We had stored value card payment system in Uzbekistan somewhere from 2003-2005 to 2010-2012. But no-one ever called it "stored value card", basically, I learnt the word today :) Everyone just called it "offline cards", in contrast with "online cards" which required Internet to do transactions.
The system was called UzKart (do not confuse with UzCard, which is modern online successor of that system). On the day when salary was paid, you had to find an online ATM or internet-connected terminal in the shop, and "load" money to the card. Then, you could use the money on the card to pay in offline terminals. Balance could be checked directly in offline terminals, you had to ask the seller to print it.
Sellers had a special offline card, called "merchant's card". In the end of the day they loaded all the transactions from an offline terminal to a merchant's card, and then brought the card to an ATM or a connected terminal, to synchronize payments with the bank account.
If, for some reason, at the time of synchronization some payments failed to clear, payer's card was banned and they had an angry call from the bank.
When the system was introduced, internet connection was expensive and unreliable. It co-existed with online cards, but merchants strongly preferred to deal with offline cards. As soon as mobile internet become cheaper and more widespread, offline cards died because of the hassle with "loading" and "unloading" them.
Which is similar to T-Money in South Korea, Octopus in Hong Kong, and later Suica in Japan. All of which if I remember correctly came before 2000.
They are still extremely popular in those region. One of the thing I dont understand is why these type of payment never took off in the West. Even things like Oyster card in the UK is only for transport but not for any other sort of payment.
Another point worth pointing out, Offline payment are much faster, with Sucia based on FeliCa capable of doing the transaction in less than 100ms. This is important in a transport system as heavily used as the Japanese transport. For people who are used to these type of payment, everything else just felt so slow.
With every iPhone now getting a Felica Chip built in, I was hoping this type of payment could take off. And yet nothing happened.
I don't know about Europe, but in the US, offline payments with regular credit cards are/were a thing.
In the old days, you could use an imprint machine to run the card, and mail in the charge slip. Raised numbers and imprint machines are uncool now, but they lasted a long time as backup in case the terminal wasn't working or the power was out.
As far as I know, most US cards include the metadata for offline charges, where the terminal processes transactions in bulk, but there's more risk for merchants than doing an online transaction.
Stored value cards are popular in transportation, where speed is important, fault tolerance is required, and connectivity is intermittent. But even for gift cards, it's more common to use the card as an identity token, and get the value from an online ledger; it makes alternate uses much simpler.
I'm always extremely leery any time those come out because the network is down. A furniture / appliance store in my hometown had an employee use the imprint machine to steal a bunch of credit card numbers, including my parents' card. They only found out because the police had been tipped off and found a bunch of carbon copy slips in the employee's apartment.
Just about any time an employee handles a card there's a risk of that. Waitstaff who pick your card up off the table and disappear with it for several minutes, the employee you hand the card to at a drive thru window, even employees who swipe it right in front of you could probably pass the numbers in front of a camera long enough to go back through the footage later and read off what they need.
The card readers we're supposed to navigate ourselves aren't perfect either, but it's much better when the card never leaves your hand. Honestly though I pretty much expect my card number will get stolen at some point. As long as I can keep an eye on my statements and my bank doesn't give me much hassle about reversing fraudulent charges when I see them it's not a huge deal.
In the US, we almost always hand the card to stuff and they almost always run it for us. It is only with the widespread adoption of technology like Apple Pay that this is changing in the US. No one is going to hand their phone to the wait staff, so the staff bring a terminal to the table.
Mobile terminals are starting to become a thing, but at least where I live it is very much the exception. Either you pay at the reception desk or hand your card to the staff at the table, depending on where you eat.
We sort of have two forces pushing in opposite directions:
* Many transport cards were NFC or RFID or otherwise "you don't have to take the card out of your wallet" years before general-purpose cards were. Now, many transit systems just promote "tap-on and off with your Visa and don't bother loading money into our closed-loop network." (Interestingly, I will note that Toronto's system at least is cheaper to ride if you do use the closed-loop card)
* Conversely, merchants-- especially large merchants-- have desperate desire to get away from the general purpose card networks due to high fees and sometimes clunky chargeback rules. Notice the handful of "Walmart Pay"/"Kroger Pay" apps that they'll support rather than enabling Apple or Google Pay at the till, or even things like Target and some petrol stations offering propriatery cards that connect to debit for settlement.
Transport cards could be appealing for the merchant audience-- they're likely cheaper to process and represent funds already confirmed by the transport operator. But they're not federated, so it would turn into a nightmare of a thousand individual integrations and a UX like the early days of (pre-Visa/MC branded) debit where you'd have to check if the merchant supported the specific network your card was on.
The Octopus is the de facto transport pass in Hong Kong (well, it's started by the major transport companies) and commonly used in many shops, it's also used by some for building access.
Octopus takes an 1.5% cut, I'm not sure if it applies to the founding transport companies but I assume the money will flow back to them anyway.
Recently, some transport services started incorporating Chinese e-wallets like Alipay and WeChat Pay which utilizes QR codes, and the agony of seeing people (mainly Chinese tourists) repeatedly scan and fail at the gates blocking the whole queue during rush hours is quite depressing after years of smooth access.
> They are still extremely popular in those region. One of the thing I dont understand is why these type of payment never took off in the West. Even things like Oyster card in the UK is only for transport but not for any other sort of payment.
From my memory, some newsagents etc. did allow payment by Oyster. But there just wasn't demand for it.
In Japan at least, many people don't have credit cards and are scared of any kind of debt (perhaps because debts are more enforceable here). So that might be a factor.
We used to have a popular system like that in the Netherlands (which I totally forgot about until reading GP) called Chipknip ('knip' being Dutch for 'wallet'). The system was eventually discontinued in favor of contactless debit cards, though.
