $10.45 and so on.

That is correct.  Although with bitcoin, it is always possible to push the exact amount.  So there's no need to overpay and expect change (other than the low-level way the bitcoin works, but that's not important to the average user)

BitPay : The World Leader in Bitcoin Business Solutions

https://bitpay.com

Does your website accept bitcoins?
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 09, 2012, 02:39:19 PM
 #25

Although the format and utilization is homologous to debit cards, it really must be seen as a bill or coin of variable value. If you have a $20 bill and pay a product of $9.55, even push, also you give your $20 bill hoping that give you the change, but in this way the change would be like another bill of $10.45 and so on.

That is correct.  Although with bitcoin, it is always possible to push the exact amount.  So there's no need to overpay and expect change (other than the low-level way the bitcoin works, but that's not important to the average user)


What I mean is the need to trust a higher value than pay during the transaction, even in cash or other property material. With these cards also pay the exact amount, as the operation of bitcoin is the same, but you must rely temporarily the total value for the merchant to collect the amount (but really doing push from the card). Like cash, the change is easily verifiable.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 12, 2012, 11:10:22 AM
 #26

Today I received the first PVC cards.  Grin

OP updated



Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
TeslaUa
Full Member
***
Offline Offline

Activity: 168
Merit: 100



View Profile WWW
June 13, 2012, 09:05:10 AM
 #27

Here is what got me thinking:
What if you make PAY QR-code wallets disposable? Lets walk through such scenario:

1) your e-wallet provider generates 10 wallets and 10 corresponding PAY QR-codes
2) Lets say you have 37 BTC and decide to charge each PAY code with 10 BTC. 1st, 2nd and 3rd coders are charged with 10 BTC and the 4th with 7 BTC by your e-wallet provider
3) You pay 6 BTC for a cheeseburger for your cat with the 1st PAY QR-code.
4) Your e-wallet provider senses 6 BTC moving out of your QR-code and moves out the remaining 4.
5) Your e-wallet provider then may refill your unused PAY QR-codes. Filling 4th to full with 3 BTC and moving 1 BTC yo 5th PAY QR-code

How do you like that?
nimda
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


0xFB0D8D1534241423


View Profile
June 13, 2012, 09:56:11 PM
 #28

I see a simple method which could work for one reusable card. It would make stealing instantly detectable, at which case you punch out the merchant Wink

The card has 2 QR codes on it, but they are not of the same address. Here's how it would work:
  • There are 2 addresses, 1a and 1b.
  • The public address for 1a is shown, as is its QR code.
  • The privkey for 1b is shown, along with a QR code which scans to it.
  • To "load" the card, send bitcoins to 1b.
  • When the merchant takes payment, he transfers *all* of the money in 1b to his address, then sends the "change" to 1a. The merchant cannot take more money now, because he doesn't have the 1a privkey.
  • Finally, in order to re-use the card, the change must be sent from 1a back to 1b. This could be done by bitcoind and a script running on your home computer.

Now the only possibility for stealing is when the merchant doesn't send you the change. But since anyone can check the blockchain from websites like blockexplorer and blockchain.info, this isn't a feasible attack. You'd notice he overcharged, and demand your money back. Then you could sue him or punch him out if he didn't.

I recommend asking me for a signature from my GPG key before doing a trade. I will NEVER deny such a request.
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 13, 2012, 10:42:05 PM
 #29

Here is what got me thinking:
What if you make PAY QR-code wallets disposable? Lets walk through such scenario:

1) your e-wallet provider generates 10 wallets and 10 corresponding PAY QR-codes
2) Lets say you have 37 BTC and decide to charge each PAY code with 10 BTC. 1st, 2nd and 3rd coders are charged with 10 BTC and the 4th with 7 BTC by your e-wallet provider
3) You pay 6 BTC for a cheeseburger for your cat with the 1st PAY QR-code.
4) Your e-wallet provider senses 6 BTC moving out of your QR-code and moves out the remaining 4.
5) Your e-wallet provider then may refill your unused PAY QR-codes. Filling 4th to full with 3 BTC and moving 1 BTC yo 5th PAY QR-code

How do you like that?


In this situation it is dependent on a centralized operator, e-wallet, which escapes from the initial idea.

I already had proposed something similar but I discard it with the hassle of having to carry a collection of cards.

My approach is the same as the original idea, but in the 1A side that contain the return address, it would show the public key of 2B, in 2A show the public key of 3B and so on. That way when you pay with the first card, all the change will go to the second, and then third to get to the last that if would contain its own.

