Sweden, Norway rethink plans for cashless societies over fears that fully digital payment systems would leave them vulnerable to Russian security threats (www.theguardian.com)
from 0x815@feddit.org to technology@lemmy.world on 30 Oct 15:14
https://feddit.org/post/4262795

cross-posted from: feddit.org/post/4262252

A combination of good high-speed internet coverage, high digital literacy rates, large rural populations and fast-growing fintech industries had put the Nordic neighbours on a fast track to a future without cash.

[…]

But Russia’s invasion of Ukraine in 2022 and a subsequent rise in cross-border hybrid warfare and cyber-attacks blamed on pro-Russia groups have prompted a rethink.

[…]

The Swedish government has since completely overhauled its defence and preparedness strategy, joining Nato, starting a new form of national service and reactivating its psychological defence agency to combat disinformation from Russia and other adversaries. Norway has tightened controls on its previously porous border with Russia.

[…]

[Norway’s] justice and public security ministry said it “recommends everyone keep some cash on hand due to the vulnerabilities of digital payment solutions to cyber-attacks”. It said the government took preparedness seriously “given the increasing global instability with war, digital threats, and climate change. As a result, they’ve ensured that the right to pay with cash is strengthened”.

[…]

#technology

threaded - newest

shoulderoforion@fedia.io on 30 Oct 16:01 next collapse

and the penny drops

dogslayeggs@lemmy.world on 30 Oct 16:02 next collapse

As much as I hate using cash, I understand that the credit card companies charge ridiculous fees to businesses and also that people with very low income don’t always have access to digital forms of payment. Maybe Sweden does better with equipping their entire society with digital tools, but in the US I don’t think we are ready for a fully digital payment society.

njordomir@lemmy.world on 30 Oct 16:29 next collapse

I don’t like using cashless anything because I know part of the cost is my privacy. Having said that, convenience is a powerful draw and cash can be a pain, especially when you have to find a spot for small coins.

100@fedia.io on 30 Oct 16:46 next collapse

nobody should be including apple or google spy apps in their payment processing

simon@slrpnk.net on 31 Oct 02:41 next collapse

If you are using Mastercard in the US, Google will be getting transaction data all the same: www.bbc.com/news/technology-45368040

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:57 collapse

Thanks, now I have to switch my primary credit card. Any concerns w/ Visa?

WhyJiffie@sh.itjust.works on 31 Oct 03:28 collapse

apple and google is just a small part of the problem. using a debit card is not much better either

shortwavesurfer@lemmy.zip on 30 Oct 23:47 collapse

Look into Monero. You get the benefits of digital payments, but you get the privacy of cash.

chevy9294@monero.town on 31 Oct 07:56 collapse

I use monero online and cash offline, because no one accepts monero offline.

shortwavesurfer@lemmy.zip on 31 Oct 09:39 collapse

because no one accepts monero offline.

With the XMRBazaar map this may change

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:57 collapse

Probably not, but one can hope.

lime@feddit.nu on 30 Oct 17:18 next collapse

there haven’t been card fees for end users in Sweden for many years. handling cash is a lot more expensive since you need somewhere secure to keep change, you loose time at the till handling the money, and you need to pay for someone to come pick it up. the time gained from just having the customers pay with card means businesses gladly swallow the fees.

and yes, i’m always surprised when going abroad how much more analog everything is. the nordics and Baltic’s are generally at about the same level (with Estonia way ahead), but the rest of the continent feels like it’s 10 years behind. I was once asked if I really wanted to pay with card in a corner shop in Leipzig, since the card fee was €10.

not that i’m a fan of the digitalisation, it makes marginalised groups even more marginalised. i see my elderly relatives struggling with it often.

Evotech@lemmy.world on 30 Oct 17:32 collapse

The end user didn’t pay directly, but the companies very much pay for this privilege

Which is why Swish, and in Norway, Vipps has been a big thing. So the banks can get that revenue for themselves instead of sharing with visa / Mastercard

Evotech@lemmy.world on 30 Oct 17:34 next collapse

In Norway and Sweden many places just doesn’t take cash. Probably been around 2 years since I last used cash

Anything from kids bakesales takes digital payment

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:58 collapse

Yeah, we’re moving that direction in the US as well, but most places will accept it, even if they “officially” don’t, provided you ask nicely and don’t use large bills.

[deleted] on 30 Oct 19:14 next collapse

.

sensiblepuffin@lemmy.world on 30 Oct 19:18 next collapse

It’s extremely disappointing to me (admittedly in the US) that Covid seems to have obliterated any chance for a large-scale investigation on payment processors’ stranglehold on our financial systems. The fees that Visa/Mastercard/etc. charge, especially for tiny merchants with insanely low transaction numbers, are criminal.

lud@lemm.ee on 30 Oct 19:22 next collapse

Here, many stores don’t accept cash so I assume accepting credit cards is cheaper and easier than handing cash.

sugar_in_your_tea@sh.itjust.works on 31 Oct 18:00 collapse

At least in the US, it’s something like 3% for a business to accept cards, so they bake that into the price for everyone. So with cash, they technically make 3% more for each transaction, but they also have to manage the cash (deposit in bank, withdraw small denominations when running low, etc). Since most people are willing to use credit, it’s simpler, though not necessarily cheaper to just accept digital payments, especially when you just need a small dongle for your phone to accept payments.