In the early 90s I lived in Guelph, Canada. We were one of a couple of pilot cities for Mondex, a stored value card system that I think was owned by MasterCard. The city got a bunch of funding to get Mondex working everywhere from parking meters to buses, payphones, and of course private businesses. Everyone who wanted one was sent a Mondex card and a portable card reader which looked like a small calculator. You could put your card in it and press your thumb on a button to make the display show your balance. That little device allowed you to transfer money between cards if I recall, but I never figured out how. You could also see your past transactions and set a card PIN.
One of the cooler things Mondex could do was an early form of online banking. Some households were issued special phones from Bell Canada that looked like regular Nortel phones with a yellow card reader attached to the side and a much larger screen. You could log in to your bank directly from the phone and transfer money out of your account into the card. You could also use an ATM if you didn't have the phone.
It was a pretty neat technology but at just around the same time Interac debit payments really started to take off and people were much happier to have a card linked to their accounts rather than a card with a balance you could lose. The payments were also pretty slow, so anyone paying for the bus slowed the line down.
I still have my card and reader somewhere and I think it has a few dollars left on it. The last time I looked, many years ago, the only transactions that showed up on the reader were coffee purchases at Tim Hortons.
In the mid 90's in Canada we had similar cards, but they were only for pay phones. Before cell phones became cheap, parents would buy these pre-loaded cards for their tweens and teens so they could call for a ride when they were done at the mall or whatever.
Personally, I did the collect call thing to my parents, especially after the system was automated.
Robot Voice: Hello, you have a local collect call from "mig39 is ready to be picked up" -- do you accept the charges? Then my parents would just hang up and come get me.
There was also a "ewallet" card in France when I was a teenager, but it was mostly targeted at children and senior. Now I'm wondering if it was a true offline card or not.
Edit:
Can't find technical details on Wikipedia[0] but the fact that funds could be added online indicate it wasn't offline? I would love if someone here worked on it then.
I'm surprised we don't have something like this in the U.S. Just last week I was withdrawing cash from an ATM because I was worried the power would be out for a few days and my debit card wouldn't work.
Almost-ubiquitous, almost-free network connectivity can be a curse when it comes to the development of resilient systems.
The US has had free local calling for many decades now, so online card authorizations were always much cheaper than in many other countries, even long before the internet.
Still, there were some applications: The article mentions laundromats, but as far as I know, US military ships have also had a similar system.
There’s an interesting recent legislation proposal today that argues for a very similar system, but primarily for the sake of privacy (although network/power failure resiliency would be nice secondary benefits): https://ecashact.us/
That's interesting. In Russia, cards didn't really catch up for a long time, but once they did, they were online cards with GSM-enabled card terminals.
Until 2010, most people will get their salary on a card, go to ATM, withdraw paper money and pay with that. Actually, cards only became relevant with the advent of contactless/NFC cards, which started around 2012. Then they spread like wildfire.
I wonder what caused the adoption of UzKart compared with plain old cash. I also wonder if any neighbouring countries had similar systems and what their adoption levels were.
> I wonder what caused the adoption of UzKart compared with plain old cash.
One of the main reasons to introduce UzKart was to force the "gray" economy back under the eye of the tax authority. So adoption was forced by the government by mandating paying a certain part of the salary to UzKart and limiting cash withdrawals.
Reminds me of minutes loading of SIMs in Philippines in the early 2000s... Loading was available every single tiny soda stand to bodega to major shopping - they were Uzbek-quitous :-)
I have some friend who have made millions over the years in selling international calling cards and routing them through their SIP networks...
There is the ability to make a completely separate transactional system outside of of Central Bank Control, using these stacks for card loading and calling (network access) etc... but generally fighting against Money Monopolies is suicide for your business.
And on the one hand, rightfully so - EXCEPT in cases like SBF... that guy is such a criminal, the central banks like him, and his parents, and his donations, and his fraud...
In more recent times, we had to think about this problem in Indian market context. I saw this problem as online vs offline payments problem.
If both parties are offline, can you still make a secure transfer of stored value? Yes, with a trusted execution environment and cryptography, you can do it. So, yeah, smart card works; a smartphone works, a feature phone with NFC smart card works etc. For each, the risk profile is different which affects the answer to the next question.
Then, when does reconciliation happen? When either party goes online? What if it is not a closed loop system? Then, reconciliation needs to happen for both parties independently. How long can either party stay offline and continue to make transactions? Is it both send and receive or only send on one side and only receive on another side? What if one party (merchant/receiver) is more likely to be online (almost always). Does it just become online payments problem then? NFC tap and pay is exactly this scenario.
In India, right now, we have NETC stored value cards for closed loop systems like metro. For open systems like UPI we have recently introduced offline payments capability with very small stored value stored as tokens on the mobile phone and used for very small transactions. As the banks learn the real-world operational risks, the wallet limits and transaction limits will be increased.
The real solution is to let the receiver of the money have a "verify" button which will, if connected to the internet, contact a central server and check that no double-spends etc. have happened. Up until verification is done, the money shows as "provisional" in your account - but you can still spend it. Only one person in the chain needs to verify for the whole chain to become permanent.
Then the users and merchants can decide if they wait to click the verify button. And the default for anyone with data connectivity should probably be auto-verification. There is an incentive to verify, because if any double-spending has happened, the first to verify is the one who gets the money.
Double-spends will happen in any system that allows offline transactions, because a user has to be allowed to log into a new device (if they lose their old one), and there is no way to know if the money spent from their old device was synced to the server yet.
I get the idea, but I think this is a terrible UX. People shouldn’t have to worry about whether they have real money or not. Either the system is secure or it isn’t.
