[HN Gopher] Offline card payments should be possible no later th...
___________________________________________________________________
Offline card payments should be possible no later than 1 July 2026
Author : sebiw
Score : 153 points
Date : 2025-10-03 20:36 UTC (2 hours ago)
(HTM) web link (www.riksbank.se)
(TXT) w3m dump (www.riksbank.se)
| Aurornis wrote:
| > The online function shall apply to physical payment cards and
| accompanying PIN code when purchasing essential goods such as
| food, medicine and fuel.
|
| Is this a typo where they meant to say "the offline function"?
|
| If I'm reading this right, the goal is to allow food, fuel, and
| medicine purchases with card + PIN in offline mode.
|
| Seems like a reasonable goal. I wonder what the technical details
| will look like. Will there be a periodically updated list of
| cancelled cards/accounts distributed to endpoints? Even a hashed
| list of all cards cancelled before their expiration date within a
| country is a reasonable amount of data for modern storage
| systems.
|
| Or would they simply rely on the ability to track down account
| owners by their originally registered contact info in the event
| that someone gets an invalid transaction through during an
| offline period?
| objclxt wrote:
| > I wonder what the technical details will look like
|
| It's already a thing, the EMVCo standard predates ubiquitous
| internet connectivity. Mass transit systems typically use it,
| airlines used to for in-flight purchases before the advent of
| reliable WiFi.
|
| https://en.m.wikipedia.org/wiki/EMV#Offline_data_authenticat...
|
| It is somewhat common to maintain a denylist of known
| fraudulent cards, but as you note the main mitigation is on the
| bank to track the card down. One of the key things you need to
| figure out with an offline payment system - and what I imagine
| is needed here - is a consensus on who has the liability for
| offline transactions and what the dollar limits are.
| tialaramex wrote:
| I assume it's a typo or equivalent mistake.
|
| EMV (chip cards) can have a small amount of local smarts, so it
| is typical for example to insist on going online for a large
| transaction or if the card has performed too many offline
| transactions since last going online. The card maker decides
| these rules, so the bank gets to ensure the cards it issues to
| customers meet whatever requirements it has decided upon,
| balancing fraud risk against problems with loss of connectivity
| or services being down.
|
| So I doubt they'd bother doing some sort of ad hoc revocation
| technique.
| londons_explore wrote:
| The card itself knows its balance and is authorised to approve
| transactions up to a limit fully offline.
|
| The UK already does this in some shops for low value items for
| NFC payments. You can tell the offline transactions because
| they immediately say 'approved' rather than taking a few
| seconds.
|
| If it turns out the card approved something 'wrongly', for
| example because you had previously reported the card lost to
| the bank, then the bank refunds the transaction and claims the
| value back from the merchant. That's why many merchants have
| their terminals set to require online payments.
| greenavocado wrote:
| It's incredible how the banks refuse to lose here; they will
| screw over the merchants before taking on any liability in
| this matter.
| xhoantran wrote:
| When you set up the POS you can choose whether to allow
| offline auth or not. It makes transactions a little faster,
| but you're the one who takes the hit if the card bounces
| later. Just comes down to whether you value speed over the
| extra risk.
| ErrantX wrote:
| Your card doesn't know the balance, it doesn't work like
| that.
|
| Offline transactions mostly died off when the limit in the UK
| for contactless was raised to PS100. At PS20/30 (the original
| limits) issuers/merchants risk accept some payments not being
| valid (and the total limit before you had to chip and pin was
| fairly low top).
|
| And worth saying, the merchant has _some_ control on the
| terminal but mostly the decision of offline /online is down
| to the issuer and configured on the card.
| yieldcrv wrote:
| offline key signing and broadcasting later should be a simple
| thing
|
| although heavily misunderstood, this is built into
| cryptocurrencies since day 1 (many critics have long thought
| crypto requires power and internet access, many proponents also
| don't know otherwise)
|
| with card networks learning from competition and functionally
| being public-only keys, this should be even simpler to implement
| dboreham wrote:
| Yes, but the merchant has to have a way to check for double-
| spending, or otherwise verify that the signed txn they have
| been given represents money that can be "taken to the bank".
|
| Checking the signature on some blob that says "this be money"
| is not enough.
| throw219080123 wrote:
| True. But if the system is implemented by a country this
| could be implemented using the law system and insurances.
|
| For example, when each transaction is done, both parties
| might keep a cryptographic proof which they are required to
| submit once they are online again.
|
| Failing to submit could result in a small fine (to encourage
| submission) and double spending which can then be detected
| could result in a large fine (or even a prison sentence), for
| example.
|
| There is, perhaps, a privacy issue, just like with
| blockchain. But it's not more of an issue than online
| transactions.
| mosdl wrote:
| You don't need a blockchain for that, see how old credit
| cards worked without network access.
| throw219080123 wrote:
| I didn't say you need a blockchain. I just said a
| cryptographic protocol (mostly offline and unrelated to
| blockchain) would help to automatically and quickly
| detect and proof fraud.
|
| The offline credit card system does not proof fraud but
| just has insurance.
| cjbgkagh wrote:
| I figure you can 'solve' it socially and legally by treating
| double spend while offline the same as writing a bad check.
| Recipients of offline transactions knowing the risk would
| limit it to small amounts and or emergencies.
| ciupicri wrote:
| What cryptocurrencies work offline without Internet access to
| the ledger?
| samus wrote:
| All of them? As long as eventually the connection is restored
| and the transaction can propagate over the network.
| thaumasiotes wrote:
| The point of the ledger is to prevent double-spending.