So in the US, it’s more of a liability/convenience thing than a cost thing.

brewery@lemmy.world on 30 Oct 22:11 collapse

In the EU and UK, heavy regulation, especially of Visa and MasterCard, means the fees are actually lower than the costs of handling cash. Lots of businesses want only card transactions because it works out better for them and most people don’t carry any cash so that need to offer card payments, and so it makes even less sense to offer both methods. The only industries who like cash are likely trying some form of tax evasion.

Cleverly, they banned businesses from charging any payment fees and suddenly, businesses negotiated and found suppliers offering low payment fees. We don’t have anything like these convenience fees for paying with cards over cheque that I hear about.

Amex still charges higher fees so many places still don’t take those cards. The value of benefits (air miles, cashback) have gone down significantly but in reality, it was essentially transferring wealth from the poor (who could never get these cards) to the rich, through these fees, so works out better overall.

The banks here advertise that they help everyone get bank accounts and social benefits are paid into bank accounts so I assume everyone is able to get an account. However, I do wonder if some people, especially the homeless, slip through the cracks.

shortwavesurfer@lemmy.zip on 30 Oct 23:46 collapse

Since taxation is theft, the proper thing to do is evade taxes.

brewery@lemmy.world on 31 Oct 12:03 collapse

I like my free healthcare, ambulances, fire fighters, roads, drivers requiring licences, drivers requiring insurance, police, trains, buses, general security, employee regulation, safety regulation, building codes, industry regulation, help overseas from consulates, so would prefer to pay a bit in taxes to get a lot back. It might not all be “perfect” but the idea of aiming for a happy and equal society is good.

pirat@lemmy.world on 31 Oct 21:01 collapse

Ok. The fact that you prefer it (probably because the thieve is mostly kind and generous to you) does not change the reality that it very much is theft from all those who might not agree with your societal preferences, and who did never consent to this.

Since you (or any majority in society) naturally don’t have the right to forcefully take other people’s money (or property) without their consent, it’s impossible to forward that right to the state (or any person) acting on your behalf. It does not matter how good of a deal it is to you or anyone else. That’s why it can logically be described as theft when a state collects taxes using violent force as a threat to anyone who won’t pay.

troed@fedia.io on 30 Oct 16:07 next collapse

We have cash?

o_O

Haven't used it for years.

folekaule@lemmy.world on 30 Oct 16:33 next collapse

It’s still legal tender so they have to accept it. They don’t like it, but they do. Last time I visited Norway I held up the line at the grocery store trying to buy candy with cash that had been gifted to me. I’m not sure the cashier knew what to do with it.

Edit: many people telling me they are not required. From what I could find, cash is still “tvunget betalingsmiddel”, but there are some broad exceptions. Ref. So, I don’t think I was out of line expecting to pay cash at the grocery store. However, that was the only time I paid cash when I visited last time, so yeah, it’s basically cashless already.

Gloria@sh.itjust.works on 30 Oct 16:57 next collapse

legal tender

As far as I understood it in the last 20 years, it is only legal tender for debt facing the goverment. No private business has to accept cash. They do not have to accept cards either. If they wish, they could demand payments only in acorns or bottle caps if they wanted to. Only govermental Institutes (eg. for taxes, fines, etc.) have to always accept cash so you can always free yourself from outstanding debits without needing a bank account as bank wiring or credit cards are a private 3rd party business that can not be guaranteed for every citizen (as banks can arbitrary decline service to people).

barsoap@lemm.ee on 30 Oct 23:13 next collapse

At least in Germany legal tender means “valid for payment of any obligation”, also private ones. But if a shop says “we don’t accept cash” then they’re not entering a sales contract with you unless you agree to pay in another way, without contract no payment obligation to them so they’re not required to accept anything, and if there is a contract, well, you agreed to the terms.

I don’t think the same would fly for e.g. rental or utility contracts, though. Any contract that isn’t agreed upon and fulfilled while you’re standing in front of the cashier.

sugar_in_your_tea@sh.itjust.works on 31 Oct 18:04 collapse

Yeah, i think that’s the same in the US.

As in, if they commit to accepting your business, they must accept cash. But they can also refuse to do business with you if you insist on using cash. Or something like that.

For example, in the past, you’d pump gas before paying, which meant you had a debt to the fuel station, so they’d be required to accept cash to settle that debt. However today, you need to prepay, so they can simply refuse to accept your business if you refuse to use one of their accepted payment options.

That said, my understanding is that they’re not obligated to make change for you. So you’d need to show up with exact change (or extra) to settle a debt if the company doesn’t want to take it.

shortwavesurfer@lemmy.zip on 30 Oct 23:45 collapse

Thankfully, Monero denies nobody

troed@fedia.io on 30 Oct 17:07 next collapse

Shops in Sweden very often state that they don't accept cash - and it's perfectly legal for them to make that choice.

Evotech@lemmy.world on 30 Oct 17:35 next collapse

They do not have to accept it

Valmond@lemmy.world on 30 Oct 18:55 collapse

I took a bus in Malmö over ten years ago (on the seaside to the railway station), they didn’t accept cash or card, only some mobile payment. Got a free ride.

jagged_circle@feddit.nl on 31 Oct 13:52 collapse

Happens with all the ferries in Norway too

jagged_circle@feddit.nl on 31 Oct 13:51 collapse

Guess you don’t like privacy

VonReposti@feddit.dk on 30 Oct 16:09 next collapse

Meanwhile in Denmark: FULL STEAM AHEAD! Next stop on the digitalisation train, all of your identification papers!

kokesh@lemmy.world on 30 Oct 16:45 next collapse

Yeees! Great! I like cash.

sunzu2@thebrainbin.org on 30 Oct 17:24 next collapse

Money changers in shambles.