> because a user has to be allowed to log into a new device (if they lose their old one)
You can solve for that by having short validity of the offline tokens on device and having that equal the cool-off period for reclaiming those funds when new device is provisioned. If I had ₹100 unspent tokens in my offline capable device that I lost, and got a new device provisioned the same day, then that ₹100 will show up in my account and be available to load on my device only after, say 7 days, of cooling-off period. In those 7 days, if someone who found your device could spend it and if so you lose it. If you know you are likely to be offline only sporadically for few hours and not for days, you can reduce the validity (and hence cooling-off period) significantly to just 12 or 24 hours.
I think this system has to be designed for some users who will never be online. Think of villages where there is no internet access yet (only 8% of Eritrea has access to the internet for example!). Hence there can't be a 'if you don't log in for 7 days you lose your money' mode.
Let me clarify: if you have you device with you (didn't lose the device) and you didn't make contact with another online device for more than cool-off period, your device tokens won't be refreshed and they will expire and become unspendable. You don't lose that money – it is still in your account and will be available for you spend as soon as you go online. The "lose your money" scenario is only if you lose your device and someone finds your device and spends the money on the device within the cool-off period. It is equivalent to losing your cash wallet and someone else spending your cash. Except in case of cash, that stolen/found cash is lost forever and is valid to be spent by the thief/finder forever whereas in this case there is a small time-window after which you automatically don't actually lose your money!
> Up until verification is done, the money shows as "provisional" in your account - but you can still spend it.
Who would accept "provisional money" though, if there is a realistic risk of it being double spent and therefore effectively worthless?
> Double-spends will happen in any system that allows offline transactions
Only if you assume untrusted devices. That's why in most past and existing stored-value systems, smartcards are being used – these have different security properties.
But these aren't mandatory: Physical cash also can't be replaced when lost, and only rarely when physically destroyed. That model might be preferred in some scenarios.
> Then, when does reconciliation happen? When either party goes online?
In many existing systems, there's a split between "merchant" and "customer" cards, of which only merchant cards are allowed to accept payments. Merchants often have to go online once per day and batch-submit all of the day's payments in order to be guaranteed settlement.
Among other advantages, this allows for a "lost/stolen" card feature: If a user loses a card, that card can be denylisted on a global list synchronized to all merchant terminals daily. After another day of waiting for straggler transactions, it's possible to determine the remaining balance of the lost card from the backend, and reimburse its owner, since further funds on the card can no longer be spent anywhere in the system.
One day is essentially just an arbitrary timespan here – you could make it 14 days, or an hour. In the systems I've looked at closely, one day makes sense because these are historically transit-focused, and e.g. buses don't have continuous network connectivity, but do go to a depot in the evening, which is a good opportunity to clear and settle all of the day's payments.
Customer cards never need to be online in such a scheme.
:-) that assumes cash is trivial. It is not for so many reasons. Cash is bulky and discrete. Cash is visible and easily snatched/coerced from you.
Apart from classical robbery held at knifepoint or gunpoint and taken to an atm and being robbed or being blackmailed to actually do instant money transfer online which do happen, there are other lower threshold but more frequently occurring and more painful cash "thefts".
One eye-opening story I learnt a while ago was this: the women daily wage workers (or the household help that comes to my home) who are typically the breadwinners for the family are coerced by their drunk husbands to give their hard earned cash which they will waste on more alcohol or gambling. This was the situation for decades. Now, with zero-balance, zero-cost bank accounts being made available at scale in India, these women can now keep their money safe and provide care for their children by refusing to give money to their husbands (usually it involves telling them they don't have the money to give when in fact they do in their banks). Such is the social reality for so many.
cash also has a fantastic advantage that no piece of technology will ever have - its ability to level the playing field in terms of access. No government can invalidate your cash without simultaneously invalidating all cash. This is not the case with any digital system.
I fully agree, but in fact stored-value cards offer a plausible path forward for private electronic money:
Most existing stored-value systems use "shadow accounts" for reconciliation (in case one of the card-level private keys gets compromised and makes it possible to "double-spend" electronic cash), but that's not really a required part of the system. If it's secure enough, it's possible to just leave these out!
It's probably also possible to create some kind of hybrid system which does create pseudonymous traceable logs which offer some trade-off between privacy and security, similar to how banknotes have serial numbers which can theoretically be traced, but practically mostly aren't.
And the enormous advantage of a privacy-preserving e-cash/stored-value system over cash is that it works on the internet too.
The story and the connection to bank accounts don't sound logical at all. It's not like the husbands wouldn't know that the money is there somewhere. If a random person can do to another person a "classical robbery held at knifepoint or gunpoint and taken to an atm and being robbed or being blackmailed to actually do instant money transfer online", why wouldn't husbands catch on to this? The women could, in theory, have more than one bank account and hide how much they earn and save by keeping a lower balance in the account known to the husband. But the same could also be done with physical cash by handing a chunk of it to a trusted person (for expenses and savings) and keeping a smaller amount at home to be snatched.
With one or more bank accounts, the woman must now keep her phone safe and inaccessible from the husband too. Or she must be very quick and diligent in deleting all the SMSes sent by banks for all kinds of transactions. This adds more hassles than saving cash with someone else.
In all the cases of alcoholism and men snatching money from the women/household without any other care, it's violence that keeps that relationship and "contract" alive. That violence isn't going to disappear just because physical cash is replaced by a bank account.
In summary, I don't buy the conclusion you've quickly jumped to.
I don't quite get the example, like the other user said in this case the husband would clearly understand his wife is still working, so of course he won't believe it? So if he has a alcohol and gambling problem then he will still try some method?
>For open systems like UPI we have recently introduced offline payments capability with very small stored value stored as tokens on the mobile phone and used for very small transactions.
