Stranded! Has s/y Credit Card sailed?

Posted 27.07.2015 in PCI-DSS, Security by Marcus Björk

 

A couple of weeks in to the vacation I feel that I’m doing things that I normally don’t. Not all that uncommon, the Finnish summer thus far has provided us with a generous amount of water, an arctic breeze and for some reason my mobile network just won’t work properly. All in all it’s the perfect ingredients for experiencing new things.

Off we go for an afternoon coffee with supplementary pancakes. Packed with different kinds of credit cards (including contactless solutions) I found myself stranded as the summer café only accepted cash. As my wife and I tried to go through our wallets with extreme care, we were left with 45 cents and my dream for a coffee faded as I was experiencing a liquidity crisis. I felt like Louis Winthorpe III (Dan Aykroyd) in Trading Places feeling the frustration of having assets but not quite getting there… the rest is history.

Another solution that one can and do stumble upon in the summer landscape is iZettle. How would you react if you found iZettle in use and the merchant has it connected to an old Android phone with a cracked display? What does it tell you as a customer? Nothing… BUT… my imagination is vivid. What has been downloaded? What kind of malware can be found on THAT phone? Has the owner used it as recklessly as it has been handled? In reality there is no difference really, new phone or old, it’s all a question of how it’s used and what has been installed.  As a paying customer I do not think that I should have to worry about things like that. Do you?

The next time we went out to go “wild and crazy” (crepes this time) we were prepared, we had cash since we had learned the hard way that CASH is KING. With a glare at the menu I decided to go for “The taste of Lapland” i.e. Crepes with vanilla ice cream and cloudberry jam. Yummy. I paid with my credit card. Yes this place (also a summer café) had a POS terminal. My kids ate their ice creams, my wife and I eagerly awaited our crepes, after 20+ minutes the waitress came to our table and informed us that they were out of cloudberry jam. Sigh…

So… what’s my point?

  • To the customers I’d say: Be careful out there. Think twice and when in doubt use cash.
  • To the merchants I’d say: Offer your customers different payment options and keep them up to date and secure.

All options and security thoughts set aside. Your main concern should be to have something to sell when customers show up. The taste of Lapland still eludes me…

 

Written by Marcus Björk

Marcus is a problem solving economics freak with a past in Capital Markets systems. Seeking to solve the big picture from a Project Management view with a hands on understanding of the logic and framework of the tasks at hand.

Constant development, constant improvement. Think it, Tune it, Do it!

Related articles

Keeping secrets in AWS

The ability to keep secrets is very important on the internet. There is always someone who tries to get access to anything that is available. A common way to keep…

Are you DROWNing?

  Today a new SSL attack was released named DROWN Attack. DROWN stands for Decrypting RSA with Obsolete and Weakened eNcryption. You can read all the nasty details here DROWN Attack (CVE-2016-0800) To protect against DROWN,…

I Encrypt, therefore I Am

In this age of global surveillance and spying, encrypting communications has become the standard. Companies, big and small, are finally taking the necessary steps to encrypt all their traffic traversing…