Imgonnatrythis@sh.itjust.works on 30 Oct 18:17 next collapse

Sweden is otherwise cool with having a zero privacy payment system? I’m a little Suprised this made it that far even there. When I see a business that says it does not accept cash, I stay away even if I wasn’t planning to use cash anyway.

brewery@lemmy.world on 30 Oct 22:15 next collapse

We have much tougher GDPR laws so I am more worried about American companies stealing my data than any based in the EU. I use different passmails for every account hoping to find a company breaching GDPR but (luckily?) unluckily, no hits so far.

Every company I have worked for, including a major bank, takes GDPR extremely seriously. So much so I often thought they went to far but understand their caution.

Imgonnatrythis@sh.itjust.works on 31 Oct 03:58 collapse

I think that’s great, but that’s now. You lose cash and have some bad luck with your politicians like we have had in the states, and those laws can change in an instant and good luck getting cash back once it’s gone.

M137@lemmy.world on 31 Oct 01:44 collapse

Basic privacy is expected and followed, not everywhere is like the US where you’re getting fucked over constantly.

Imgonnatrythis@sh.itjust.works on 31 Oct 03:56 next collapse

Well that’s still an illusion than. You can’t have systems that are inherently non private and just expect privacy due to culture and norms at any given time. Cash is inherently more robustly private.

jagged_circle@feddit.nl on 31 Oct 13:53 collapse

Because companies in Sweden don’t break laws, riiight

NIB@lemmy.world on 30 Oct 19:03 next collapse

Noone uses cash in Sweden, except for maybe drug dealers and super old people(and the occasional tourist). Most businesses dont even accept cash anymore.

It isnt just the convenience of not having to carry cash, it is also much safer. Much lower risk of getting robbed, for both individuals and businesses.

lazynooblet@lazysoci.al on 30 Oct 22:00 next collapse

Cash is still used a lot. Especially for second hand small purchases. Not everyone wants to do the PayPal dance at a car boot.

Geobloke@lemm.ee on 30 Oct 22:10 next collapse

Do you guys have payID over there? Like you can just send money to a persons phone number

NIB@lemmy.world on 30 Oct 23:17 collapse

Swish is very popular in Sweden and has no fees(for individuals)

en.wikipedia.org/wiki/Swish_(payment)

M137@lemmy.world on 31 Oct 01:39 collapse

Never once seen anyone use PayPal for that, Swish is the most common (in Sweden at least) and there are many alternatives which are just as easy.

vaionko@sopuli.xyz on 31 Oct 12:20 collapse

In Finland we use MobilePay for that. Rarely cash.

endofline@lemmy.ca on 30 Oct 22:40 next collapse

Until you forget changing 6 digit pin of your credit card before you travel to the country which accepts 4 digit normally. You’re f…d, the only way is to get call your family to make moneygram / western union transfer (or if you can do make such an order on your own). If you wonder which country I live, it’s the same country which has one of the highest banknotes 1000 CHF.

Lemminary@lemmy.world on 30 Oct 23:53 next collapse

Much lower risk of getting robbed

Maybe that works in Sweden, but in other places you get shot if you’re not carrying money with you 😅

stephen01king@lemmy.zip on 31 Oct 00:48 collapse

I think those places need more support systems to reduce the number of people that becomes desperate enough to do that.

Lemminary@lemmy.world on 31 Oct 11:57 collapse

We have plenty of support systems, but we have too much corruption. I think we’re working on that now with our first female prez.

bamfic@lemmy.world on 31 Oct 03:01 next collapse
jagged_circle@feddit.nl on 31 Oct 13:50 next collapse

Not true. When I was in Sweden a couple years ago, I used cash. From Malmo to Kiruna (and lots between). I only encountered one place where I was forced to pay with card and couldn’t just go across the street to pay with cash.

Fortunately its not a cashless society, they just came dangerously close to becoming one.

x00z@lemmy.world on 31 Oct 22:33 collapse

Support the drug dealers!

muntedcrocodile@lemm.ee on 30 Oct 19:10 next collapse

Funny way to say people dont like the idea of having all financial privacy ripped away from them.

kn0wmad1c@programming.dev on 30 Oct 19:33 next collapse

In America, you can’t open a bank account without an address. That means that the homeless population can’t open a bank account (not easily, anyway), and therefore can’t get a debit card.

Cashless is a nice idea, but it is extremely prohibitive against the most vulnerable people (which, sadly, might be part of the point).

endofline@lemmy.ca on 30 Oct 22:37 next collapse

It’s funny because actually you can receive mails pretty much everywhere without giving an actual address. P.O boxes and post restante. Only banks keep enforcing residential addresses as it was a guarantee of having lack of identity frauds.

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:56 collapse

t was a guarantee of having lack of identity frauds

I don’t think that’s true, it’s just indicative of someone who’s more stable. That said, I can put down anyone’s addresses and have mail sent to it, my family does it all the time (e.g. my SIL just got married, and they sent their combined bank statements to our house while they were finding a new apartment). All it means is that you can receive mail at a certain address, and that can be as simple as knowing the mail schedule and getting to the mailbox before the residents do (or going through their trash the next day if you miss it).

It’s technically illegal, but I’ve never heard of anyone getting charged w/ accessing someone else’s mailbox… So it’s a pretty low barrier for someone actually committing identity fraud to clear, and a pretty steep barrier for someone who is homeless.

barsoap@lemm.ee on 30 Oct 23:04 next collapse

In Germany any EU resident has a right to a basic account, in case you’re homeless you should have an address because you’re in a shelter, if you insist on sleeping rough (or the municipality is just too fucked up, happens in places) you can give the address of a social work organisation (those are all over also doing debtor counselling and a lot of other stuff).

