Forgot your password?

Comment: Re:Competition (Score 5, Insightful) 263

by Ronin Developer (#48262925) Attached to: Apple Pay Competitor CurrentC Breached

I was thinking along those same lines - they compared CurrentC to ApplePay. But, there is another player in field which meets the needs of Android users much as ApplePay for iOS does.

Both ApplePay and Google Wallet protect the consumer and keep them in mind such as by using the protections afforded in the use of a credit card. CurrentC is focused on the mercantile experience and puts all liability for fraudulent transactions squarely on the consumer. Using CurrentC, with its direct access to your checking and bank accounts as well as to your health information, you entire identity could be stolen along with your life savings. This breach highlights why they should not be trusted with your information even if no financial data was compromised this time around (they aren't live yet, right?).

Of course, Apple and Google can shut CurrentC down before they even get out of the starting gate - simply ban them from the app stores. This would prevent the software from being installed on anything iOS other than a jailbroken device. And, if Google choose not to allow it in the store, the only means to install it would be a side-install. Without an ability to have the consumer to install it, it will die pretty quick. Merchants would be forced to reconsider their strategy or face more competition from those merchants who demonstrate a willingness to protect the consumer and use one of the more anonymous systems such as ApplePay or Google Wallet.

As for merchants who say they won't accept credit cards - they do so at their own risk. To me, the smarter move would have been to work with Apple and Google and develop a system that meets merchant needs while protecting the consumer AND get it installed on the widest range of machines. Or, maybe, just rethink their business model.

Comment: Re:CurrentC does not solve for the Customer (Score 1) 629

by Ronin Developer (#48254153) Attached to: Why CurrentC Will Beat Out Apple Pay

You can get the DOB for many people online. Once you have their name, address, ssn, finding or figuring out the DOB is pretty straight forward. If they are able to use your Driver's license for ID purposes, they can also access your DOB.

Seeing how retailers have exposed me to identity theft in the past (by NOT checking ID when somebody opened up accounts) and recent hacks, I don't trust retailers to keep my CC and other personal info (or my health data).

Will I use CurrentC? Hell no.

Let's hope Android and Apple users elect to boycott use of CurrentC if and when it becomes available.

Comment: Re:Tell me again... (Score 1) 372

Sorry about your close friend and her "vacation" time. Tell me again about the "Do No Harm" portion of a doctor's oath? Putting the public welfare at risk has to be weighed against someone who elects to travel to an affected area. We already have seen that medical "professionals" can not be trusted to detect possible signs of the disease or self-quarantine when it comes to their personal convenience. And, we have seen that many medical facilities do not have proper protocols and capabilities in place to handle such a threat. While I think the DWOB program is great in its mission, it is also a voluntary effort. Placing oneself at risk as well and limiting their "vacations" is a personal decision and not one that outweighs public safety upon their return to their host country. At home quarantine for those who worked with affected patients, provided needs are met, is suitable. Others travelling from affected regions can be checked for symptoms and quarantined only if they start to develop symptoms. For those caught in the newly implemented policy, my sympathies, but they need to understand why it is considered a necessity and their needs considered on a case-by-case basis. For those travelling after the quarantine is known to be in effect, they need to plan better.

They quarantine dogs for 21 days for this disease - even put them down "just in case" because dogs "might" be carriers. Not suggesting we put anyone down, but if we have to wait 21 days for animals in quarantine because of the incubation period, why can't we expect the same of humans?

And, BTW, you can be the one to clean the facility and all the bowling balls, subway cars and whatever else an infected person has come in contact with since you think a few cans of Lysol will do. Sweat, last I checked, is a bodily fluid. Since this tends to be on the fingers of bowlers, it requires a bit more than just a few cans of Lysol to adequately sterilize those bowling bowls.

Comment: Anonymity is the issue (Score 1) 556

by Ronin Developer (#48240343) Attached to: Rite Aid and CVS Block Apple Pay and Google Wallet

The idea that CVS, RiteAid and other retail stores are taking the stance against 3rd Party NFC payment solutions struck me, initially, negatively as well. However, as a customer of CVS, I think I can see why they, at least, are opposed to Apple Pay and Google Wallet. The reason? Anonymity of the purchase.