Sounds interesting! I read about India's UPI for the first time a couple of months ago in an Economist article: https://archive.ph/WoqQp
> Then, when does reconciliation happen? When either party goes online? What if it is not a closed loop system? Then, reconciliation needs to happen for both parties independently. How long can either
You can solve that by actually having the money in the device so that reconciliation is not required, digital cash like the abandoned Mondex stored value system.
Please don't scorch me HN, this isn't an endorsement, just a question for thought -- but isn't this one of the things Lightning is sort of meant to solve?
lol, literally less than 20 seconds.
> Then, when does reconciliation happen? When either party goes online? What if it is not a closed loop system? Then, reconciliation needs to happen for both parties independently. How long can either party stay offline and continue to make transactions? Is it both send and receive or only send on one side and only receive on another side? What if one party (merchant/receiver) is more likely to be online (almost always). Does it just become online payments problem then? NFC tap and pay is exactly this scenario.
Again, literally the exact problem statement and value proposition of Lightning, but stupid, stupid me for daring to mention it here, I guess. Feel free to ignore that the idea behind Lightning could be useful without being tied to crypto, but can't possibly have a conversation about that. Nope.
>but can't possibly have a conversation about that. Nope.
What conversation? You just dropped in here with flamewar bait and complaining about some self-imagined persecution without contributing any substance. Hence your comment is now gray.
they didn't even explain what they were talking about. Where I'm from, lightning is an electrical discharge weather phenomenon usually accompanied by thunder
Thanks for at least offering something interesting. To be honest, the state of crypto is past what I can keep up with, but that gives me some concrete foot-holds to look into Phonon vs Lightning more.
Wow this discussion unlocked a long-lost memory: the Swedish "cash card" - a stored value card where you'd use a terminal to load money off your bank account onto the stored value card and then use it in participating stores. If you lost the card you lost the money. The fees to merchants were too high so it never gained any adoption, it looks like it only was available from 1997-2004. The Wikipedia references a German version, Geldkarte, which apparently had a renaissance when it could double as proof of age for tobacco vending machines...
I'm also reminded of the magstripe stored value cards used by our public transit agency. These were trivial to rewrite, but since most people who tried this did it to save money on their commute rather than random joyriding, it was easy for the agency to reconcile the usage logs to find out where they went every day and wait for them at their station...
These days I think the main advantage to offline systems is performance. When you have a busy subway station in Tokyo with massive crowds passing through the gates, nothing beats the throughout of offline Felicia Suica cards. Their gates default to open and you walk through while swiping without stopping, the gates only close if there is a failure. Vs EMV-based systems like London where you have to stop and wait for the card reader
As others have said, EMV doesn't have to phone home, and London's TfL system often doesn't straight away because they might not even have a connection (my bus this morning definitely didn't). It's also not charging the payment immediately, because the charge is unknown at that point - you might not know until the end of the day or week what the charge is, because travel rates are capped and dependent on the zones you're traveling in.
As to the gates being default closed, well, gates at train/tube stations can accept a range of things being presented to them including smartphone/watch payments, bank card contactless, Oyster card, Oyster season tickets, paper tickets with magnetic stripes, paper/magnetic season tickets, and Freedom passes (technically a special sort of Oyster season ticket, I think).
If you're traveling with a paper/magnetic ticket, you're going to have to insert it into the mag reader and wait for it to spit it out before it opens the gates. Can't be swiped.
That, combined with the fact TfL already have a problem with revenue protection (some people jump gates), albeit not quite as bad as you'll see in most of Paris or Rome, means they're going to keep the gates closed by default.
Fare dodging in Tokyo is almost unthinkable. Social constructs mean they can do something at those gates few other cities of that size can get away with.
Interesting. So there's no verification of the card validity at all? I assumed at least they took an auth hold like gas stations do. If I call and get my card blocked I can use that now-invalid card and ride for free?
So why then are the EMV card readers so damn slow? Is it just a NFC vs FeliCa thing?
The Tokyo metro system also supports paper (mag stripe) tickets through the same fare gates. Those are also spit through the gate super fast.
On a failed read, the gates close nearly-instantly, I don't think they would actually aid in fare avoidance, you do see people run into them painfully when their card has too low balance.
From personal experience, if you use an EMV card that has been blocked on TfL services, you will sometimes be able to travel. I did this by accident once. I could see TfL repeatedly trying to debit my account with incorrect information for about a week. I doubt all of their readers are offline, and I suspect that a card gets blacklisted if it declines. I suspect this is also because they only charge at the end of the day once they have computed the correct fare (with capping etc)
> On a failed read, the gates close nearly-instantly, I don't think they would actually aid in fare avoidance, you do see people run into them painfully when their card has too low balance.
I'm talking about the instance where somebody doesn't even scan: they just walk through. That is possible in some stations in London, and it's perhaps not a coincidence that's where the worst fare avoidance occurs.
> Vs EMV-based systems like London where you have to stop and wait for the card reader
Throughput depends on the people being ready.
In London the TfL gates (both train/underground) have a delay on closing, so it's possible for the next person's pass (whatever it is) to be scanned before the gates close. At busy times there are enough people already ready with their passes that the gates don't shut at all between scans and there is steady flow of people passing through. It only fails when someone faffs a bit too long with their pass/phone/watch/etc and you get a temporary stall.
Even approaching a closed gate it's possible, with a bit of practice and an outstretched arm, to walk through without having to break stride.
You do have to be careful of some people intentionally using an invalid card, resulting in the gates closing, and the person behind them letting them through with their subsequent scan whilst being left at the gate themselves (easily solved by then going to see one of the gate operatives and explaining the situation).
The things that aren't quite there yet, in terms of speed, are the QR codes being used for digital rail tickets, they have a separate optical reader (obviously) that doesn't work quickly/easily enough to walk through without breaking stride as you have to faff with a piece of paper or your phone rather than a simple NFC.