|
| Offline payment specifically allows double-spending. If you
| have offline payment, you don't need a ledger at all; you
| can just use PGP.
| rjdj377dhabsn wrote:
| Doesn't Solana require the hash of a recent (~ 1 minute)
| block before signing?
| Spooky23 wrote:
| They do, but the payee accepts risk.
| samus wrote:
| Card networks have supported this mode of operation for a long
| time.
| Etheryte wrote:
| Some context might be useful here. I spent some time living
| Sweden not too long ago and Swedes practically don't use cash.
| It's usually not said out loud, but cash is often considered to
| be dirty and criminal, to the point that most don't have any at
| all. Digital payments are very convenient and deeply integrated,
| so long as you have a local ID which allows you use the local
| payment system Swish etc.
|
| This worked nicely until the tensions in Europe lead to more
| cyberattacks rolling in and suddenly you have people not being
| able to buy food, medicine, and so forth. Not too long after,
| there was a government advisory urging people to keep some cash
| reserves in case a larger cyberattack happens, but cultural
| habits at large are hard to change. This is of course a coarse
| simplification of the context, but might help understand this
| incentive a bit better.
| elictronic wrote:
| Physical attacks are also possible, this site focuses on
| software so much of the time, while acts occur in the physical
| world. Cyberattacks are grey areas, but based on some of the
| undersea cable cutting and factory fires Russia has been
| performing, physical attacks are very much on the table if you
| can obscure the source.
| 1oooqooq wrote:
| that's the excuse.
|
| it's really visa lobbying to destroy the (somehow worse than
| visa) easy credit new players. they give credit like candy
| because being online and low value only it's easier to avoid
| (or swallow) fraud.
|
| forcing their hand to accept offline sales mean they can't
| decide on the spot, and now those 5k credit lines which they
| only allow transactions for sub 100 purchases at a time will be
| wide open for offline fraud they can't detect, and which visa
| already know how to handle/sustain.
|
| this will probably be lobbied elsewhere soon. i predict
| Netherlands is next.
| daneel_w wrote:
| _> "It's usually not said out loud, but cash is often
| considered to be dirty and criminal ..."_
|
| Are you sure this isn't impression you've gotten from isolated
| reactions involving a small number of individuals, perhaps just
| a single individual? I can't relate to the sentiment at all,
| having lived here for just over three decades and experiencing
| the popularity shift from cash to debit card. I can, in fact,
| not recall a single time ever that someone has divulged the
| opinion that they consider cash "dirty and criminal".
|
| More than anything else the Swede's favor of debit card is the
| convenience. Second to that I would say is the security of not
| immediately losing funds if you misplace the card or it being
| stolen - it feels less risky carrying a debit card, in
| particular if you're the type who prefers having more than a
| few "tens" on you in case you'd need or want to buy something.
| veeti wrote:
| Sweden has introduced civil asset forfeiture where the mere
| possession of cash can make you a suspect [1]. It's coming
| from the very top.
|
| https://archive.ph/v7TRe
| daneel_w wrote:
| I fully understand why the Swedish government wants to get
| rid of cash. What I'm saying is that the people simply
| don't feel that cash is in any way dirty.
| dghlsakjg wrote:
| That article does not at all make the assertion you are
| claiming it does: "The new law allows police to seize
| expensive goods even from people who are not under
| investigation for a crime, if they cannot prove they
| acquired them lawfully."
|
| I don't love the law, but having cash on its own is not
| grounds for seizure. Having expensive goods that you cannot
| explain how you managed to pay for is what they are
| targeting, according to your source.
|
| This is basically a law that takes your expensive shit away
| if you are too stupid to launder your ill-gotten cash.
| veeti wrote:
| You can put lipstick on a pig all you want, but if you
| reverse the burden of proof from "we have to prove your
| money is dirty" to "you have to prove your money is
| clean", that is a very clear cut case of "possessing cash
| is grounds for seizure" to me.
|
| By the way, have you ever wondered what the definition of
| "expensive goods" is? Of course, the powers that be want
| to make it all about the Rolexes and Lamborghinis, but a
| cursory peek at the actual law reveals [1]:
|
| > Section 4 If the property has been seized and the value
| of what may be confiscated does not exceed one tenth of
| the price base amount according to Chapter 2, Sections 6
| and 7 of the Social Insurance Code, a question about
| confiscation of the property may be examined by 1. a
| police officer, or 2. another employee of the Police
| Authority or the Security Service appointed by the
| respective authority.
|
| Which effectively means that using the "price base
| amount" value of ~59k SEK in 2025, you are subject to
| asset forfeiture at the whims of any police officer once
| you have more than 600 bucks in your wallet or under the
| mattress.
|
| But I'm sure they will only use it on brown gang bangers
| or knife wielding foreign drunks and not law abiding
| citizens such as myself, so it's fine!
|
| [1] https://www.riksdagen.se/sv/dokument-och-
| lagar/dokument/sven...
| ccppurcell wrote:
| You are right I think. I lived in Finland and rarely used
| cash. Even people selling their clothes at pop up second hand
| markets seemed to be able to take card. It has nothing to do
| with criminality, just culture. Germans use cash a lot and
| it's harder for me now I live outside the eurozone to go
| there.
| dcminter wrote:
| Most Swedes have Swish (mobile payments) so fleamarkets
| etc. mostly require that. Before I had my Swedish bank
| account set up (so six years ago) and thus BankId & Swish I
| often had to get my partner to pay for things even though I
| had a Visa card and Swedish cash.
| dijit wrote:
| I come from the UK where not accepting cash is only ok in
| hipster areas of London (or, was at the time).