Only valid reason for a bank to refuse basic business is if you tried to defraud them. They don’t have to give you a credit line, but they do have to accept your money, store it, and let you wire it (incl. POS payments etc).

Identity fraud is not an issue because they’ll want to see a proper ID which, if you’re legally in the country, you have.

It’s less about paying, though, you can always pay with cash in Germany, it’s about the welfare authorities not wanting to handle cash and cheques only if actually necessary.

0x0@programming.dev on 31 Oct 09:36 collapse

in case you’re homeless you should have an address because you’re in a shelter

No homeless person left behind? Shelters for 100% of homeless people at all times?

barsoap@lemm.ee on 31 Oct 10:12 collapse

You have a legal right to shelter, yes. How is that controversial it’s a human right.

0x0@programming.dev on 31 Oct 10:49 collapse

The controversial part is that while it’s great and desirable on paper, it’s almost never the case for 100% of the times. Great if it is though.

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:52 collapse

And it’s also not wanted. A lot of people choose to avoid shelters for a number of reasons.

Honestly, the requirement for an address to get a bank account is stupid, you should merely have to prove your identity, which can be accomplished with a government ID or perhaps a notorized note from a government agency (i.e. you go to the local health center or a social work office and verify your identity or something).

If I wanted to, I could easily fake my address being somewhere it’s not. I get a bunch of junk from the previous residents, and there’s really nothing stopping me from putting someone else’s address as my own (my local family does it when they’re between residences). So I honestly don’t see much point to it.

isthingoneventhis@lemmy.world on 31 Oct 01:56 next collapse

It’s largely a non-issue in the Nordic countries as you basically have to voluntarily opt out of any government aid programs to be homeless, which understandably most don’t. This goes for most, if not all, vulnerable groups; most of the help is decently robust, at least enough to keep you fed and in housing. So I don’t think it’s a very large portion of the consideration, almost everything is paid via mobile pay, checks (any, not just from working) are all done digitally as well.

jagged_circle@feddit.nl on 31 Oct 13:47 next collapse

Its still an issue for refugees and domestic abuse survivors

unphazed@lemmy.world on 31 Oct 20:00 collapse

Ah yes, socialist practices… look how evil it is… taking care of others.

isthingoneventhis@lemmy.world on 31 Oct 22:46 collapse

Inhuman communist savages the lot of them!

0x815@feddit.org on 31 Oct 05:25 collapse

Affordable housing and the threat by malicious actors to attack digital payment systems are two different things. Homelessness has to be addressed, of course, but we are dealing here with something else.

0x0@programming.dev on 31 Oct 09:34 collapse

You seem to have missed the point: in many countries, access to a bank account (therefore digital money) is not universal.

0x815@feddit.org on 31 Oct 11:11 collapse

I didn’t miss the point, but this is a different topic. We need to provide housing, end homelessness and possibly the right to a bank account for everyone. These are different things.

Peffse@lemmy.world on 30 Oct 20:12 next collapse

This would suck so bad. My debit card’s chip went bad and the bank can’t reissue me a new one until it expires. I’ve been using cash as a fallback when I don’t want to do the ‘3 chip failure timeout then swipe’ dance just to purchase some soda.

brewery@lemmy.world on 30 Oct 21:59 next collapse

They seriously won’t issue one even though it’s faulty? Surely it’s their fault as suppliers of a defective product that is probably still owned by them in some legalise way!

My chip stopped working and after one quick phone call they sent a replacement one. Do all the banks you can access do this or worth changing over?

lazynooblet@lazysoci.al on 30 Oct 21:59 next collapse

Report it lost instead. I’ve lost cards loads of times over the years. One phone call and the new one is on its way. However the fact your bank wouldn’t issue your replacement makes me think they would charge you for this privilege.

sugar_in_your_tea@sh.itjust.works on 31 Oct 18:10 collapse

And many banks can reprint one at the branch, all free of charge. It’s incredibly cheap for them to do so, and they profit from each transaction, so there’s little reason for them to refuse unless you do it a lot.

I’ve had a number of cards replaced, it’s really not an issue.

M137@lemmy.world on 31 Oct 01:41 next collapse

That doesn’t seem right at all, no matter the country. And do you not have tap payments?

Peffse@lemmy.world on 31 Oct 01:44 next collapse

Correct. The card is not tap. The only cards they can order now are tap, so to get a replacement they have to cancel the card and issue a brand new one, messing up any autopay tied to the current number and leaving me without a payment method while the new one arrives.

ifItWasUpToMe@lemmy.ca on 31 Oct 14:50 next collapse

In the future I’d recommend adding your card to your phone. It’s more secure paying with your phone vs card, and if you need a new card for whatever reason, your phone will automatically just keep working.

sugar_in_your_tea@sh.itjust.works on 31 Oct 18:08 collapse

messing up any autopay

Really? In the US at least, most autopay systems continue working when a new card is issued, even if there are completely new numbers. I’ve done this several times and never had a hiccup.

That’s not the case if it’s a new account entirely, but if the numbers merely change, you shouldn’t need to do anything, because the bank just lets the other company know the new details when an autopay comes in with the old details (I think it’s automated as well).

This actually pisses me off a bit, because it means I have to actually go cancel things instead of just letting them die when the card changes.