CVS has a model where a customer is asked to present their CVS ExtraCare card. If you don't have it with you, they can look it up by phone number. Barring that , they can swipe a store card. The customer's purchases are discounted if they have earned enough ExtraCare points and they receive ExtraCare coupons based on their ExtraCare card. To a consumer, those ExtraCare coupons are golden and develop brand loyalty.

Naturally, CVS is tracking how and what the customer purchases. Linking the CC number to the holder's ExtraCare card makes sense to them. Using Apple Pay or GW eliminates all personally identifiable information during the transaction. This breaks their model at the POS terminal.

One solution is to develop a mobile app for each of the platforms they wish to support. Apple has made it difficult to track users by device during recent changes to their privacy policy. Things like the UUID, VendorID or AdvertiserID have been either eliminated or their use highly controlled. And, of course, VendorID and and AdvertiserID can be reset by the user limiting their use as a tracking mechanism.

Somehow, during the NFC payment process, with all personal details stripped out of the transaction, there remains the need to transmit the user's id (like how Starbucks integrates with ApplePay and still presents a barcode that can be scanned at the POS and the account debited. I haven't analyzed their barcode myself. But, I would think that they present the Starbucks userid in some form - they seem to know what name to put the order and personalize the experience.

The downside to the approach is that the vendor has to maintain gift card info (with balances) and, possibly, the CC info (for auto-reloads, etc). Given the number of compromised POS systems at the retail outlets, they need to find a happy medium between their business model and consumer privacy and protection. We, on the other hand, prefer to have them side more with consumer privacy and protection. This is why we like Apple Pay and Google Wallet or even services such as Stripe which anonymize the CC info and protect our privacy and payment accounts.

A simple solution, if one is using magstripe cards, is to use something like Google Authenticator associated with the card. At time of payment, the user is required to enter a PIN (optional) and/or present the Google Authenticator value for their card (secret issued by the bank). This could be presented as a barcode and scanned by the POS. Heck, the CC info could be included in the barcode saving a step. The card and auth token are validated by the CC company before permitting the transaction to go through. If the connection is down, then the user must present a valid form of ID and the card so it can be processed the old fashioned way.
If a user has a rewards card, they can either present it manually or have it included in the barcode displayed by a custom app. If the user loses their phone or physical card, they can simply go the bank's site, report the card or device stolen, and get a new secret key issued. This would, immediately, make the CC number useless as they won't be able to generate the time based token. On the flip side, it will make hacking a CC company's system a lot more valuable.

I don't know what, exactly, gets exchanged by the NFC terminal between it and a device. If customer info can be exchanged in the process of making the payment, it could prevent those retailers trying to develop their own solution and make them receptive to accept Apple Pay and GW.

Comment: Tell me again... (Score 2) 372

Why it's wrong that we don't require a mandatory 21 day quarantine for anyone travelling from these countries if we truly want to stop the virus from ever getting a hold?

Top it off - this guy went bowling while starting to show symptoms (thus, contagious). Who is going to replace and pay for EVERY bowling ball? What about decontamination of the facility? If I were the owner, I'd be pretty pissed off.

Comment: Re:Yawn (Score 1) 355

by Ronin Developer (#48196579) Attached to: Apple Announces iPad Air 2, iPad mini 3, OS X Yosemite and More

If you had watched the keynote, you would have seen this on the infographic that was displayed. The improvement in processing and, more specifically, the graphics processing is like the difference between light and day in mid-latitudes. Heck, my iPhone 5 can render things that my original iPad can't even load (probably, due to its limited 256MB RAM vs 1GB RAM of the iPhone 5).

But, yeah...12x over the original iPad doing what? That metric really didn't make saying my current desktop processor is 3K faster than my original 8088 in my IBM PC or 10K faster than the 6502. Funny thing...back then, they were considered blazingly fast. Software continues to grow more bloated and sophisticated to take advantage of the greater bandwidth and processing speeds. If not, my original iPad wouldn't crash when trying to load a javascript laden website. Today's development tools and languages encourage that behavior.

Comment: Re:So you have to install an app... (Score 2) 113

by Ronin Developer (#48196377) Attached to: Delivering Malicious Android Apps Hidden In Image Files

Why was the parent post modded to -1? The fact is that they are correct - unless your iPhone is jailbroken. The sandbox prevents unsigned apps from being installed. And, apps that do get installed have limited access to the rest of the file system. At least that's the way it worked prior to iOS 8.