|
| When I joined my gamedev studio I had colleagues asking me
| why I had cash, and many of them didn't even recognise what
| it looked like (there was a switchover of the notes a year or
| two prior).
|
| There was an insinuation that I would use it for drugs. So, I
| suspect that the parent is right here.
| keanb wrote:
| It can't be a coincidence that the less free countries are
| the ones that are less likely to use cash.
| daneel_w wrote:
| Natives asking why someone has cash, and not even
| recognizing bank notes...? It sounds so absurd that I'm
| certain you're exaggerating wildly. If not, you've had an
| outlier experience during a limited window of time in the
| country. Just like the parent. This isn't really
| representative.
|
| Add.: another poster suggested that someone had a bit of a
| laugh with you by saying it, which is also entirely
| possible. Basic joke.
| victorbjorklund wrote:
| I'm Swedish I honestly havent seen the new banknotes
| (other than on images on the internet).
| gambiting wrote:
| I'm in the UK and I have friends who will tell you hand
| on heart that they have never handled a PS50 note. They
| know they exist but they haven't had one.
| renhanxue wrote:
| I am Swedish and have lived here all my life and I have
| no idea what the current banknotes look like. I have
| literally never used them. I remember what they used to
| look like 20 years ago, but I know they have changed
| since then.
| eigart wrote:
| Your suspicion is wrong.
| rounce wrote:
| Sounds like they were pulling your leg.
| maccard wrote:
| this is definitely more widepsread than you imagine in the
| UK. Most major cities are heading in the cashless direction
| - the only time I use cash is for my window cleaner.
| varispeed wrote:
| > it feels less risky carrying a debit card
|
| Depends. Very long time ago I was approached by a group of
| seemingly friendly people asking for direction, then I felt
| sharp object to my belly and they told me to walk slowly
| towards cash point. They said they'll stab me if I don't
| withdraw all money I can. So I did. When cards were not
| popular, I would have small amount of cash in the wallet and
| anything more substantial hidden in a sock or elsewhere.
| Thieves would take what would be comfortable for me to lose.
| I guess it can be the same with cards - have a card with
| small amount and actual card hidden, but it is not as easy to
| hide as cash. Then you have whole other kettle of fish -
| banking apps. There's been instances of people being forced
| to do transfer at knifepoint. For that reason I don't use any
| apps, apart from throwaway bank account - again with small
| balance just in case. Shame more banks are restricting web
| access, which I think is most secure.
| mylifeandtimes wrote:
| > Are you sure this isn't impression you've gotten from
| isolated reactions involving a small number of individuals,
| perhaps just a single individual?
|
| Swedish here. The impression is common. Sweden is a small
| country and has long had a fairly cohesive culture. The
| culture has decided that digital payments are the way.
| Deviation from the collective way is always suspect.
| daneel_w wrote:
| _> The impression is common._
|
| No.
| victorbjorklund wrote:
| Not sure its considered criminal and dirty. I agree its more
| a convenience thing. There is no need ever to have cash
| (other than when payments systems are down but then lots of
| stores systems in general are down). I don't even think I
| have seen any cash for many years.
| Etheryte wrote:
| This is something I've heard from multiple locals, not
| something I inferred myself. As you can see, even here in the
| comment section you have people both for and against the
| idea. The notion definitely exists, how widely it's held
| exactly, hard to say. In my experience, that explanation came
| up often enough to catch my attention.
| tcshit wrote:
| I'd say he's correct, people under 60 that uses cash are
| considered, if not criminal, at least suspicious, like they
| have something to hide. Or simply wackos. I haven't used cash
| for the last 15 years or so. Except for when I had carpenters
| at home who wanted to get paid in cash (to avoid taxes, so
| called black money).
| renhanxue wrote:
| Yeah, that's kind of my default assumption as well. If
| someone is insisting on cash I'd assume it's for tax
| evasion purposes.
| daneel_w wrote:
| _> "people under 60 that uses cash are considered, if not
| criminal, at least suspicious, like they have something to
| hide. Or simply wackos."_
|
| I have barely used cash in 25 years. This doesn't mean
| anything at all. You're probably putting this solely in the
| context of using cash for significantly large purchases,
| e.g. higher 4 digit sum or above, or as in your example a
| craftsman who want to excempt it from his or her
| accounting. Nobody bats an eye at a person buying
| groceries, or some gadget for a couple of hundred, with
| cash.
| glzone1 wrote:
| I think it's a pretty common impression.
|
| Tradespeople sometimes request cash payment or provide a good
| discount for cash payments (well above any fee they would be
| charged). I guess where you are no one considers this dubious
| (really???) but at least in discussions with family the
| feeling is that the request for cash only payment is dubious.
|
| We also have a local retail establishment that is cash only.
| I think it's looked at dubiously.
|
| I personally have experienced it. Someone wanted to split
| payment on something between cash and a check so they could
| report the value of the item was lower because it would save
| them taxes every year. Again, the use of cash was I think a
| bit dubious.
|
| Note: Cash allows you to avoid all sorts of obligations (tax
| / family support / debt collection and garnishment etc etc),
| ineligiblity for banking (europe is pretty strict in some
| cases for example with folks with no legal status with
| banking) and is still used in things like the drug trade.
| Even if everyone around you considers large cash transactions
| reasonable that might be naivety or they may simply not have
| been exposed to larger cash transaction activity.
|
| I do like and carry cash.
| Hikikomori wrote:
| Wouldn't say it's dirty or criminal, it's just convenient to
| use card, but if you buy a car it would be a bit weird if you
| insist on cash. It's mostly old people paying with cash these
| days.
