Crime

Check this out

There has been a revolution in supermarket checkouts over the past 12 months or so. Supermarkets are demonstrating a hitherto unprecedented level of trust in their customers by allowing them to check out their own shopping. This saves on wages and potentially saves the customer time. There is a risk that some customers will take advantage of this idea by not checking items out, or by committing card fraud - however, these risks can be mitigated against to some degree with random checking, and any rise in theft must have been shown to be less than the benefits to the supermarkets.

There are a few systems in place right now:

Scan at checkout

Seen in Tesco, B&Q

The idea here is that the customer shops as usual, and then proceeds to an automated checkout where they scan each item. Once scanned, the item is placed into a 'bagging area' where a scale checks the weight of the item matches what was scanned. As bags become full they can be removed.

Advantages

No special training is needed. A voice gives instruction. The customer can decide to use the system after shopping.

Disadvantages

Some items don't scan well - and there isn't an obvious way to type in the number from scratch. Some light items do not register as being placed in the bagging area. Once the system has been used a few times, it is easy to 'run ahead' of the system and scan faster than it can cope with. The insistence that every item is placed in the bagging area adds delay. There is no obvious way to tell the system 'here is one pot of yoghurt, I have 5 more just like it'.

Verdict

I will use these systems, but for more than a few items I find they're more trouble than they're worth. I find the voice nagging and slow. It'd be better if I could scan my clubcard at the start and it'd remember my preferences 'expert user, no voice' - these could be adjusted online.

Handheld Scanner

Seen in Sainsbury

The idea here is that as the customer shops as usual, they scan the barcodes of the items. At checkout, there is a 'fast' lane, where the customer's scanner is checked. Occasionally a random 'rescan' is done (I am guessing that the probability of a rescan goes up if previous scans were in error - and that some level of error will cause them to revoke the fast-track rights). The 'Electric Death' site suggests two errors lead to always rescanning. This seems too absolute to me, as wait long enough and virtually everyone would have two errors. There would have to be some 'aging' to this, i.e. an old error is 'worth less' than a new - and correct rescans improve the customer's rating (with new rescans counting for more than old). I'd like to know how this has evolved since the system was introduced.

Advantages

A very fast checkout most of the time, and a running tally of the shopping bill.

Disadvantages

Not every item is 'in the system', so occasionally there are 'problem items'. I assume this is because the scanner doesn't connect to the main database each time. These items must be kept separately and rescanned at checkout. Most of the time, if I get a problem item it'll remain on the shelf.

Why not record the barcode of the 'problem item' on the scanner and pass this to the checkout for checking on the main database?

The scanner does not adjust for offers in the running total. These are corrected for at checkout. Also, at checkout, the system has sometimes allowed a tagged item to go home without the tag being removed - this is a pain.

Some customer training is needed to use the scanner.

Verdict

I like this system a lot - it operates as fast as the user and drastically reduces time at the end of the shop when you just want to 'get out of there'. The rescan is a pain when it happens, but seems intelligent (i.e. to reduce in frequency with accurate rescans). They will sometimes not have a 'fast track' lane open, but what's really nice is that if you approach the checkout with a scanner, and there are queues then they'll rush to open a 'scanner only' lane for you.

The big problem is that so far I've only seen it in Sainsburys. Also, the system is not connected between stores - if I register for the system at Store A, and go into Store B then I need to register there as well. This is rather daft in this day and age - the stores should be able to communicate this information.

Universal Problem

One big problem with all checkouts in the UK is the Chip and Pin device. This is usually mounted in an easy to see location, so the customer can't miss it. Unfortunately they were not designed in such a way that when the pin is entered, the keypad is obscured. Thus one can stand and read pin numbers as people type them - a recipe for muggers.(*) Why weren't they designed with a deeper 'shield' -so that if you needed to look you had to remove the hand - but with the hand in, the keypad couldn't be seen?

Ah well, as things stand right now - I'll shield my pin, and the mugger skimming numbers will focus on the easier targets all around me. An ex-colleague had his pin cloned by an oik who had the cctv trained on the card reader, they got the card number by freeze-framing the card as it went in, and the pin by watching the fingers - if the handheld is detachable, detach it to avoid this issue!

