Throughout so many articles on bank card security, we have learned:
- As security in the technological world increases, we users are becoming the most valuable target for cybercriminals . For this reason, they are increasingly focusing on designing social engineering strategies that confuse us in order to obtain our credentials, rather than developing sophisticated systems to breach the security barriers imposed by technology. However, old strategies for abusing our trust are still very much alive , and to do so, you don't even need extensive computer knowledge; all you need to do is take your card or cell phone out of your pocket or purse.
- Whenever possible, we should avoid contactless payments because payment terminals and ATMs can be manipulated to read our card details. ( 1 and 2 )
- Contactless payments are here to stay, although there are still security issues related to the EMV standard to be resolved. However, they are still surrounded by security myths that we must overcome. ( 3 and 4 )
- Mobile hot wallets (Google Pay, Samsung Pay, or Apple Pay), along with other security measures imposed by framework policies such as the European PSD2 or EMV tokenization standards, address the security gaps left unresolved by the card's EMV chip, but they make the smartphone a device that stores a lot of crucial information. At this point, our mobile phone becomes a critical device for our digital security. ( 5 , 6 , 7 , 8 )
Consequently, if we continue our efforts to solve the security problems of bank cards, we'll arrive at the solution we're discussing in this article: cold wallets . That is, devices that store key security information in the cold , or, in other words, completely disconnected from the internet .
Cold wallets like Rikki benefit from solutions already used for mobile devices, such as tokenization and PSD2, but unlike the latter, they store key information on a high-security chip (certified by Visa and Mastercard) used exclusively for this purpose and disconnected from the cloud to prevent malicious malware infections.
This means that a payment ring like Rikki doesn't store bank card data, but rather a token representing the card's identity plus the device identifier (the ring), so no one can read security-critical information. To better understand this, using the same app that reads the NFC EMV chip, we can try reading the ring's data and verify what it returns: no valuable information, unlike the card's chip, which returns the PAN, expiration date, and transaction log.
So, a Rikki ring offers contactless payment, tokenization, PSD2, off-grid, and a high-security chip dedicated exclusively to payments. Is that all?
Technologically speaking, yes, but this is precisely a significant attribute. An attribute that makes it discreet and allows it to go unnoticed by cybercriminals, that keeps it with us at all times and doesn't require us to be aware of it , that is difficult to lose and even more difficult to steal , and that prevents it from concentrating other valuable data .
Pay securely without taking your phone out of your pocket or purse, with a simple gesture of your hand. A gesture so simple that cybercriminals will become depressed before they can figure out how to overcome it. And for those who are afraid of being robbed, of course they can do it, but just like with wallets or cell phones, we can remotely disconnect them to block payments.