| seanalltogether wrote:
| How do kids get pocket money in Sweden? I can't imagine
| grandparents handing over prepaid debit cards to 8 years old to
| go buy candy at the neighborhood store?
| afandian wrote:
| I don't know the answer, but Swish is very common.
|
| https://en.m.wikipedia.org/wiki/Swish_(payment)
| wdrw wrote:
| In Canada there's MyDoh, which is specifically a debit card
| you can give to kids including in that age range. One of the
| major Canadian banks runs this. Can only imagine that it's
| more advanced in Sweden.
| johannes1234321 wrote:
| That may be practical, but many kids I observe in my family
| etc like to collect the money and see it and are proud of
| their collection and about what they saved. That goes away
| with a card ... and I wonder how that impacts the "feeling"
| for it. Counting and making likes and plans about what to
| buy is a big part of learning to deal with it.
| brewdad wrote:
| Like or not the world is a digital currency world for the
| most part these days. I want my kids to understand that
| those numbers on a computer screen have real world value.
| How many young adults get into trouble with their first
| credit card or debit card because the money isn't "real"
| to them? In the US it's quite a few.
| rjdj377dhabsn wrote:
| Where I grew up, (sadly) it's not been common since at least
| 50 years for 8 year olds to go buy candy at a neighborhood
| store by themselves. Parents had to drive us everywhere.
| Strom wrote:
| Kids have their own debit cards with their own bank accounts.
| Others can transfer money to the kid's account.
| DavidVoid wrote:
| Swedbank offers debit cards to kids as young as seven [1].
| Depending on the kid's age (and what the parents configure),
| there will be different limits on how much the kid can spend.
|
| Swish is the de facto standard for sending money between
| individuals [2], and that's what grandparents tend to use to
| send money to their grandchildren. It's fee-less (for person-
| to-person transfers use at least) and it connects your bank
| account with your phone number. So if anyone wants to send
| you money, they can just open Swish and enter your phone
| number (or scan a QR code) and send you some. You also have
| to sign the payment with the BankID app, which is the de
| facto standard for authentication [3].
|
| And when I write de facto standard I really mean it. 99.9% of
| Swedish residents age 18-67 have BankID (8.6M users), while
| Swish has 8.7M private users (93% of which use Swish at least
| once per month).
|
| [1] https://www.swedbank.se/privat/kort/bankkort/bankkort-
| master...
|
| [2] https://en.wikipedia.org/wiki/Swish_(payment)
|
| [3] https://en.wikipedia.org/wiki/BankID_(Sweden)
| bosse wrote:
| My 9 year old has a debit card in her own name. She gets her
| allowance on that, and can use it for candy, Robux, or
| whatever she wants.
| obblekk wrote:
| 1yr timeline is ambitious if it means fully deployed.
|
| Clearly the right thing for Sweden and others to do. Also
| worrying that even 3yrs into the Russian invasion, bordering
| countries are urgently increasing their preparedness for future
| conflicts.
| londons_explore wrote:
| The standards are already designed and widely implemented in
| Europe and a smallish percentage of transactions are already
| fully offline.
|
| I suspect this could be implemented with just policy and config
| changes, with no need to reissue cards or deploy new readers.
| hocuspocus wrote:
| Right, basically all EMV cards are ready. You just need one
| that has some offline tolerance, as there are limits on both
| the amount and number of consecutive offline transactions. I
| believe these settings can be updated on the chip, i.e. your
| bank will tell you to go to an ATM perform any operation to
| make sure it's up to date.
|
| Payment terminals might be trickier as we've observed during
| outages that they currently don't fall back to offline
| transactions. But their software and business rules can
| obviously be updated.
| jcul wrote:
| I believe most of those POS systems can operate in offline
| mode, in Europe at least. I have friends who work for large
| event organizers, and they have spoken about how if the system
| is offline the bars can continue to take payments, but there is
| a risk as a person's account may not have sufficient balance to
| make the charge when the system comes back online.
|
| Most people here pay by card and I would say the vast majority
| use debit cards. A lot of people don't even have credit cards,
| unlike the US.
|
| I'm no expert so may be wrong about some of this, and maybe
| huge events like these have these systems in place due to the
| risk of having to shut down bars etc. Many events are
| completely cash less these days.
| DavidVoid wrote:
| This is also partially due to hacking incidents in recent
| years. In 2021, all 800 Coop grocery stores were closed for a
| few days due to the Kaseya VSA ransomware attack [1].
|
| [1]: https://en.wikipedia.org/wiki/Kaseya_VSA_ransomware_attack
| spullara wrote:
| It's a check, they have invented checks.
| Imustaskforhelp wrote:
| atleast with cheques tho there was a way to safeguard the
| payments of a cheques by crossing of cheques and when I had
| learnt about cheques there were a lot of things that can be
| done via cheques like endorsing etc.
|
| But there was always a risk of cheques being unsafe so that's
| why there is bank drafts. It seems that this is more similar to
| bank drafts than cheques.
|
| If you really try to sum it up, I know I am going to do a grave
| misjustice but even a cash could be thought of a cheque from
| the govt. (well a cheque is meant to be unconditional but its
| based on the banking laws of a govt. and cash is a promissory
| note which is a promise made by the govt. so yeah....)
|
| As another HN commenter pointed out here,this decision might be
| partially due to swedish culture of how they view cash which
| you can find here.
| lostlogin wrote:
| Are there people that like cheques? They are no longer a thing
| in New Zealand. It seems like something no-one would miss.
| reaperducer wrote:
| _Are there people that like cheques?_
|
| For no good reason, I keep a list of why I use checks (in the
| U.S.):
|
| - Charitable donations because charities maximize every
| penny, and electronic contributions eat into that
|
| - Paying the accountant - Good accountants make every penny
| count, and aren't interested in paying credit card overhead.
|
| - Tipping the paperboy at Christmas
|
| - Tipping the doorman at Christmas
|
| - Business license renewal in certain cities
|
| - IRS payments without a fee
|
| - Gas bill. Gas company charges $5+ to pay by credit or debit
| card.
|
| - Rent. Building charges $50+ to pay by debit card, $200+ to
| pay by credit card.
|
| - Electric bill. Electric company charges $5+ to pay by
| credit or debit card.
|
| - Passport renewal fee (Though I believe this is finally
| possible with a credit card, I haven't had the opportunity to
| see yet.)
|
| - My company requires me to send it a check for the amount I
| receive from the government for jury duty.
|
| - My company allows me to buy computers and other equipment
| it no longer needs. Checks only. (And an M2 MacBook Pro for
| $200 woot!)
|
| - Fee to pay for a new car title. No credit cards accepted in
| my jurisdiction.
| recursive wrote:
| Not really your point, but this sounds crazy.
|
| > My company requires me to send it a check for the amount
| I receive from the government for jury duty
|
| That just sounds like something that shouldn't be allowed.
| I don't know the rules.
| reaperducer wrote:
| Some states permit it, some do not.
|
| My company claims that allowing me to have both my
| regular pay and the government pay would be considered an
| over-payment, and the accountants say it triggers all
| kinds of messy things.
|
| However, at the same time, it is illegal to do this in
| some American states where we have offices. So it must
| somehow be possible for the accountants to allow it.
| spullara wrote:
| most of these are related to the high credit card fees we
| have in the US to support the card points programs. in EU
| for example, the fees are 10% of ours.
| DavidVoid wrote:
| I'm in Sweden and the only time I've ever come in contact
| with a check was when an American company sent me one as a
| refund.
|
| Most of these reasons just sound like fee-issues to me. I
| use a debit card (or Swish) to pay for everything and
| there's never a cheaper payment option. The fact that
| checks somehow cost less to use than debit/credit cards
| sounds ridiculous tbh, especially with all the added
| handling that must go into dealing with them (it just seems
| so inefficient).
| ahmeneeroe-v2 wrote:
| You nailed it. Or those old *KU-CHUNK* machines that I remember
| from my childhood.
| jpkw wrote:
| I would love it if this were the solution, embossed card
| imprinters can work without internet and power and are both
| fast and intuitive. It worked as a primary method in the
| past, it can work as a backup method in the future.
| japhib wrote:
| If the "check"/offline payment bounces, I wonder if it's the
| merchant that is out the money? Or is there any assurance from
| anyone else, like maybe the network would go halfsies?
|
| Edit: on second thought, that doesn't really make sense and
| would be a great way to defraud the network of a ton of
| guaranteed money
| andy99 wrote:
| The idea of there being some "government approved" list of things
| people can buy with this is horrifying and exactly why cash
| should continue to exist.
| Animats wrote:
| People should still be able to buy food and essentials even
| during cyberattacks from Russia. That's what Sweden is
| preparing for.
| andy99 wrote:
| And there's a solution to that that lets them value what they
| want appropriately and not have to choose it from a
| government list. I think unfortunately the temptation is too
| high for governments to also try and tell people what their
| priorities should be, which is why having an exchange medium
| that doesn't involve government control is important.
| mrtksn wrote:
| It's not about paying by cash but paying by card offline. How is
| this going to be implemented I wonder.
|
| On planes they often accept credit cards even when there's no
| internet. I assume this is a trust in-credit-based system because
| they don't accept debit cards, i.e. if you are worth being
| trusted with a card you can have your sandwich now and we will
| take care of the bank processing once we are on the ground. So
| maybe this will be like we trust you enough with basic goods that
| once we get a connection things will be sorted out situation?
| jazzyjackson wrote:
| Restaurant POCs have an offline mode. They had to ask my zip
| code so I suppose it just counts as a "card not present"
| transaction that goes through later. Does present the question
| of whether that data is temporarily stored unencrypted or if
| it's immediately encrypted to be sent to the bank when it comes
| online
| eszed wrote:
| I, for my sins, have had to read PCI certification standards,
| and they're required to be encrypted, or not stored at all.
| Not that every implementation _follows_ that, of course, but
| that 's the expectation.
| kosinus wrote:
| Debit cards are most definitely accepted on planes.
| mrtksn wrote:
| Even without internet connection?
|
| Edit: OK maybe there's different level of trust and some take
| a leap of faith :) In my experience debit didn't work but it
| appears that its not the same everywhere.
| whatevaa wrote:
| Yeah. They just accept some loss on bounced payments. Got a
| free meal (well it was a sandwich, nothing fancy) like
| that.
| kosinus wrote:
| I have no idea how the terminals operate, but I was on a
| flight two days ago and paid with a debit card. The flight
| otherwise required devices to be in airplane mode. Though
| there are flights that offer wifi, so there's a good chance
| the terminal can communicate with the ground, but they just
| don't allow anything else.
| tecleandor wrote:
| Yep, but IIRC only if they are credit, not debit. I guess
| they also have certain special conditions with the
| processor...
|
| Edit: I've also seen it when paying on the cafe car while
| on train trips in Spain. Even without any
| cellphone/internet coverage they'll let you pay, but only
| with credit.