Peffse@lemmy.world on 31 Oct 19:51 collapse

Yeah, I can’t explain the limitation either. That’s how all my cards worked before when they changed numbers after expiration, but the branch manager was very clear that the current debit card would be canceled not reissued. So it’s a new account under my name with the tap card. They even showed me the software used to order replacements, and my card type was cleared marked DO NOT USE.

sugar_in_your_tea@sh.itjust.works on 31 Oct 19:55 collapse

Is it a new account? Or is it just a new debit card number that references the same checking account?

With credit cards it’s a bit more obvious what’s going on because there’s a clear difference between closing an account (requires another credit check), cancelling a card (changes number, but doesn’t change underlying account), and reissuing a card (same number, just replaces the physical card). I’ve done all three with debit cards, and at least here, cancelling a card just means those numbers are no longer valid and you’ll get new numbers, but the account is in-tact (and you retain the same account number) and autopay is redirected to the new number automatically.

I haven’t had a debit card replacement impact the account except one time, when the checking account number was embedded in the debit card number (small bank, never again), and that was like 15 years ago.

Peffse@lemmy.world on 31 Oct 20:02 collapse

same checking number, new account. The branch manager was 100% sure that any autopay using the current card would not be automatically updated because the new card would not be considered a successor to my current card.

She even showed me the scenario play out in the card ordering software.

sugar_in_your_tea@sh.itjust.works on 31 Oct 20:14 collapse

Weird, maybe debit works differently than credit? I haven’t used a debit card for autopay for several years.

Peffse@lemmy.world on 31 Oct 20:38 collapse

¯\_(ツ)_/¯

All I know is that if my country was entirely digital in payments, I’d be between a rock and a hard place.

jagged_circle@feddit.nl on 31 Oct 13:54 collapse

Wireless (tap) payments are vulnerable to wireless relay attacks.

0x0@programming.dev on 31 Oct 09:40 next collapse

the bank can’t reissue

You mean they won’t. Change banks or threaten to do so, might work.

Pika@sh.itjust.works on 31 Oct 17:17 collapse

I would be changing banks. That’s super unreasonable

sugar_in_your_tea@sh.itjust.works on 31 Oct 18:06 collapse

Exactly. In the US, I can ask for a new card pretty much whenever I want, though they may charge a fee if I do it too often. If they were being really difficult, I’d just tell them I lost it and they’d provide a new one, because they want me to use the card (they make money with each purchase).

simon@slrpnk.net on 31 Oct 03:23 next collapse

The risk of the payment system getting shut down and people being unable to make payments for a while is real. And it is one good reason to be less reliant on digital payments.

But there is also the risk of bad actors, which could also be e.g. Russia, getting access to decades of payment history through a hack, if everything is digital. Having that data for every citizen of a country could enable efficient profiling of people in the country using big data analysis technologies.

The kind of thing you could find out with the transaction data is who are working in the military or security police, who is sympathetic to Russia and at the same time vulnerable to work with foreign governments, and potential blackmailing material relating to people in these or other groups. I’m sure the analysts working for the bad actor can come up with even more useful things to look for in the data.

There are of course a lot of other data sources that bad actors are interested in and that are easier to hack, but the financial history seems more comprehensive source of information than most other ones.

0x0@programming.dev on 31 Oct 09:32 next collapse

Having that data for every citizen of a country could enable efficient profiling of people in the country using big data analysis technologies.

You don’t need an external actor for that, a government can very well do that to their citizens…

T156@lemmy.world on 31 Oct 09:44 next collapse

The risk of the payment system getting shut down and people being unable to make payments for a while is real. And it is one good reason to be less reliant on digital payments.

Or entities. The USA had a brief oil crisis recently because one of the major pipeline companies had their billing system hacked. Since the company couldn’t verify whether someone had paid, they just didn’t supply any oil.

Couple that with some misleading news stories and social media panic, and it blew up into a proper shortage from people hoarding all the petrol, and leaving none left.

pinkystew@reddthat.com on 31 Oct 12:19 collapse

Do you have any more info about this?

T156@lemmy.world on 31 Oct 20:47 collapse

Here’s an article about them turning it off because of being unable to verify the bill: edition.cnn.com/2021/05/12/politics/…/index.html

And here’s two attributing the issue, at least in part, to panic buying: aljazeera.com/…/petrol-shortages-sweep-us-as-colo…

bloomberg.com/…/u-s-fuel-sellers-scramble-for-alt…

jagged_circle@feddit.nl on 31 Oct 13:46 next collapse

It already happened in Ukraine during the NotPetya attack by Russia in 2017

…wikipedia.org/…/2017_Ukraine_ransomware_attacks

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:43 next collapse

Yup, I keep a fair amount of cash on hand at home in case there’s some kind of mass outage so I can at least get essentials to last until power is restored. Oh, and I also use it for my kids’ allowance and for baby sitters, but I have larger denominations as well in case of emergencies.

That said, I have been considering using cash more often because I really don’t like all the tracking that already goes on, and I certainly don’t want the government having that data as well. But cash is super inconvenient because of small change, so I haven’t made the switch yet. If we could get rid of the small change and just round prices a bit, I would seriously consider going back to cash.

oldfart@lemm.ee on 31 Oct 19:47 collapse

Just a note, high denominations are not great during emergencies, unless you mean big purchase emergencies. Buying food and gas with high denomination bills may end up in seller not accepting the bill because they have no change. Or happily accepting that bill despite having no change.