The wonderfull Cash-chip was embedded into Visa debit card issued by the bank. It also had "Valid in Sweden only" printed beside it, on an othervise internationally recognized debit-card.
I know of at least one person who had to spend the night in a detainment cell at JFK and then had to take a plane back to Sweden the next morning because the customs agent concluded that they didn't have any money for their stay in New York.
Germany: Geldkarte (German: "money card") is a stored-value card or electronic cash system used in Germany. It operates as an offline smart card for small payment at things like vending machines and to pay for public transport or parking tickets. The card is pre-paid and funds are loaded onto the card using ATMs or dedicated charging machines. The system will be abandoned from 2024.
The similar Austrian system was called 'Quick' and has been defunct for a few years now. I only ever used it for vending machines, mostly cigarettes
https://de.wikipedia.org/wiki/Quick_(Geldkarte)
It depends on both issuer, acquirer and the particular merchant. Second step of the EMV transaction (after the terminal verifies that the card was issued by known issuer) involves the card and terminal comparing their authentication and authorization policies, which might very well result in no-op being acceptable to both. The system is not designed to be secure against fraud, but to assign liability for the fraud to particular party in cryptographically verifiable way. So as a merchant (think public transport) you can very well accept cards offline without any kind of CHV step, but the possible fraud is your problem.
I kind of like the solution adopted by the Polish city of Wrocław (and many others, but Wrocław is the one I'm personally familiar with.)
Their transit system relies on bog-standard bank-issued Visa / Mastercard payment cards, the kind most Polish people already have in their wallets. When you buy a ticket (usually at a ticket machine at the stop or in the vehicle itself), the machine temporarily remembers some of your card information. If a ticket inspector comes, you just tap your normal credit / debit card to their terminal, which queries the vehicle's systems somehow. It's basically the reverse of a storage-value system, they use a payment card for a kind of identification.
All transactions are performed offline, usually the next day. Tickets are cheap enough that fraud is not a big concern, and there's a system in place to blacklist cards that can't be credited. If you end up on that blacklist, you have to go to their website or office, enter your card number / tap your card and pay the missing amount.
If you're a resident and not a tourist, there's also a system of transit cards I believe.
Am I the only one here that remembers credit cards before they used any sort of online processing?
Back in the day, paying with a credit card was a hassle. There was a machine that would take an imprint of your card and you would sign the imprint. There was no authorization.
I worked a retail mall job in the early 90s. We had a computer/POS system that had a built-in swiper for credit cards. You'd swipe, hit a key, then listen to it dial out, connect, beep, etc. A CC payment took minimum 30 seconds, usually closer to a minute. December was always a huge slowdown for cc payments. Occasionally we'd pull out the imprint machine and do a few of those, and... for some reason, I seem to remember we had to use it for amex or diners club or discover or some other 'non-traditional' card, but those were a rarity - I think I may have done 2 or 3 of those a year.
Most places seemed to have 'swipe in the terminal' only by late 90s.
I used to be the one running those cards through the machine! We actually would call someone (credit card processor?) to give them the details and we'd get an auth code back that we wrote down.
I worked in a gas station taking credit cards w/ an imprint machine. We had a book, updated monthly, of card numbers to decline. That was in 1990. By 1994 we were calling a toll free number and reading (part of?) the account number for authorization.
I’m curious to know when exactly that practice ended in Western Europe and North America. As a millennial, the only time I ever encountered it was in 2008 in an outdoor shop in Thamel, Kathmandu’s backpacker ghetto. The owners said that they could not accept my Visa Electron card (standard European debit card) because it was not a real credit card, and they showed me the machine they used to take imprints of real credit cards. Of course, this was all gone by my next visit to Nepal a couple of years later.
I remember doing the authorisation by phoning up a Streamline who would give you an authorisation code to put on the credit card form. I worked for Electronics Boutique and we couldn't give the games out without the code
I'm of that vintage of credit card user that remembers this. I used to keep my counterfoils (I think that's what they were called) to reconcile what was remaining on my available credit. I seem to remember there was a printed list of that some merchants used to look up invalidated cards before electronic terminals replaced mechanical card swipe machines.
I'd like to comment on this part, about actually writing on cards:
> you can create an account online and associate the card with your account, and then you can add value online. This is convenient, but confronts the offline nature of the system. You add value to the card, but there's no way to write the new value to it.
> The solution, or at least partial solution, to this problem looks something like this: fare payment terminals have to receive a streaming log of value-add operations so that they can apply them next they are presented with the relevant card.
I think that's why new systems often use NFC, since smartphones can do NFC this has the potential (because many NFC transit cards don't allow it yet) to actually charge cards from smartphones. In practice, none of the transit systems I regularly use allow it, and although it's in beta in Paris they only whitelist a handful of specific smartphone models so I can't do it either. But it's a possibility.
It could work the same with ISO 7816 smartcards if people just had card readers at home, but in practice here in Belgium where most people have such card readers (used to authenticate online with one's national ID card, although this is becoming less common now that there's a smartphone app for that), this has never been used for anything else basically.
And for some reason, smartcard companies seem to be totally unable to devise user-friendly interfaces. It's been more than 30 years now so you might think they have had the time to think about it, but... no. I wish there was just a web standard for that with a standard browser-provided UI.
I've just used this in Malaysia, they have a card called Touch n Go that is very widely accepted.
You can load up the card using cash terminals or via a smartphone app with NFC, you can use that to check the balance as well
> And for some reason, smartcard companies seem to be totally unable to devise user-friendly interfaces. It's been more than 30 years now so you might think they have had the time to think about it, but... no. I wish there was just a web standard for that with a standard browser-provided UI.
