[adev_]

> Why not do the same thing credit cards or access smartcards do?

I think you would be surprised how bad the security on these systems is.

The credit card security relies mainly on the ability of the bank to rollback in case of "a shit happened" and in the payment terminal itself.

Probably not something you want to see to protect against identity thief nation wide. And you also can not trust individuals smartphone to do the right thing.

[nucatus]

I think this is not true in most of the cases. The (security) technology behind the debit/credit cards using the SmartCard chip (IC) is pretty ubiquitous. It is the same as the security technology guarding the SIM cards in your phone and even your eSIM. Basically the protocols and the interface specifications are the same. In the end, they are just smart cards. Imagine this technology not being strong enough, because I remember the days when the security of the pre-paid public phone cards was quite rabish and any kid with some skills and knowledge could forge a card with unlimited credit.

It very happens that the father of the smart card technology to be a french guy [1] and the current biggest provider of this technology is the french aero-space/defense/security company Thales Group[2] followed by another frech company called IDEMIA.

There is a very nice biography of the technology [3].

[1] https://artsandculture.google.com/story/roland-moreno-s-ubiq...

[2] https://www.thalesgroup.com/en/markets/digital-identity-and-...

[3] https://computer.rip/2023-09-03-plastic-money.html

[throwaway10965]

> The credit card security relies mainly on the ability of the bank to rollback in case of "a shit happened" and in the payment terminal itself.

That's certainly not right, the electronic chip in a payment card relies on cryptography, and if you used than together with a PIN the bank has a strong argument to not rollback anything. If you're using a debit card like most of Europe, you're going to have a hard time convincing them.