For small change, you could take the jar to your bank and make a cash deposit (and see the cashier die inside). In some branches they have machines for counting change.

sugar_in_your_tea@sh.itjust.works on 31 Oct 20:17 collapse

unless you mean big purchase emergencies

Yup, exactly that. I’m in the US and keep a few hundred in $100 bills, with the rest being smaller denominations. I usually have about $1k in cash in a safe, with lots of small bills. So that should be plenty to handle a couple weeks worth of groceries, or a couple large purchases (e.g. paying someone cash to move a tree or something).

kent_eh@lemmy.ca on 31 Oct 20:56 next collapse

The risk of the payment system getting shut down and people being unable to make payments for a while is real. And it is one good reason to be less reliant on digital payments.

Exactly.

Part of the card processing system goes down often enough due to various technical failures that it should just be good business sense to always be capable of accepting cash.

explodicle@sh.itjust.works on 01 Nov 14:19 collapse

Couldn’t they run a Chaumian digital cash server? It’s got top notch privacy, with the only downside of being a trusted central authority… which fiat currencies need anyways.

KomfortablesKissen@discuss.tchncs.de on 31 Oct 07:38 next collapse

GNU Taler to the rescue!

The netherlands are already looking into it: www.ngi.eu/ngi-projects/ngi-taler/

The project could be used via paper trail, as far as I understand it.

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:42 next collapse

Woot! It’s been a while since I looked into Taler, but I’ve long held that we should be using it or something like it for digital transactions. I’d love a browser extension that compensates creators for removing ads, for example, and I think this would be a fantastic way to do it. But having it at a national level is even better!

KomfortablesKissen@discuss.tchncs.de on 31 Oct 18:45 collapse

Yeah, I think so too. It should replace bank transactions completely.

sugar_in_your_tea@sh.itjust.works on 31 Oct 19:01 collapse

I hope someone posts here when/if they decide to adopt it, because I’d love to hear more details about it.

oldfart@lemm.ee on 31 Oct 19:41 collapse

Taler e-money is issued with a validity period. One month before the expiration date, you wallet should automatically exchange any digital cash that is about to expire for new digital cash with an extended validity period.

Haha no, thanks. I really don’t understand why Stallman stands behind dystopian statist money.

KomfortablesKissen@discuss.tchncs.de on 31 Oct 22:00 collapse

I think the idea was that you can’t hoard anything, and stealing or reusing is harder. But it does make the central management way more powerful than it should be. But it’s normal bank standard.

What do you mean with “dystopian statist money”?

oldfart@lemm.ee on 01 Nov 07:00 next collapse

Since when keeping the money you earned is “hoarding” and a bad thing?

I think money with expiration period that exists to prevent people from having savings is very dystopian, I don’t feel like there is something to explain.

KomfortablesKissen@discuss.tchncs.de on 01 Nov 07:35 collapse

For the individual saving is something very good. For the economy, however, a money hoarder is dead weight. It’s why inflation won’t ever completely go away, because it discourages hoarding (investing/bringing it to the bank can counteract this, that’s why I didn’t call it saving the second and third time)

It really depends who the issuer of the certificates (wallets) is. The funds get automatically transferred and won’t be lost, it’s “just” a privacy problem (plus the issuer will probably be able to interfere).

So the idea isn’t that dystopian, but it very much depends on the implementation.

oldfart@lemm.ee on 01 Nov 07:57 collapse

In the conflict of interest of individuals vs. “the economy” I’m on the side of individuals, sorry.

KomfortablesKissen@discuss.tchncs.de on 01 Nov 10:38 collapse

I’m with you on that.

explodicle@sh.itjust.works on 01 Nov 14:23 collapse

If he doesn’t like hoarding, why doesn’t it just inflate?

KomfortablesKissen@discuss.tchncs.de on 01 Nov 16:45 collapse

I think the reason for this implementation is more the theft prevention. This sounds very mich like certificates to me

BilboBargains@lemmy.world on 31 Oct 09:23 next collapse

Something we can thank the Russians for and hackers everywhere.

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:38 collapse

Yup, good things can happen for bad reasons.

pinkystew@reddthat.com on 31 Oct 12:26 next collapse

I hoped for a second they meant moneyless.

lucullus@discuss.tchncs.de on 31 Oct 14:03 next collapse

Though having cash is not enough. The stores also need to be able to accept cash without internet usage. I think we had a case in germany a few years ago, where some supermarkets could not sell anything, because the servers, to which the local payment system connected (also uses for cash) didn’t work. Not sure, if that was because of a security incident.

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:37 next collapse

Really? I would imagine stores could keep paper notes to record transactions and recheck inventory once internet access is restored.

kent_eh@lemmy.ca on 31 Oct 20:53 next collapse

Stores where I live have had to go cash only a few times a year when one or another issues shuts down their ability to accept cards.

You would think any functioning capitalist would have a backup method of taking your money.

RaoulDook@lemmy.world on 31 Oct 22:19 collapse

I see cash businesses all the time that can operate without power or Internet. Festival / market vendors, food trucks, etc. It’s not hard to count money, give change, write down a receipt if needed.

Nomad@infosec.pub on 31 Oct 14:08 next collapse

Not to mention total monetary surveillance

sugar_in_your_tea@sh.itjust.works on 31 Oct 17:36 next collapse

Hmm, I don’t anticipate the government to have many issues with that part… But if they have access, then enemies of the state may also gain access, which is the real problem they care about here.

oldfart@lemm.ee on 31 Oct 19:36 collapse

The moment you start using this argument you become a tinfoil hat money laundering thug. Being afraid of putin is more socially acceptable.

sunzu2@thebrainbin.org on 31 Oct 23:02 collapse

Can you clarifying. The sarcasm in first sentence doesnt make sense in context of the second.

oldfart@lemm.ee on 01 Nov 06:35 collapse

I refer to comment sections under news about going more cashless, for example. Commenters saying it’s bad for privacy get downvoted a lot because it’s not socially acceptable to say so.

Same in face to face social setting. If you want to take a stand against cashless, it’s good to say something else than the privacy mantra, or people stop listening to you.

explodicle@sh.itjust.works on 01 Nov 14:13 collapse

It’s because you’re taking a stance against cashless, which sounds paranoid and weird to most people.

Take a stand against VISA and PayPal. Then the bad guy isn’t “our” government, it’s corporations everyone already hates. And it references problems people already experience.

It’s much easier to explain how the situation is already bad than it is to argue how it “could become” bad.

irotsoma@lemmy.world on 31 Oct 18:56 next collapse

Yeah, considering how bad banks and other financial institutions are at IT security and the fact that there’s no incentive for a capitalist financial institution to fix that problem, it’s not a good idea.

ChairmanMeow@programming.dev on 31 Oct 20:26 collapse

That’s not entirely true. In order to be allowed to keep processing transactions you have to adhere to strict rules which do get regularly audited. And then there’s the whole “customers will switch to another more reliable party in case of outages or security problems”. And trust me, I’ve seen first-hand that they do.

irotsoma@lemmy.world on 31 Oct 21:11 next collapse

You have to put on a show that you are sticking to those processes, on paper. But the fines for data breaches are generally way less than they save on not having a fully funded IT department and using security products that someone got a kickback for rather than the best product.

“Hacking” isn’t some magical, intensely creative process for geniuses loke on TV. For the most part, it’s usually just finding the really common things that IT departments don’t do because they are underfunded and treat IT people like replaceable cogs. There is software out there to exploit those deficiencies. So they are forced to do things like use default or obvious admin passwords because who knows who is going to be there tomorrow to fix something and without the proper tools to store credentials, there’s no way to properly secure things.

And when a security vulnerability is found, there’s a reason why many don’t bother informing the company before going to the media. Those companies pour tons of money into lawyers to avoid admitting the fault, often getting the innocent person who found the problem arrested, and never fix the actual issue. Just ask any pro whitehat security researcher not hired by the company all the things they have to do to protect themselves from being sued or arrested for “hacking” when they notice a problem.

And government technical auditors are a rarity because the regulators are underfunded. So they might go through some small list of things during regular audits, but they don’t know to check if a DBMS system that contains backups and is stored “in the cloud” is using a default password or other common hacking targets. Hackers don’t go after the primary infrastructure most of the time. It’s not necessary because there are so many sloppy processes or left over insecure projects that “the last guy” was working on or that got defunded before it was completed, but only the primary infrastructure gets audited usually because that’s all there is time and money for.

As for going somewhere else, there often aren’t other places to go and when there are they usually have the same problem because there’s very little reason for any of them to compete with each other. Most industries have consolidated so much that there are only a handful of parent companies left so it’s easy to collude just because their leaders are often all in the same room at conferences and such.

ChairmanMeow@programming.dev on 31 Oct 22:40 collapse

I think you’re being too pessimistic about IT security, particularly in the Financial sector. A lot of the security rules and audits aren’t even government-run, it’s the sector regulating itself. And trust me, they are pretty thorough and quite nitpicky about stuff.

The cost of failing an audit also often isn’t even a fine, it’s direct exclusion from a payment scheme. Basically, do it right or don’t do it at all. Given that that is a strict requirement for staying in business, most of these companies will have sufficiently invested in IT security.

Of course it’s not airtight, no system really is. But particularly in the financial sector most companies really do have their IT security in order.

uis@lemm.ee on 01 Nov 11:57 collapse

And then there’s the whole “customers will switch to another more reliable party in case of outages or security problems”.

Outages? Yes. Security problems? LMAO!

ChairmanMeow@programming.dev on 01 Nov 14:33 collapse

Our company has directly profited from a competitor that leaked sensitive data, because some of their large corporate customers decided to switch to us.

Business don’t like being on the receiving end of a data leak either you know.

uis@lemm.ee on 01 Nov 21:53 collapse

We are talking about hundreds of thousands people here

Blackmist@feddit.uk on 31 Oct 19:01 next collapse

Sure, but if a cyber attack knocks out your credit card systems in a targeted attack, chances are they’re taking your cash machines down as well.

And who carries enough cash around to be useful any more? I know I don’t. I might have a £20 note tucked in my phone case at a push.

kent_eh@lemmy.ca on 31 Oct 20:51 next collapse

And who carries enough cash around to be useful any more?

I do. Maybe not physically in my pocket, but between my wallet and my home there’s enough cash to buy a tank of gas and a few days of groceries.

Parts of the debit/credit processing system are fragile enough that I’ve seen them down randomly for signifigant portions of a day.

Cash has got me food when other people have been stuck without the ability to pay more than once in the last couple of years.

sunzu2@thebrainbin.org on 31 Oct 22:59 collapse

Proper planning which more people should be doing!

But people also should be using cash as much as possible before regime takes it away.

boonhet@lemm.ee on 01 Nov 11:49 collapse

£20 should still get you a meal of some kind until the credit cards and cash machines are back, hopefully within a few hours or next day at the latest.

Can’t really say I even have that much on me most of the time though - perhaps I should change that, keep a minimum of like €50 that’s only touched in an emergency or something. Swedbank has had several outages in the last few months here in Estonia and it affects many stores’ payment terminals too.

TheReturnOfPEB@reddthat.com on 31 Oct 22:54 next collapse

If it isn’t cash you have to ask permission from someone to use it

sunzu2@thebrainbin.org on 31 Oct 22:58 next collapse

Exactly... I am amazed that we all allowed for things to get this bad.

A lot of work to try to undo this idiocy.

Deny money changers profit

01011@monero.town on 01 Nov 07:18 collapse

Most of us need permission just to get our hands on cash.

DudeImMacGyver@sh.itjust.works on 31 Oct 23:05 next collapse

Just having a power outage is enough lol, never mind an attack.

ugjka@lemmy.world on 01 Nov 11:33 collapse

Carrington event and we are fuckarruuh

Fedizen@lemmy.world on 01 Nov 07:23 next collapse

correct.

MTK@lemmy.world on 01 Nov 09:15 next collapse

Cashless can only work if you adopt a digital cash such as monero, other wise you are taking away privacy, control and possibly small transactions (depending on what fees are common in your country)

In a cashless society banks and credit companies become your rulers as you have no real way to bypass them.

I suspect that any country that tries to go cashless without a real cash alternative, will just find itself with a new form of cash (gold, silver, etc) since eventually there will be enough people trying to avoid fees and taxes

drake@lemmy.sdf.org on 01 Nov 10:52 collapse

Cryptocurrency has basically many of the same problems as traditional banks, it’s just a matter of who is controlling it. Monero is slightly different from most, because it is much more anonymous, but it’s really only a matter of time before even that advantage is lost.

There is no substitute for physical currency if you want privacy and anonymity.

arrakark@10291998.xyz on 01 Nov 12:45 collapse

Do you know how Monero’s advantage could potentially be lost?

drake@lemmy.sdf.org on 01 Nov 13:12 collapse

From what I understand, which honestly, isn’t a lot - the method used to anonymize transactions and balances is more like obfuscation than anything else. The system uses various techniques to fuzz up the data in such a way that it becomes impossible to trace.

It’s a bit like if you wanted to send a bank transfer for £200 but anonymize it somewhat, you could transfer that money around between a bunch of other bank accounts, before sending it on to the final source. And if multiple people are doing the same thing, it becomes essentially impossible to determine where the money entered and left.

The problem is though that such systems aren’t true encryption in the same way that RSA is, for example - the data isn’t unreadable, and it’s not impossible to reverse, it’s just that there’s so much junk data and it’s such a mess that it makes the true transactions difficult to identify and the end user has extremely strong plausible deniability. However, it’s likely just a matter of time before some state actor finds a vulnerability in the technique that allows them to trace transactions - if they haven’t already done so.

explodicle@sh.itjust.works on 01 Nov 13:43 next collapse

What if it bounced through multiple peers between sender and recipient, encrypted on each hop like Tor? Then they’d need to actually break the encryption, or compromise every hop.

drake@lemmy.sdf.org on 01 Nov 14:03 collapse

The transaction data itself does need to be publicly readable, because otherwise the whole consensus mechanism that the blockchain relies on wouldn’t work.

explodicle@sh.itjust.works on 01 Nov 14:33 collapse

Not every transaction, just the ones that open and close payment channels. This deletes data that would be needed to reconstruct an overwhelming majority of transactions.

(This is how Bitcoin’s lightning network works.)

arrakark@10291998.xyz on 01 Nov 13:46 collapse

Hmm gotcha. Yeah this stuff goes over my head haha but it sounds similar to a Bitcoin mixer/tumbler. I wonder if the anonymity scales with the number of users using the network. I also wonder if you happened to send a transaction at a “bad” time (no-one else is using the network) then it’s easier to trace.

drake@lemmy.sdf.org on 01 Nov 14:07 collapse

Yeah, totally - I think it’s designed to be hard to understand, both tech stuff and financial stuff is often made intentionally confusing, in my opinion. It’s not dissimilar to the bitcoin mixers, but it’s still much stronger - the system is automated, you can’t mess it up as a user, you’re less reliant on a single-point-of-trust, and so on.

You might be on to something about quiet periods - I don’t really have the knowledge to say either way. There might be a bit of stuff that goes on in the background for wallets even if they’re not actively conducting “real” transactions. But, I don’t know, really.

GiddyGap@lemm.ee on 01 Nov 11:27 next collapse

I was once a proponent of cashless societies. Not anymore. Too many vulnerabilities, too many ways for governments to take control of your finances.

uis@lemm.ee on 01 Nov 11:55 next collapse

My derped eyes and pronked brain read cashless as moneyless. Comon, Nordic countries, you can do it.

bluewing@lemm.ee on 01 Nov 12:09 collapse

They call that type of “no currency” economy bartering. It works well for peer to peer transactions. Not quite so well for larger ones.

girsaysdoom@sh.itjust.works on 01 Nov 14:40 collapse

In a post-scarcity society, you wouldn’t need money.

We could actually achieve that too. We’d just need to solve food logistics hurdles, homelessness, useless subsidies, bigotry, corruption, greed. Totally doable in our lifetime. /s

uis@lemm.ee on 01 Nov 21:54 collapse

homelessness

USSR solved it.

hark@lemmy.world on 01 Nov 14:53 collapse

I’m more concerned with the threats from the people in charge of the system, but whatever gets them to the conclusion that it’s a bad idea is fine with me.