| al_borland wrote:
| I don't see why not, they can be run just like a credit
| card through the same network.
|
| When a debit card prompts for a PIN, don't enter it, press
| submit, and it runs as credit instead of debit, but
| functionally works the same as far as the card-holder is
| concerned. It might take slightly longer to settle, and the
| merchant likely gets charged higher fees, but it works just
| fine. When I got my first debit card 20+ years ago my bank
| specifically told me to select credit and using it, instead
| of using it with the PIN as a debit card.
|
| These days I've noticed the systems tend to auto-prompt for
| the PIN instead of asking credit or debit. But skipping it
| functionally works the same as pressing credit used to.
| mrtksn wrote:
| Having a credit card requires some amount of
| trustworthiness. Anyone can get a debit card, they even
| sell it in supermarkets.
| alexey-salmin wrote:
| Normally in supermarkets they sell prepaid cards which
| are distinct from both credit and debit ones. Visa and
| Mastercard support all three types.
| ThePowerOfFuet wrote:
| You're confusing debit with prepaid; they are classified
| differently and merchants can determine one from the
| other.
| parl_match wrote:
| complicated.
|
| star/plus/cirrus etc - pure debit-only networks - aren't
| accepted on a plane
|
| debit cards that are on one of the credit card rails (visa,
| mastercard, etc) are very common. those work because they're
| just a normal visa transaction
| mananaysiempre wrote:
| > those work because they're just a normal visa transaction
|
| I wouldn't be so sure about that. In some payment
| situations you're asked whether you'd like to have the
| transaction go through as debit or as credit--so those two
| must be different somewhere. And probably in more than just
| a bit in a packet, as, for example, paying with debit Visas
| or MasterCards (normal ones, not Electron resp. Maestro) in
| the Netherlands (where locals almost universally have
| credit cards) is something of a crapshoot.
| ErrantX wrote:
| They use largely the same rails/network (for example
| Mastercard). The only meaningful difference is on how and
| when funds are reconciled.
|
| Some payment providers ask up front to simplify the flows
| as it's not totally trivial to determine what sort of
| card it is, and also because different fees apply -
| historically some merchants added specific fees to basket
| etc. (less so nowadays but the UI convention sticks)
| samus wrote:
| Re paying on the plane: yes, that's how credit cards work. The
| question of the solvency of the customer becomes the problem of
| the payment processor.
| pjmlp wrote:
| Exactly like that most likely, I am old enough to remember
| those machines where credit cards left their mark on the
| receipt, that is why their numbers are higher than the card.
|
| Here,
|
| https://en.m.wikipedia.org/wiki/Credit_card_imprinter
| mrtksn wrote:
| Very interesting, never heard of these. Thank you.
| wat10000 wrote:
| I suddenly feel very old.
| thrill wrote:
| That's how it happens.
| mikestew wrote:
| "Never heard of these", meanwhile I was remembering a
| credit card that I used so often that I wore the coloring
| off the raised numbers.
|
| And I guess if one has never seen these, I need to explain.
| In order to leave an impression on the carbon paper (I
| should probably explain that, too, huh?), a fair amount of
| pressure was needed (those old card imprinters didn't
| require a gym membership, but a child could not operate
| one). That rolling pressure would eventually wear on the
| surface of the card, and turn the numbers white when the
| outer layer wore through.
| RHSeeger wrote:
| I imagine there is a clear and distinct line between "I've
| never seen one of those" and "I can remember exactly how
| those sound". The sound of sliding that handle over the
| card is ... distinctive. I can discuss it with someone,
| slide my hand left and right, and say "shunk, shunk" and
| lots of people will very clearly remember them.
| adrianpike wrote:
| We did sailing charters growing up and had one of these on
| the boat, I was in charge of it and the sound & feel of the
| CH-CHUNK is seared into my memories like nothing else. We
| never got any declines, but I always wondered how that
| reconciliation process actually worked out.
| mikestew wrote:
| _We never got any declines, but I always wondered how that
| reconciliation process actually worked out._
|
| IIRC, the merchant gets paid if hitting a credit limit or
| similar decline reason. The card holder then gets hit with
| a financial penalty (usurious interest rates, or extra
| charges). If the card has been stolen, it ends up in a big
| phonebook-like book for offline use (otherwise the merchant
| just called it in for big purchases).
| cowsandmilk wrote:
| Wikipedia claims they aren't being used in the 2020's, but
| I've still seen stores in the past year pull them out when
| the internet is down.
| SpicyUme wrote:
| I'm trying to think the last time I saw one in use, last
| year or a couple years ago when there were large scale
| power outages. Of course the newer cards lack raised digits
| so I'm not sure how well they worked for keeping business
| moving. I had cash.
| eszed wrote:
| My company had them on-hand until around 2021, when I told
| everyone to throw them out. They'd last been used - at one
| location, during a complete POS meltdown (I don't miss
| Aloha at all) - in maybe 2018? No one could remember a
| previous time.
| lifeisstillgood wrote:
| What's fascinating (apart from the sound those things made is
| still in my head) is that the very nature of the technology
| meant who could and could not get credit varied. At first
| (1950 diners card onwards) only well off could use it at
| limited establishments (ie restaurants) and they would postal
| deliver lists of cars - initially white lists of valid card
| owners and later hot lists of delinquent card owners. Stick
| your privacy issues in the restaurant food bin there!
