Posted by: Taylor Hoff | January 19, 2011

The Future Has Arrived

Now at Starbucks: Buy a Latte by Waving Your Phone


Futurists have long predicted that one day, shoppers will swipe cellphones instead of credit cards to make purchases. At Starbucks stores nationwide, that is about to become a reality.

On Wednesday, Starbucks plans to announce that customers of the 6,800 stores the company operates in the United States and the 1,000 that are in Target stores will be able to pay for their lattes with their cellphones instead of pulling out cash or a credit card.

Various technology and payments companies, including PayPal, Bling Nation, Square, Venmo and now-deceased dot-com start-ups have been experimenting with ways to wean Americans off cash, credit cards or both.

But the introduction of mobile payments in Starbucks stores may be the most mainstream example yet.

Owners of BlackBerrys, iPhones or iPod Touches can use them to pay by downloading the free Starbucks Card app and holding their phones in front of a scanner at Starbucks cash registers. The money is subtracted from their Starbucks account, which they can load with credit cards or, on iPhones, with PayPal funds.

Previous mobile payment efforts have been stymied largely because it is expensive for retailers to install scanners that read shiny cellphone screens and because Americans have been just as content to reach into their pockets and purses for a credit card as for a phone.

Starbucks says that more than one-third of its customers use smartphones. “We’re providing them with the fastest way to pay,” Brady Brewer, vice president for the Starbucks card and brand loyalty, said in a statement.

Customers can also use the app to reload their cards, check their balances, find nearby stores and earn stars for purchases to trade in for free drinks.

Starbucks has tested mobile payments at some stores in Seattle, New York, Northern California and in Target stores. This is the first time the program will be nationwide.

So now there’s a dedicated payment method via phone! Eerily similar to the payment methods of Japanese mobile phones, which contain an RFID that is re-programmable. If I was ever going to use a touch-pay system, it would HAVE to have a re-programmable RFID. One of the worst security oversights in financial history has been the static encryption of RFID tags in credit cards, enabling modern day thieves to virtually pickpocket you in broad daylight. They do it by activating that chip in your credit card, and then batching the stolen card info for decryption. (Since any kind of static encryption will be broken within a matter of time.) Mobile phones have a power source that can rewrite the chip, however, so it would be a MUCH more secure form of payment than a chipped card, because it could change the key in set intervals. (Or random!)
Whenever that day comes, sign me up. I’d rather carry just my phone than 20 cards that end up demagnetizing or getting skimmed. (Just please, please encrypt the filesystems of phones that carry this data with them! PLEASE.)

Reactive mindsets will always be lagging behind in the cat and mouse game that is InfoSec.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: