According to AutoWeek, BMW has developed a new “smart” car key, a
multiuse key that beside its normal use, could be used for shopping,
paying for gas, public transportation(hopefully not needed), toll
roads(tons of them in Illinois), and pretty much anything else that
could be purchased with a credit card.
BMW worked together with an European company, NXP Semiconductors and
the “wonder” key will be shown at the a trade show in Paris, next month.
The key is powered by NXP’s latest security chip, and the companies
say the key could be transferred to other BMWs, if the owner borrows or
rents a car. And here is where things start to complicate. As much as I
would love to borrow my car to my friends, the issue of someone using
your key to purchase things is pretty important. Would there be a way
to deactivate the “credit card” portion while someones else drives your
car?
What if you leave the car with a valet? Even if there is a way to
quickly disable the “smart” key, it will will be a hassle to do it each
time you valet your car. Of course, there could be a simple solution to
that, similar to the current keys, where you can separate the valet key
from the remote.
This will also solve the problem where you walk into the restaurant
and would like to pay with your multiuse key, that you just dropped off
with the valet.
Anyway, it’s an interesting concept, but there are many security
issues that need to be worked out first and lots of factors to take
into considerations.
[Source: http://www.autoweek.com/apps/pbcs.dll/article?AID=/20081024/FREE/810249989/1023/CARNEWS - Autoweek ]
Update: Here are some good points brought up by Clara, one of our regular readers.
his is a really bad idea. The implications of RFIDs in consumer items haven’t been properly explored.
- coupled dependencies - are you going to rely on being able to make
a purchase with your keys, given the above valet scenario and others?
What happens if you lose your keys, how many different functions need
to be closed down or tracked to protect you?
- security issues - RFIDs can be easily read and duplicated/spoofed
given the right equipment. Many POS purchases require no other
authentication than a swipe.
- consumer ignorance - banks, retailers and POS suppliers haven’t educated the public on RFID risks and benefits.
- privacy issues - the ability to read all unique identifiers on a
person at once — and without their knowledge — completely undermines
the privacy of ordinary activities
This really is a big deal. The only real exploration by companies on this subject is the benefits —– to them.