|
| Calling a call centre to verify every transaction is too
| expensive so only purchases over certain limits came in
| following BofA/Visa - and that stated that way till the late
| eighties when larger stores started using back office to talk
| to Visa network etc. but even so the ability to do live
| updates and verification was too much and there were weird
| cacheing tricks
|
| So banks could easily approve or be liable for transactions
| they would prefer not to approve - so they only gave credit
| to the rich at first, and then to those who paid back
| regularly. This info was shared and became credit reference
| agencies - because the credit card companies shared it
| initially like casinos but the abuse and mistakes brought
| legislation
|
| I think what i am saying is our consumer credit culture was
| not designed, it just grew.
| andy99 wrote:
| this is what first came to mind for me too. I'm in my 40s and
| still saw them used semi-frequently during my life. In ~2015
| I actually paid using one in a taxi, that was the last time.
| hakkoru wrote:
| Heh, in 2014 I remember taking a taxi that only accepted
| card using an imprinter, which was unfortunate because I
| had just gotten a new card and the numbers weren't
| embossed. He had to drive me to a gas station to get cash
| from an ATM.
| kerpal wrote:
| Yup exactly this, I had to look it up because I don't even
| remember what they were called but I vaguely remember seeing
| them in the 90s.
| testing22321 wrote:
| I used those machines to charge cc's at a major ski resort in
| California in 2004. At the end of the day I would enter all
| the details in an online terminal and process the charges for
| real.
| xp84 wrote:
| When I was working retail (almost 20 years ago :[ ) we
| imprinted more often because of a failed magstripe, than a
| computer outage. In the event the card couldn't be swiped,
| you could key the number in, but the printer would create an
| extra-long signature slip instead of the normal kind, and
| we'd imprint the card onto it, as proof the actual card was
| there. This was I assume to prevent us from having to pay a
| higher 'card not present' interchange fee, and in terms of
| fraud, made it really obvious if someone was doing something
| shady like typing in card numbers without the card or
| cardholder being present.
| cyanydeez wrote:
| Airlines typically are already in possession of your credit
| card, so most likely it's just "if he stiffs us, we can always
| find the carrier they registered with"
|
| So it's not _just_ blind trust.
| huhtenberg wrote:
| Using a card-to-card transfer of some sort of credits/units,
| with eventual online settlement. Using chip cards, obviously.
| The tech for this existed since _at least_ mid '00s.
| blibble wrote:
| the original credit cards were entirely offline via
| paperslips
|
| phone auth was added later for "online" auth, then machines
| that automated it
| formerly_proven wrote:
| There used to be a few relatively large scale stored-value card
| systems (https://en.wikipedia.org/wiki/Stored-value_card) for
| general-purpose payments in the past.
| g-mork wrote:
| The EMV standard has long supported an offline transaction
| flow. AFAIK it was the default almost everywhere in Finland
| circa 2011, contactless there was almost always instantaneous.
| Digging into why that was compared to the invariable wait when
| using contactless in the UK revealed this flow.
|
| The card has a variety of risk counters on it that allow it to
| securely decide whether an offline transaction can proceed, at
| least some of which are also exposed to the terminal which can
| have its own separate policy. I imagine internally the banks
| and payment gateways have a huge variety of internal related
| tuneables.
| devmor wrote:
| A lot of internet payments work this way already anyways, not
| many gateways require auth before capture, processors/payfacs
| just do it because it gives lower interchange and reduces
| risk.
| john01dav wrote:
| On every flight I've been on recently, Internet was available
| to passengers. Surely a few KiB (I assume that this is what a
| credit or debit transaction requires) could go over this
| system?
| messe wrote:
| US domestic? I've found it's somewhat rare to see here in the
| EU, but there are a few airlines that offer it.
| john01dav wrote:
| Yes, most of my flying experience is US domestic. While I
| expected differences, I didn't expect this one
| eep_social wrote:
| all the US domestic majors have either viasat or starlink
| these days.
| alexey-salmin wrote:
| A brief history goes like this:
|
| In the past embossed credit and debit cards were both accepted
| on planes. That's why they were embossed in the first place:
| for offline processing which in even more distant path was the
| only option. Later CC machines and offline chip/stripe
| transactions co-existed with online transactions.
|
| Normally (at least in Europe) you couldn't get an embossed
| card, even a debit one, without proving your credit worthiness.
| The possibility of offline transactions assumes overdraft --
| the same as with check books.
|
| When online transactions appeared, banks started to issue Visa
| Electron and Maestro cards which didn't work offline, could
| explicitly prohibit overdraft and were easier to get.
|
| But nowadays all boundaries gradually disappeared. Nothing is
| embossed, Visa Electron doesn't exist, bank issue debit cards
| with credit codes. It's all much simpler and more confusing at
| the same time.
| scotty79 wrote:
| Possibly related?
|
| "Starbucks does not use two phase commit":
|
| https://www.enterpriseintegrationpatterns.com/ramblings/18_s...
| Steve0 wrote:
| I have grown up seeing my parents write physical paper cheques.
|
| It's basic life goods and everything is still signed for,
| tracked and registered. Besides, banks love to collect
| interest.
| CorrectHorseBat wrote:
| We used to have something like this in Belgium where you could
| load money on your debit card:
|
| https://en.m.wikipedia.org/wiki/Proton_(debit_card)
| motohagiography wrote:
| offline mode has been the limiting factor in almost all
| electronic payments. there was a convention where the single use
| keys became limited use keys so that cards could make offline
| payments in low amounts that could be reconciled later. it
| created a risk and a vulnerability to be managed, and there was
| at least one exploit against it if I remember correctly.
|
| imo, the mandate creates an interesting technical constraint on
| any CBDC standard, where the offline mode limits the
| effectiveness of a "turn off" of someone's money, as there will
| always be some feature where they can use their money to buy food
| and fuel. For now I am interpreting this mandate as constructive
| to civil liberties.