Browser development is driven from the US. Smartcards development is driven from Europe. I expect that the same frictions that happens in deployment of smartcards for banking also happens in the browsers world.
Charging the Paris transit card (Île-de-France Mobilités) via NFC is out of beta for at least one year now. Much convenient to bypass queues at the start of each month.
My grandfather was at the head of a French company that pioneered the smart card for banking use. They started with the payphone, continued with the Vitale card (public health system card), then did the credit card. He told me stories of him going in many countries to sell the tech and concept, and this article nails it: this is a French thing, so the US did not want it. They did not want it so badly that magstripe is still commonplace. Its quite nice to listen to him about the beginnings of computing, the notion of "datacenter", etc.
> this is a French thing, so the US did not want it
Given how common US things are in Europe, I'm surprised there isn't more of a trading war over things like this. Personally, I think the EU should penalise foreign all social media companies, and fund local start-ups to replaces them.
Well, one of the reasons I kind of play up the French origin of this technology is because I think it turns into an interesting twist when it comes to US government adoption. Articles from the time period seem to agree that the technology was having a really hard time crossing the ocean from Europe, and while there were several factors I think a good chunk of it was just the payment networks in the US not being interested in adopting something new.
But there's a bit of irony where, post 9/11, the US federal government decided they needed to really pick things up when it came to secure identity for federal employees and military personnel. So they developed and adopted the PIV standard now used for all federal credentials, which is a very soup-to-nuts smart-card based identity solution complete with PKI certificates and offline biometric authentication. The problem is that smart card technology, clearly the way to achieve this, hadn't taken off in the US, so they ended up having to buy pretty much the whole solution from France. Not that big of a deal in practice as Thales is a major defense contractor to the US anyway, but sort of a disappointment considering all the interest in keeping a strong domestic military technology capability.
One wonders where the NSA was during this process, but the NSA has a tendency to both overengineer things to a degree that widespread use is infeasible, and keep things secret to a degree that widespread use is undesirable. So the more homegrown solutions to similar problems, things like the Fortezza cards, were complete nonstarters as a widespread solution to identifying federal personnel. So we have one of the factors here in the United States general lag in adoption of identity technology compared to other, especially European, countries.
I spent a few years with a Mondex card[1] (I assume Exeter university was one of the test locations?) and it was vaguely useful: most places on campus accepted it so you could use it to pay for a pint, print or photocopy, or buy course books. Looking through the list of what it could do though it seems it was pretty underutilized. In the test location I was in you couldn’t transfer funds to another person or use multiple currencies, and I don’t remember any personal readers.
Had to read surprisingly far before there was a mention of transit cards — which is the first thing that comes to mind when I think about stored-value cards.
In my city's implementation the offline-ness of the system is very apparent. If you add value to your card online, you have to come to a subway station to stick the card into a reader to have your new balance written. The turnstiles at the same station don't do that either despite definitely having a network connection, you have to specifically use the balance-checking or ticket-selling machines.
The only application I've seen that isn't transit is at arcades. You'd buy a "member" card that you'd put money into. Each machine would have some sort of terminal where you tap or swipe that card to add credits to the game. But then I'm not quite sure if these systems are offline or these terminals are connected into a network.
Sometimes back in 90ties, in Belarus, we had payphones that accepted prepaid payphone cards. I don't remember if you could reload them or you just bought one with credits already on them, but you certainly could change a few bytes on the card's chip memory to set credits about to any value you wanted. And the hardest part was actually finding contact board that matched chip's contacts layout, to wire it up to LPT port. But otherwise it was "plaintext" value you change in the hex editor.
Yeah they used a laser to read and burn along a strip in the card. (It was a bit more subtle than I've described it, and you couldn't see the burn mark.)
PSA: The author of this post also runs a niche YouTube channel that is notoriously under-subscribed. For everyone interested in retro tech & technical infrastructure in the real world, go head over here: https://www.youtube.com/@computersarebad
> SIM cards are just smart cards. [...] SIM cards no longer conform is ISO 7810 in most cases (having migrated to the smaller micro and nano formats), but continue to be compliant with ISO 7816 for electrical and protocol compatibility.
Over the past 20 years, I've used mobile cellular telephones that take mini-SIM, micro-SIM, and nano-SIM. I didn't get to experience the full-size SIM card, but learned about this obscure fact from online photos and museums. Example: https://twitter.com/phone_museum/status/1287310071907713024
> Why is it that SVCs gained so little traction for payments in the US?
Another obscure point is that during the Bitcoin craze of the mid-2010s, the Canadian government tried to pitch MintChip as a competitor. It fizzled out and went nowhere. https://en.wikipedia.org/wiki/MintChip
> Offline systems simplify payment networks in some ways, but also add complexity, which is often apparent in transit systems that combine offline terminals (for example in buses) and online terminals (for example at train platforms). [...] If you add value to a card with a zero (or near zero) value and then try to board a bus, it is likely that you will be rejected: the value-add hasn't been written to the card yet, and the bus terminal hasn't been told about it. The transit operator often sets an expectation of one business day for online value adds to be available if your first trip is an offline terminal If you add value to a card with a zero (or near zero) value and then try to board a bus, it is likely that you will be rejected: the value-add hasn't been written to the card yet, and the bus terminal hasn't been told about it.
This perfectly describes the situation in Toronto/Ontario with PRESTO, adding value, and tapping on buses.
> On the smart card, there is a value in nonvolatile memory that represents the amount of money on the card. When you add money, the VTM increments that value.
> Of course you can see the problems with this scheme: couldn't anyone just write a bigger number to the card?
In my college days we had a vending machine which worked with a NFC card.
I bough a NFC reader/writer, and quickly found out that the amount of money was exactly as described above. After a couple of tries I found out that the maximum amount of money was 22€. Free snacks for a couple of years until they changed the machine to accept only cash.
No, I'm not ashamed.
EDIT: The cards were anonymous, even if the machine somehow tracked the card use (I have no idea if they did), there was not way to trace it back to a person
One of the first stored-value bank cards was called Proton and trialled in Belgium as early as Feb 1995 [0].
I have fond memories as a young teenager topping up the card at my bank ATM (just transferring money from my current account to the proton bit of my debit card) and buying my weekly & monthly computer magazines at the local newsagent. I'm surprised it survived until late 2014, a nearly 20 year long run.
Consumers want mugging to not happen, and shopkeepers also want robbery to not happen. Violent theft has trended down along side the rise of debit and credit cards. Cards that act in cash negate that benefit, since you can once again steal something untraceable that can't be remotely revoked.
The general trend that I see is that institutions [0] will always favor centralization of telemetry and control (eg the concept of legibility). You don't even need to phrase it in the terms of profiling/tracking per se, although those are instances of the general.
I think I even feel the same dynamic with something as banal and informal as home automation. With some kind of computer (eg microcontroller) at every node I certainly could keep the local control local. Or I could just focus on publishing data to the "network" [1] and getting commands back, and making the interface a given device exports as simple as possible.
We see the results of this harsh dynamic for platforms that allow for hub-less control (eg Zwave I think). Nifty and more robust, but it adds to the bespokeness and siloing/lock-in. It's just so much more complexity that then has to be configured, and then grokked to know what the system will actually do. Whereas backhaul state and control to a general purpose Linux machine running python and you can do "whatever you want" (modulo that singular machine having a problem).
Not a great dynamic for those of us that like freedom.
[0] or really any entity, corporations and governments can just fulfill the imperative at scale
[1] full extrapolation in the corporate context - "cloud"
I believe this is the case too, at least for the US. Why, no profit to be made from people using these. We have Credit Cards and the Banks get a cut from the store and from people who do not pay their full balances off, and the stores hide these fees from their customers.
Now some stores are starting to add special fees for Credit Card use, which the Banks are trying to eliminate these fees via the US Congress. They know as well as I do, if stores start charging fees for Credit Card use, many people would jump right back to cash. This would decrease their profits.
I mean. It’s already happened. Thanks to some clever non-intuitive use of escrow contracts one can create fungible cash-like electronic money for offline transactions.
Oh wow, a lot of technology in there from my past... in the late 90's I worked at a startup, Cards Etc, in Sydney, Australia with the mission to build a back-end system, Arterium, for dealing with multi-application smart card issuance.
The product is still mentioned in a couple of articles...
NYC metro cards are reportedly a form of stored-value card. When you swipe, it reads the value, writes the new value, and checks that the correct value was written. Transactions are later synced to a database to catch fraud and so forth. https://www.reddit.com/r/AskNYC/comments/nsicuj/technologica...
NYC MetroCard is yet another Cubic transit SVC system, and so the system is largely identical to other Cubic systems like Clipper, Oyster, etc. As a rule of thumb, most transit card systems in the US and Western Europe are Cubic, but there are plenty of exceptions.
I remember getting my first debit card from my local bank in Germany as a teenager. It was in the early 90s, I believe.
It had a chip with the ubiquitous brass contacts almost any card has today.
My uncle had participated in the patent filings for some of the tech, years earlier, for his employer.
He had explained to me, already in the 80s, how this would be the future of carrying money around.
It never took off. My personal take is that it was simply an oversight in UX.
There was no way to check the balance on the chip without going to an ATM.
Furthermore only some ATMs of some banks carried the hardware/software to do so. I also don't recall if you could even check your balance if the ATM belonged to another bank.
Also paying by card was far from common in Germany then so few shops carried the readers. It was mostly only big supermarkets and department stores.
I.e. it was double inconvenient compared to cash.
And Germany being a safe country, the added security in case of theft didn't help. It was also a minor factor since a thieve that would steel your purse would simply throw the card away. The money would be gone either way.
One neat feature of clipper cards I discovered is that they could be transferred onto a smartphone. As a stored value card, I imagine the process involves a smartphone reading the stored value, zeroing it, and then provide a virtualized implementation of whatever the underlying SmartCard technology is (Java Card maybe).
The first time I used that feature, I instinctively thought that by adding my clipper card to my smartphone, my smartphone merely has another manifestation of the same clipper card as the original plastic card, much like a credit card but with a special device-specific card number, or like a Unix hard link. Of course I was wrong. The actual card itself was transferred.
Starting from 1996 we had ChipKnip in the Netherlands. When it came out you could already pay with debitcards in most shops. The added benefit was that it was suited for small purchases and worked in places without a phoneline, like the bus.
One problem is that if you break or lose the card your money will be gone. I remeber that when I was a child more then once I broke my card and had to tape it togheter in aome wild fashion in order to use my money.
Singapore has EZ Link and NETS. Anyone who drives in Singapore would be familiar with NETS as it is the main payment method for car parks (parking garages for my American brethren).
NETS has been slowly transitioning from a contact based card (similar to a SIM card) to a NFC/RFID contactless card. Some car parks do NOT accept the new type contactless card which means that you really need to have both flavors of NETS cards when driving.
I had this for laundry at school in France! I recently was at a US university, and having to use an app and sign up to start my laundry was something awful in comparison (though I liked getting $5 in free credit for some unknown reason)
Coincidentally Japan just indefinitely suspended sales of their famous SVCs due to the semiconductor shortage, and BART had issued a similar warning about shortages last year.
My first encounter was with VendaCard being used in mid-80s at the University libraries for photocopies. Seems they've also been used for autolaundrymats.
just a small reminder of how convoluted the process of buyer and merchant payments has become.
