I can appreciate how someone immersed in the Amerikan consumer culture would welcome a means by which he or she could reduce the plastic card proliferation that apparently just won’t stop. But I really don’t think National Payment Card’s solution is the best way to accomplish it.
BusinessWeek summed it up neatly in a recent article titled Use Your Driver's License as a Debit Card. The first few paragraphs of the article [some parenthetical information removed]:
Aurora Bisig is a big believer in retailer discount cards. At her last count, she had a dozen—from Sam's Club to nearly every grocery store in Central Texas. So this March, when the Austin (Tex.) insurance agent pulled into a gas station for a fill-up and saw a sign promising an additional 10¢ off per gallon for signing up with a new e-payment program, she was interested.
She was also pleased to learn that the "RollbackPrice" program wouldn't require her to add another piece of plastic to her overstuffed wallet. Instead, after entering her driver's license number and bank account information online with a two-year-old company called National Payment Card (NPC), she'd be able to pay for gas just by swiping her driver's license (linked directly, via the existing magnetic stripe, to her bank account), and entering a personal identification number.
Adding another temptation for thieves to an identity card (that shouldn’t be one, true) seems like a bad idea to me. The merging of state and consumer functions via a state-issued permission slip isn’t a welcome trend, either. Anyway, the article continues for a bit, and at the end, focuses on security issues. First, our single consumer pipes up again:
Based on the reactions she's heard from friends and colleagues in Texas, Bisig says it might take some time to convince people that sharing their license number and bank account information with a retailer is safe—especially shoppers who aren't familiar with other e-payment systems like PayPal. .... While some of her friends have worries about giving out too much of their personal information to a retailer, she reasons, "People give out that much information and more whenever they buy something on the Internet."
I don’t recall ever being asked for a DL number when purchasing something online; and at some e-tailers, I’m given a choice between using a bank account or a credit/debit card. I cannot imagine ever giving out bank account information in such a context, but as Heinlein said, “Never underestimate the power of human stupidity”. Bisig is repeating a misleading, but common, comparison. Anway, on to the security issues:
In Texas, a spokeswoman for the state's Public Safety Dept. issued a statement advising that consumers use caution when providing any retailer with their driver's license number, and emphasized that DPS does not endorse National Payment Card or any other programs that piggyback on state-issued drivers' licenses.
National Payment Card, for its part, says its stringent security measures make the likelihood of fraud or identity theft very low. Customers' financial information is not stored anywhere on the actual license, and withdrawals are not permitted after more than three failed PIN attempts. ....
Bisig, for one, was satisfied with the system's security precautions. Because her license is PIN-protected, she points out, it's even more secure than using a credit card.
I would imagine that states would want to distances themselves as much as possible from any program like this, simply because of the liability implications. And there will be problems,and lawsuits. From the NPC web site’s “how we do it” page:
The consumer enrolls in the program via the internet, telephone or mail. The consumer's checking account information and consumer-selected PIN are the key elements of the enrollment data.
Yeah, none of those enrollment methods can be tapped into. And enough has been said about humans being the weakest security link to make me laugh at the idea that a consumer-selected PIN is strong security.
The list of businesses, institutions, and gov agencies that have compromised users’ sensitive information is long and growing. All of them were thought—by their CEOs and security teams, at the least—to have “stringent security measures”. Look where it got them.
And I’ll repeat, for emphasis, that mixing state and corporate business is a very bad idea.
give up on the system
this is really bad, i don't think that the system can be salvaged. We should give up on the political system altogether and start living a different way - perhaps the pressures of the collapse of Boomerific Empire will give them so much else to deal with that they will leave us be. Ending the war on people (mislabelled the war on drugs) would help everybody immensely.
As long as the state wants to play mommy, daddy and nanny to everybody on every issue - i'd keep the bank account number totally secret and not worry about the use of the driver's license, because it is already a matter of public record. I do question whether the banks have their own information sharing program - which includes law enforcement access. It seems like there are no real rules to the game any longer - if you can get away with it, do it.
Remember the concept of private eye was a very glorified thing when the forty and fifty somethings were growing up. i liked mannix and barnabey jones and the entire genre. Where did that profession go? Perhaps we should pay busybodies to investigate public employees that seemingly abuse their positions. but then - wouldn't 96% of the grubbermint be under surveillance?