WiFi sir? that'll do nicely

I was in Chester last week and visited a coffee shop for a sandwich and cuppa (as one does). I was intrigued to see the girlies in the shop tapping in customer orders using a US WiFi PDA.

I was even more amazed to see them swiping customer cards through the terminals at the tables. Then hopping back to the service desk to print out the receipts.

The good news here is that the debit and credit cards never leaves the customer's table. The potential bad news is that the magnetic stripe and/or smart card data is obviously transmitted to the coffee shop

computer system.

At the moment, customers have sign the slips the waiters and waitresses bring to the table. The plan is, the manager told me, for customers to key in their PINs on the order terminals.

These terminals are a lot different to the wireless PINpads that are springing up in restaurants around the UK. Those terminals are usually leased by the card processor.

This system is a wireless ordering technology that has card transactions bolted on. The potential for fraud is massive, although I'm sure APACs would argue otherwise.

My conclusion is that WiFi and card PIN entry is a serious security risk and there's going to be a major scandal sooner, rather than later...