Agrees with your approach? Correct me if I'm wrong

Following this way could be done with normal cards since PVC It is not profitable and nothing ecological Xd Cheesy

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 13, 2012, 10:48:01 PM
Last edit: June 13, 2012, 11:00:10 PM by tbcoin
 #30

I see a simple method which could work for one reusable card. It would make stealing instantly detectable, at which case you punch out the merchant Wink

The card has 2 QR codes on it, but they are not of the same address. Here's how it would work:
  • There are 2 addresses, 1a and 1b.
  • The public address for 1a is shown, as is its QR code.
  • The privkey for 1b is shown, along with a QR code which scans to it.
  • To "load" the card, send bitcoins to 1b.
  • When the merchant takes payment, he transfers *all* of the money in 1b to his address, then sends the "change" to 1a. The merchant cannot take more money now, because he doesn't have the 1a privkey.
  • Finally, in order to re-use the card, the change must be sent from 1a back to 1b. This could be done by bitcoind and a script running on your home computer.

Now the only possibility for stealing is when the merchant doesn't send you the change. But since anyone can check the blockchain from websites like blockexplorer and blockchain.info, this isn't a feasible attack. You'd notice he overcharged, and demand your money back. Then you could sue him or punch him out if he didn't.

Hi,

I think I proposed something like this before. It is something like this?

OK, so the password is hard coded into the QR code, and the POS terminal is trusted not to steal funds. It could work IRL, because an evil POS terminal the stole things would be very obvious, and less likely to happen when a customer is there. However, sending the funds back to the same address is the problem - you have to assume the POS deletes the keys once it has finished with them, but what happens if it doesn't? Or what happens if it is hacked somehow?


If the POS wants to steal, just to keep the wallet generated from the QR and capture the password when you authorize a payment.

Within the limitations of typical resolution of a webcam, you could modify the QR of payment to that contains  a complete wallet with a different address from the side of deposit/change . The problem is that debit function disappears and is removed option to pay multiple times until the balance of cards are empty , because the change would go to another direction, we would have to wait to access the wallet that contains the private key of deposit/change addresses to return the balance to the card

But as recargases the direction of payment, if your fear is they have copied your wallet and password, you're just like before.


EDIT:
For the most paranoid, dispense a nice pvc card for a simple printing and make card wallet of a single use is a good option.

The problem is when you go back to reload, because if someone stole the data the first time, I could monitoring it until I had balance.
But we're assuming they're going to steal, if we were well through life we could not pay our regular cards.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
nimda
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


0xFB0D8D1534241423


View Profile
June 13, 2012, 11:00:38 PM
 #31

Yes, it is something like that.

I don't like the idea of disposable PVC cards... think what it would be like to throw away your credit card after every grocery-shopping trip!

re-statement:
Instead, having the merchant empty one of your wallets and send to the other would be ideal: he can't access the one he sends the change to. A bitcoind on your home computer would then refill the public address.

Another way of doing it, with the home-hosted bitcoind:
Have a public address 1CUST with a very small amount (~0.01 BTC). The merchant then charges a number of Satoshis from that to 1MERCH. The home-script sees this transaction. It multiplies the satoshis by some number (10,000?) and sends that amount to 1MERCH.


Both of these methods have a problem. They avoid giving out your main private key but:
1. With this method, the merchant could set up a program to rob your address as soon as it is filled back up
2. With this method, the merchant could charge the whole 0.01 BTC, causing your script to send 100 BTC to the merchant. You throw away the card, but the damage is done.

So really, I'm not seeing a viable way to make re-usable PVC bitcoin cards, given that there's no way short of rubber-hose cryptography to prove that someone owns such-and-such an address.

I recommend asking me for a signature from my GPG key before doing a trade. I will NEVER deny such a request.
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 13, 2012, 11:20:26 PM
 #32

Yes, it is something like that.

I don't like the idea of disposable PVC cards... think what it would be like to throw away your credit card after every grocery-shopping trip!

re-statement:
Instead, having the merchant empty one of your wallets and send to the other would be ideal: he can't access the one he sends the change to. A bitcoind on your home computer would then refill the public address.

Another way of doing it, with the home-hosted bitcoind:
Have a public address 1CUST with a very small amount (~0.01 BTC). The merchant then charges a number of Satoshis from that to 1MERCH. The home-script sees this transaction. It multiplies the satoshis by some number (10,000?) and sends that amount to 1MERCH.


Both of these methods have a problem. They avoid giving out your main private key but:
1. With this method, the merchant could set up a program to rob your address as soon as it is filled back up
2. With this method, the merchant could charge the whole 0.01 BTC, causing your script to send 100 BTC to the merchant. You throw away the card, but the damage is done.

So really, I'm not seeing a viable way to make re-usable PVC bitcoin cards, given that there's no way short of rubber-hose cryptography to prove that someone owns such-and-such an address.

PVC cards would never be disposable, it would be crazy. XD

In a previous post I wrote the following, it seems feasible but depends on the multi signature.
Quote
Does not appear be the case, fear of stolen is very apparent in bitcoin, even above our local currency. Concentrate an impenetrable security system in a single piece of plastic, not even the pvc veterans  have been able even (visa / mastercard ...).

