RE: Loyalty cards - Trust, Privacy, Security and Convenience issues from Jonathan Rosenne on 2014-11-02 (public-webpayments-comments@w3.org from November 2014)

From: Jonathan Rosenne <jr@qsm.co.il>
Date: Sun, 2 Nov 2014 11:01:37 +0000
To: Web Payments CG <public-webpayments@w3.org>, "public-webpayments-comments@w3.org" <public-webpayments-comments@w3.org>
Message-ID: <9de9349097d34233a6c8f299e41fea92@AM3PR07MB0535.eurprd07.prod.outlook.com>

With EMV, loyalty can be separate application on the card which may be accessed by the merchant and if all it provides is the loyalty id and not the card id it is not subject to card security concerns.

Best Regards,

Jonathan Rosenne

From: Nate Otto [mailto:nate@ottonomy.net]
Sent: Sunday, November 02, 2014 10:16 AM
To: Anders Rundgren; Web Payments CG; public-webpayments-comments@w3.org
Subject: Re: Loyalty cards - Trust, Privacy, Security and Convenience issues

On Wed, Oct 29, 2014, 4:22 AM Anders Rundgren <anders.rundgren.net@gmail.com<mailto:anders.rundgren.net@gmail.com>> wrote:

sumed in the designs.

Would this really apply to payments + loyalty cards as well?  If the payment is anonymous like Apple Pay, there's nothing to bind the loyalty card to, which makes me wonder if we maybe need "active" loyalty cards (=backed by private keys).

I always thought of loyalty cards as a stores offering me deals in exchange for being able to connect my purchases together through an identity, even if I pay with cash. I bet they'll be used in the same way even if the store isn't able to discern as much about the ultimate source of the funds used.

Nate Otto, Developer
concentricsky.com<http://concentricsky.com>

Received on Sunday, 2 November 2014 11:02:08 UTC