No Coin to Spend Your Coins On

November 17, 2013

Silicon Valley has a new favorite toy: An electronic credit card to hold all your other credit cards.

Go ahead, watch the teaser, I’ll wait.

Surely if you’re anything like me you thought, whoa this is pretty cool, I want one. Before hitting the pre-order button like a pavlovian dog, I thought about it some more and decided that not only is Coin not for me, it is also a pretty terrible product in general, for a number of reasons.

It solves no real problem.

Coin is neat. It’s just that, neat. But it doesn’t solve a real-world problem. For starters, it’s $100. And then, apparently, because it runs on batteries that can’t be changed, you have to buy a new one about every two years.

Who can spend 100 bucks for the convenience of carrying around one elecronic card in place of a number of other plastic cards? Precisely the kind of person who never had to split a purchase between two credit cards in their life before. It’s a novelty item by the Silicon Valley for the Silicon valley: Valleywag calls it “Silicon Valley’s ultra-insular groupthink fiesta”.

As a mere novelty item, Coin should probably best go where those kinds of products usually go to die: your neighborhood “as seen on TV” store.

It’s not ambitious. At all.

Any sufficiently ambitious new product tries to tangibly improve its space, in this case, the payment space. Take Simple, a startup aiming to improve the user experience of banking. It ambitiously wants to do away with terrible bank websites and replace them with a better experience.

Or how about Square. Its flagship product, a tiny card reader, enables anyone and everyone to accept credit cards, previously a terribly complicated thing only professional merchants would do. Ambitious!

Take Square again! Their most recent product, Square Cash, lets you send money from one debit card to another, by email and smartphone app. Regardless of which bank you’re with. Once again: Ambitious!

Enter Coin.

A smartphone card reader that copies your credit card onto a different card. You then use that card. It doesn’t make payments better, faster, or solve any real problem. It doesn’t even try.

In fact, it actually pushes the US backwards in terms of credit card security.

What do you mean, less secure?

The Coin introduction video mentions security shortly, like a tangential thought. A low-power bluetooth signal ensures that Coin remains close to your gold-plated iPhone 5S.

So, forgetting your card at the restaurant is the biggest conceivable security problem, then?

How about attackers copying credit card magnet strips? It’s a well-known problem called Skimming. A malicious waiter or cashier can copy your card’s magnet strip while running your current, legitimate transaction. Too bad that with Coin, I just handed the attacker not one card, but all my cards. Use Coin while traveling, and you might very well find yourself in deep trouble – either because your banks(!) detect the fraud and lock you out of all your accounts, or because the attacker just filled up all your credit cards with malicious transactions.

Other countries have long switched to enforcing chip usage over magnet strips, which is significantly safer because the chips can’t just simply be copied unlike magnet strips.

In good American fashion, the US is behind this trend. But ironically, instead of doing anything to improve this situation, Coin is built on top of this key vulnerability. It copies magnet strips much like a malitious attacker would. Cool!

Update: It appears, I am not the only one having grave security concerns about Coin.

So…

Knowing all that, you should probably leave your three separate cards where they are: In your pocket. Maybe get one of these awesome wallets1 instead? I promise, it’ll make the hardship of carrying regular credit cards much more bearable.


I’m trying—and failing—to blog about once a week in 2013, on various topics. This is my fifteenth post of the year.

  1. Thanks to Kumar for the tip!

Creating an Empty git branch

Today I needed to create an empty ``gh-pages`` branch on one of my projects, and didn't want to fork the code on the master branch, then ...… Continue reading

A poor man's "security envelope"

Published on October 16, 2014