When multisignature transactions are fully implemented in bitcoin clients, the operation of the cards could be adapted to the multisignature, so that each transaction must be authorized for a second private key, so even if we steal the private key of the card and our password to decrypt it, they could not operate ( could even dispense with encryption and key ) . Of course, this would add a further complication to the use of the card, a merchant will not let you go with the merchandise, hoping that later you grant permission the transaction.

Right now I can not think a simple option, anonymous and without relying on a centralized system to implement a system like this. Accepting all these drawbacks, one option would be to use a service like Twilio+CardAuthorizerServer, to link each card to the mobile phone number of user,  in this way when making a transaction the CardAuthorizerServer may call immediately the customer, and through an key ( hold in the mobile keypad ) authorize the transaction, as the CardAuthorizerServer would have the second private key.

One option following this scheme without multi signature, could be as follows:
The card contains only a small amount of Bitcoins, enough for the fee, to make a payment issue an invalid transaction but with all the necessary information for payment. Thus the CardAuthorizerServer detect this transaction, would take the data and perform the transaction, after request phone confirmation.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 13, 2012, 11:45:54 PM
 #33

In any case, the initial idea presented in the OP I think the most feasible comfortable and sufficiently secure to be a valid means of payment.

One of the main reasons that prompted this idea was to provide an easy way as to buy and use bitcoins because the cards could be purchased with credit.

Here https://bitcointalk.org/index.php?topic=87441.0 the same idea has emerged, but rather seems to have a centralized approach, based on e-wallet, considering that no codes to look at and has to be activated.

Obviously I like more mine  Wink


Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
TeslaUa
Full Member
***
Offline Offline

Activity: 168
Merit: 100



View Profile WWW
June 14, 2012, 06:12:15 AM
 #34

Realistically thinking there is no way around e-wallets in the future. The bitcoin network itself if a foundation and quite bulky one. We can not expect anyone else other than geeks running their homeservers 24/7 with bitcoind. Sure, e-wallets is a step back in some sense from the liberties bitcoin offers but in real world most people prefer to trade freedoms and security for convenience and we got to deal with it.
tbcoin
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000



View Profile WWW
June 14, 2012, 06:38:46 AM
Last edit: June 17, 2012, 07:44:54 PM by tbcoin
 #35

Realistically thinking there is no way around e-wallets in the future. The bitcoin network itself if a foundation and quite bulky one. We can not expect anyone else other than geeks running their homeservers 24/7 with bitcoind. Sure, e-wallets is a step back in some sense from the liberties bitcoin offers but in real world most people prefer to trade freedoms and security for convenience and we got to deal with it.

It is for this reason and because I don't like this idea that I raise these cards, personal wallet, remain without centralization or e-wallet, but without the user having no idea of the functioning or operation bitcoin not even need computer . The card can be purchased with balance and can be recharged via sms (as it does blockchain.info) at points of sale or ATM bitcoin ... etc.

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
DavinciJ15
Hero Member
*****
Offline Offline

Activity: 780
Merit: 510


Bitcoin - helping to end bankster enslavement.


View Profile WWW
October 14, 2012, 09:46:43 PM
 #36

Currently calculators are cheap to produce.  And 720p cameras are small and cheap.  NFC is also cheap as well.

Cram them together with a yes or no button and you have a bitcoin payment system.

How?  

Well the POS would be connected to the internet with the full bitcoinDB the bitcoin card would have the private key but it would not give it up.  It would instead give up the data to sign over the money.

You see a private key allows you to sign something and no one else can write that signature.  Thus the message coming from the NFC of the bitcoin card would be the data stream that needs to be posted to the bitcoin network.  

So a sale would go like this...

Merchant:  It's 5 btc use your bitcoin card to scan this QR that has the address to send and the amount:
Customer:  Uses his bitcoin card to scan the QR code and sees the amount on the one line screen.
Customer:  has an option to hit yes or no to price that includes a transaction fee from the POS system.
Customer:  Customer hits yes and the signed data is created to send over the NFC.
Customer:  touches the POS NFC receiver and the POS system takes the data and posts it to the bitcoin network.
Merchant:  Then decides if he wishes to trust the customer and hand over the merchandise or wait for specific number of confirmations.

This can be expanded to create a trusted DB of public keys where the POS can find out if the public key is trustworthy but the process would be complex to help ensure no public key got a fake trust status.  NOTE: For those that don't know you sign over your bitcoins from your public key to another, thus both sides of the ledger are visible to the POS.  Furthermore a bitcoin card would only have one public key for sending and receiving.

This is my 2 BTC cents.


Davinci
Pages: 1 2 [All]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!