I was out again last weekend with a few friends. We were talking about funny things that had happened to us recently, as you do. Some of the anecdotes were interesting and others less so.
There was one story, though, that had all of us totally spellbound.
Marc was having lunch with his colleagues the other day: “Boy, we had such a laugh in the canteen. You’re not going to believe this! They’ve got these debit cards that you can top up, so that all you have to do to pay is hold them underneath a scanner. One of the people I work with was forever forgetting his card, and in the end he decided to scan the code on the back into his smartphone. It’s quick and really convenient using a barcode generator. He never goes anywhere without his mobile and that way, he thought, he’d never be without his code again. At least we wouldn’t have to make sure we’d got enough on our cards to pay for him as well anymore.”
Laughter all round.
For Susanne, that was old hat: “Yes, but that’s nothing new. I’ve got a scanner app that I often use to compare prices or check the ingredients because I’m allergic to nuts.”
(Oh no, we not another one of those allergy stories, please…)
“Maybe, but that’s not what I’m trying to say. We were sitting there trying to think up ways that we could hijack his barcode with our smartphones and get our own back for all those times we’d ended up paying for his lunch,” Marc replied.
Frank shook his head: “That sounds pretty difficult – you’d need to get your hands on his debit card, which he never has on him anyway. Or his mobile…”
“Hang on a minute, let me finish,” said Marc. “It occurred to us that the card number is printed above the barcode. One of us took a phone out of the pocket, entered one of our card numbers in the app, pressed the button – and, abracadabra, we had a barcode!”
Frank was still skeptical: “What? And that worked? And you took it with you to the checkout?”
“Of course – we had to try it out! It was only one of our cards, after all.”
By now, we were all watching Marc with bated breath. “Well, come on then, out with it – did it really work?”
“Yes, we bought a bar of chocolate. And that’s not all. We kept the receipt and took a closer look at it. No kidding – the card number is printed on it too.” And a mischievous grin appeared on Marc’s face.
The rest of us all burst out laughing in disbelief. Frank was the first to get a few words out again: “So now you go round collecting all the receipts that people have left lying on their trays and use them to get a free meal every lunchtime?”
Marc was quite definite: “Well, I certainly don’t leave mine lying around anymore.” “You’re dead right, though – we even considered adding all of our card numbers as profiles and using them to pay at the checkout. We’d then pretend to be surprised – oh, sorry, does my card need topping up again? Just a second, I’ve got another barcode here that you could try instead. But I think someone would probably have noticed.”
Susanne had reservations: “So what are you going to do now? You can’t keep something like that to yourselves. It’s a glaring security flaw”.
“I know – the card number is printed both on the receipt and on the card itself. What’s more, all there is on the card is a sticker with the barcode and the card number. It would be easy to fake that too. I can’t believe how any company can seriously sell a system like that. We told the woman at the checkout what we’d found out the next day, of course. She was totally confused, as you can imagine. It’s part of our job dealing with issues like that every day but she’d got no idea what to do about it… At the very least, they need to get rid of the card number on the checkout receipts as soon as possible. I wonder what will happen next…”
And so do we. “Yes, you must definitely keep us posted. And you could always invite us to lunch in the canteen one day!”
Design thinking – tackling digitalisation with help from your users