The walled garden is both a curse and a blessing - depends on how you look at it.

Comment: Re: Apple Pay (Score 1, Informative) 355

by Ronin Developer (#48162231) Attached to: Apple Announces iPad Air 2, iPad mini 3, OS X Yosemite and More

I suggest you read up on the technology. You could take a look at Swipe as I think it's probably the closest pre-Apple Pay implementation to what Apple Pay is (Swipe, IS an Apple Pay provider, however). Banks are jumping onboard now that the technology appears secure. Apple claims another 500 banks have joined since last month.

Your card details are stored within a secure chip on the iPad. When you make a purchase, the card info hits the CC provider and a token is returned for THAT transaction. That is passed to the vendor who completes the charge and sends it to the CC processor. The CC Processor sends back a response to the vendor that transaction is completed and then a response is sent to the customer.

You can manually enter your CC info or take a picture of it using the iOS device. That image, is verified by the bank/CC company and then the information is loaded into the secure chip.

The beauty is that your CC info is only exchanged with the bank.

If your device is stolen, you can immediately render the CC info stored in it useless by logging into your iCloud account (I would assume, you have 2 factor authentication turned on - which I think Apple is now requiring).

I don't know how this compares to PayPal or Google Wallet as I don't use them. I do know that Apple has made it easy to add Apple Pay to apps and websites, and the user experience counts provided the security holds up. PayPal still looked a complex mess when I viewed the API last month.

Comment: Re:Yawn (Score 2) 355

by Ronin Developer (#48162107) Attached to: Apple Announces iPad Air 2, iPad mini 3, OS X Yosemite and More

I have to assume you and the original poster didn't watch the keynote.

The main processor is 12x faster than the original iPad (which, I still own and use). Graphics are 140x faster with the new graphics processor.

However, what the original poster DIDN'T say is gain in 2x+ performance over last year's iPad Air and the drop in pricing for comparable versions. The demonstrated photo processing apps were seemless. They also didn't indicate whether the new devices have more RAM or not. 1 GB has worked well. But, there were rumors of 2 GB.

No NFC either. Apple Pay is for "internet" purchases and not POS.

Nothing stood out to me as a "gotta have" this time around. While the iMac Retina has been improved and the screen is amazing, my 2009 iMac still works great (thought, I might replace the HD with an SSD). My iPad still works but pisses me from time to time when trying to load a web page that requires too much memory. My next "upgrade", when and *if* I can afford it, will be for the new iPad Air 2 as the original is something I still use every day.

Comment: Re: talk to a lawyer (Score 2) 224

by Ronin Developer (#48155431) Attached to: Ask Slashdot: Handling Patented IP In a Job Interview?

I agree. I had an offer in hand when I got THEIR IP policy. They wanted the ability to claim anything I thought of while in their employ and for two years after as THEIR IP. I listed the projects I was already working on. The offer died in legal after two weeks.

One idea I had been working on showed up in the App Store one month after I discussed it with them. The developer was a former employee of the company.
My idea was unique. It had value. And, someone with more resources was able to capitalize on my idea before I could.

I had no recourse as the system wasn't yet patent pending and the developee no longer worked for the company. I found out via his profile on LinkedIn and he was offshore.

My advise, if you have IP, protect it. If they want you and your patented ideas, make the licensing part of the agreement. You decide what is fair market value

While I don't partucilarly like sw parents, you are entitled to protect what you invent. Don't let anyone tell you otherwise.

Comment: Re:Forgot the biggest one: Money (Score 1) 229

by Ronin Developer (#48148435) Attached to: The Subtle Developer Exodus From the Mac App Store

You still need to shell out $100 month for either an iOS or OSX developer's membership if you actually plan to deploy your developed software in either the App Store or the Mac App Store.. Still, that's a pretty small price to pay to have your app certified and made readily available to potential consumers of your app.

Where the difficulty comes from and costs go up is in figuring out how to differentiate your app from all the others (or, just to get noticed). And, you have to worry about knock-offs deciding to charge $0.99 against your $4.99 or even $49.99 product.

You actually have to have real business, marketing and sales plans - which implies knowing to run a small business - to survive after the initial app store "gold rushes". This demands a level of commitment above and beyond what most "coders" have in order to actually eek out a living or more - it's why they are called entrepreneurs or business owners.

Mommy, what happens to your files when you die?