| desireco42 wrote:
| This is how it used to be before, they would slide your card
| through that machine thingy, it would copy it's digits and they
| would process this sometime in the future.
| greenavocado wrote:
| Looks like summer 2026 is when the war will start
| empressplay wrote:
| Ah yes, that old Russian chestnut that any moves to make
| Western civil society more resilient are portrayed as an omen
| of military aggression against them. Sorry Boris, not
| everything is about you.
| kkfx wrote:
| Personally, I dream of an open-hardware, FLOSS wallet, also
| usable on POS like a bank smart card, confirming crypto
| transactions like legacy/traditional ones on its own display.
|
| Internally, the signature part isolated like a smart-card,
| "embedded signature" hardware as a measure against double
| (multiple) spending, and reasonable limits on offline
| transactions with both parties offline (e.g., EUR10k/month).
|
| The "embedded signature" hardware part is a bit vague because
| technologically it's not clear how to do something like that in a
| "secure enough" way, but it's a necessary part and the limit
| somewhat lowers the risk.
|
| For use: mounted as a smartwatch or a pendant with a retractable
| lanyard, like ski-pass holders.
| catigula wrote:
| Kind of concerning when you see governments hardening themselves
| to massive AI cyber attacks.
| fpoling wrote:
| Extracting keys from a modern SIM card is very difficult. The
| cost is way above 10K USD. So a payment card in offline mode is
| absolutely possible as long as one limits the payments to few
| hundreds USD.
|
| The bigger challenge is an offline terminal that can easy
| accumulate tenths of USD in case of a long outage. But then
| compared with cards the terminal may have better protection.
| mrtksn wrote:
| What makes it over 10K USD?
| AAAAaccountAAAA wrote:
| In addition to the issue of microchips being inherently
| difficult to tamper with, smartcards have various hardware
| and software based anti-tampering measures, that are designed
| to destroy the chip, if someone attempts to extract the keys
| from the chip. That kind of security measures are never
| totally impermeable, but defeating them requires advanced
| equipment and skilled labour, and the R&D costs of the
| cracking devices need to be offset, too.
| 0xWTF wrote:
| There's a term I saw all over someone's Google calendar schedule,
| pre-pandemic "DNS without asking". Now I realize it means "Do not
| schedule without asking" but my mind thought "Domain Name Service
| without asking" ... how in the hell would you do that?
|
| I guess this is similar: how do you make trustworthy decisions
| that seem to inherently depend on the network, in the absence of
| a network? Before the internet, we had phonebooks instead of DNS,
| and we had cash instead of cards. Did the phonebook have every
| number? No. Was every piece of cash not counterfeit? No. But it's
| "good enough". Portable reference sources and tokens. The
| references are issued periodically and the tokens have evidence
| of exhaustion, their decay over time. A dog-eared dollar with a
| bunch of phone numbers on it, half-torn ... the merchant doesn't
| have to accept it.
|
| How do you do these things digitally? Periodic issue seems pretty
| straightforward ... if you have a network. Token issuance,
| similarly, needs at least occasional communication with other
| nodes in the network.
|
| So there's a local dwell capability.
|
| Is this part of the same reaction we saw with Denmark starting to
| have emergency stores within 50 km of every Dane? Is this
| motivated by a need to prepare for war?
| pizzalife wrote:
| >Is this motivated by a need to prepare for war?
|
| In short, yes.
|
| >The possibility to pay by card when the internet is not
| working - 'so-called offline payments' - is an area that 'the
| Riksbank believes needs to be improved considerably,
| particularly in light of the geopolitical unease in the world,'
| according to the announcement
|
| https://www.riksbank.se/en-gb/press-and-published/notices-an...
| bilsbie wrote:
| I read the article and I still don't understand how it pertains
| to HN? Anyone explain?
| recursive wrote:
| It is subject material of interest to hackers.
| wcoenen wrote:
| Pedantically speaking, offline card payments are already possible
| _now_. E.g. see the Square documentation about that.[1]
|
| However, it requires that all the parties involved (issuer,
| acquirer, payment network, merchant) allow it, and there are
| certain limits. One of the linked documents[2] in the riksbank
| press release has more details about what they expect from these
| parties.
|
| [1] https://squareup.com/help/us/en/article/7777-process-card-
| pa...
|
| [2] https://www.riksbank.se/globalassets/media/nyheter--
| pressmed...
| loeg wrote:
| Fundamentally it's all extensions of credit, right? The
| question is who is taking on credit risk in these transactions
| and how is everything settled when the power comes back.
| Presumably, everything is somewhat reversible and there is some
| dispute resolution process.
| jfengel wrote:
| Is this something they've been planning? Or is this a reaction to
| the saber rattling over in Russia?
| upcoming-sesame wrote:
| Here in southern Europe on the other hand, cash is a crucial part
| of the tax evasion economy
| rkomorn wrote:
| Somewhat tangential (sorry), but in my part of southern Europe,
| cash change machines seem to be getting close to ubiquitous.
|
| I wonder if that hinders tax evasion at all since there's
| presumably a pretty reliable paper trail of cash transactions.
| DavidVoid wrote:
| That is partially why the banks/government in Sweden have been
| happy to phase it out. Companies also don't like dealing with
| cash because it requires extra accounting, security, and
| transportation. In the early 2000s there were about 50 cash
| transport robberies per year in Sweden, in 2018 there was 1.
___________________________________________________________________
(page generated 2025-10-03 23:00 UTC)