It used to be simple:
- buyer hands the money to the merchant.
- merchant verifies monetary value. If monetary value is valid then merchant gives buyer the item. Otherwise, tells them to piss off/get bent.
- buyer walks away with item
But major credit/debit card processors (visa, mc, amex) had to insert their hands into the pockets of every buyer and merchant to get their 3-5% cut on each transaction.
Now it’s a much more complicated process that happens more “seamlessly”:
- buyer presents debit or credit card
- merchant checks if debit or credit card is accepted by their payment processor —> if not accepted, tell buyer present diff card or “get bent”
- merchant swipes/taps/keys-in card information and attempts to process the transaction. A decision is typically reached within less than <1 second —> if declined, try again. If further declined, tell buyer card declined. Buyer insists it’s good and to run it again. Merchant runs it again, it’s successfully processed (wtf?). If not, tell buyer to get bent.
- buyer walks away with the item
In the background, in order to accept debit and credit cards the merchant had to sign a deal with the devil and pick one of the many payment processors. Merchant could have gone with his bank’s processor but turns out the merchant doesn’t have the right paperwork or lacks the revenue to qualify for a “premium” account. So the merchant looks elsewhere and finds a promising payment processor elsewhere but fails to read the fine print. In addition to the 3-5% fee charged by the major CC networks, the processor will take a 5 cent transaction fee to process, in addition to a 1 cent “inter network” processing fee. ALSO, the “free” equipment that’s provided to your business has a $50 month maintenance fee in perpetuity. On the flip side, if you transact 100K per month, they will cut the transaction fees by 25%, oh how generous!
Oh did I forget to mention that some cards have “premium” fees? So if a buyer presents a “black card”, the merchant is then charged by the bank issuing the card another fee. Sometimes it’s included in the payment processing terms but this is YMMV. So as a consumer, if you ever wonder why the small business takes “visa” but not your “chase ultra sapphire pearl max black” card with visa logo. That’s why.
Unfortunately, it doesn’t end there.
(2 days later) buyer that bought that item actually stole/cloned the credit card and the actual credit card owner initiated a dispute.
Merchant has now been charged a $25 dispute fee and is now in the resolution process. If bank and/or credit card processor rules in consumers favor, merchant loses $25 in addition to the cost of the item(s).
At the end of the day, merchants get fucked. Merchants pass on costs to consumers/buyers. Buyers get fucked with increased cost of goods.
This doesn't totally respond to your line of reasoning but keep in mind that handling cash isn't free. There is time, logistics, and risk involved. In the US, consumer bank accounts typically come with free cash handling, but not business accounts. It's common for cash handling to cost around 1%, can be more depending on cash mix. Some of this is bank fees (e.g. I have a business account that charges $0.01 per note for cash deposit), some of it is expenses on the business like a drop safe (often rented) and armored transport service. There are indirect costs as well, e.g. insurers will factor in the risks of high cash volume.
The cost of cash handling is part of what has allowed card payments to proliferate, but then that created the conditions for card processors to ratchet up fees.
Card-present fraud is low enough that I can accept payments (in the UK) for 1.69%. The reader cost £39, but in the last few months they've started allowing me to accept NFC payments using my phone without a separate reader. No monthly fees.
I'm not running "classic" retail, just stalls at school events. The cost of cash is the cost of my time and that of other volunteers making sure we know how much cash we brought in, and getting to the bank. It's absolutely worth 1.69% to avoid having to deal with cash. And that's even before worrying about having a float to make change with.
"- merchant checks if debit or credit card is accepted by their payment processor —> if not accepted, tell buyer present diff card or “get bent”"
This is america, in France (and more generally in Europe) all credit / payments cards are standardized thru governmental intervention.
Vendors are allowed to say cash only and refuse cards in general but this is getting real rare.
In some countries (Norway), you can have a real hard time paying cash in big cities, vendors refuse it.
The important point here IMHO is that the vast majority of fraud is not an inevitable cost of doing business, it's the result of deliberate policy decisions, and the fact that the cost of fraud can be fobbed off by financial institutions onto merchants and thence onto consumers without the latter even being aware that they are bearing this cost. It is quite literally a conspiracy.
Talking up the tech of having physical plastic cards hold value, but ignoring the real-world implications, is kind of silly right? Maybe it would have been better for the author to get that out of the way first... something like "if plastic cards held a value, public figures such as celebrities and CEOs would be robbed, kidnapped, held ransom, etc due to the values of the cards, so they are not practically safe in our non-utopian world. But let's explore the tech behind it anyway"
You’re missing an important point: It’s possible to carry some of your money with you, and leave most of it somewhere more safe, in whatever form, just like with cash.
The system was called UzKart (do not confuse with UzCard, which is modern online successor of that system). On the day when salary was paid, you had to find an online ATM or internet-connected terminal in the shop, and "load" money to the card. Then, you could use the money on the card to pay in offline terminals. Balance could be checked directly in offline terminals, you had to ask the seller to print it.
Sellers had a special offline card, called "merchant's card". In the end of the day they loaded all the transactions from an offline terminal to a merchant's card, and then brought the card to an ATM or a connected terminal, to synchronize payments with the bank account.
If, for some reason, at the time of synchronization some payments failed to clear, payer's card was banned and they had an angry call from the bank.
When the system was introduced, internet connection was expensive and unreliable. It co-existed with online cards, but merchants strongly preferred to deal with offline cards. As soon as mobile internet become cheaper and more widespread, offline cards died because of the hassle with "loading" and "unloading" them.
More info on UzKart and UzCard can be found (in Russian) here https://gazeta.norma.uz/publish/doc/text97703_uzkart_ot_duet... and here https://uzcard.uz/ru/news/post/uzcard-bankovskaya-tranzaktsi...