(*) I once decided to be helpful to a friendly-looking lady in a queue by saying that she should hide her pin for this reason, that she entered it in a way that the number could be read (I knew it by standing behind her). I got back 'if I get mugged in a minute I'll know who to blame then!'... yeah, muggers forewarn their victims! And they wonder why people aren't helpful any more?

Exploding Knife Tip Alert!

More Daily Mail Knife Crime Hysteria! (via Bruce Schneier)

The Met have 'circulated the information', and all of a sudden this changes to 'Britain on alert'!

Nice to have balanced reporting.

A Mr. Atkinson of Sheffield commented on the Daily Mail article: 'What better advert for this knife could there be? I had never heard of it until today, and now, every self-respecting nutter will be after one'

Quite so - there is no reason for this article in the Mail except to promote fear in it's readers... what paper was this again? Ah, right. (I know that I could be accused of the same by mentioning it here, but who has the higher readership, me or a National newspaper?)

I've made two previous posts on the 'knife crime epidemic' which we keep hearing about in the UK, the original and the update.

Knife Crime Update

Following my previous post on the topic of knife crime, I see that the BBC has an article entitled 'Is knife crime as common as we think?'

Unfortunately, most of it seems to be opinion based, from people at the 'sharp end' (if you pardon the pun) who therefore see much more than average.

The first objective part in the report says:

According to the British Crime Survey (BCS), overall violent crime has decreased by 41% since a peak in 1995.

Knives are used in about 8% of violent incidents, according to the BCS, a level that has largely remained the same during the past decade.

Unfortunately, it then moves onto the usual subjective viewpoints.

The report then says:

Richard Garside, the director of the Centre of Crime and Justice Studies at Kings College London, said: "If you look at the figures for the last 10 years the number of knife victims has remained relatively stable - although there have been spikes - at 200 to 220 a year.

"But there is some evidence the demographic has changed. The average age of homicide victims overall has been going down, with younger and younger victims."

Other objective pieces of data look at changing demographics and geographical differences - unless I've missed something, the above seem to be the only objective data points regarding changes with time.

Knife Crime

Each day it seems that we are being told about an epidemic of knife crime. We're told that stabbings are reaching unheard of proportions. Without wanting to minimise the personal consequences for anyone involved in an incident, I do wonder what the true situation is - the objective view, without the national media hunting out every story which fits the zeitgeist.

Is knife crime really more prevalent than it used to be?

It wasn't long ago that we were lead to believe that there was a paedophile on every corner, that children were at a massive risk of abuse from anyone. This lead to vigilantism - and a massive problems. The truth of the matter is that statistically children are more at risk from people who know them than from strangers, and that children were much more at risk in the sixties, seventies and eighties than today. I well remember going out in the morning, exploring with my bicycle miles from home and coming back in the evening having told nobody where I've been. Even the best parents I know would have kittens at this thought today!

Is knife crime the same? Has it been blown up out of proportion? I would like to see the stats.

Meanwhile, with each new story that appears, politicians compete to be 'tougher' than each other; to be more draconian. "Let's lock 'em all up!", they say. Whilst I agree that carrying something that can only be classed as a weapon needs to be dealt with, it's not as clear cut. One of the things boys do is do carry a penknife from time to time - I used to be a cubscout, and on my pre-mentioned bike rides I would find a quiet spot and take sticks and whittle them (badly). If I had been stopped by the police, would this result in an 'expectation of prison'? No, it seems severe. (Oddly, I hesitated over this paragraph... did my parents know I had a penknife? Yes, I seem to remember my Dad getting me an odd penknife-shaped object with sticky out bits and a corkscrew - still got it somewhere - it wasn't the most useful of things, the sticky out bits meant it wasn't very portable).

Most of the time, my penknife would stay at home, stored in a drawer. I have one in my bedside table now, and there is one in my toolbox - they're very useful.

The very popular and recently published 'Dangerous Book for Boys' lists a Swiss Army Knife as essential gear. I know there is a world of difference between the world of conkers and whittling, and with the streets of Hackney - but any new laws will need to be carefully drafted so as not to criminalise kids who cycle to the nearby woods and whittle. I can't think of a good way to do this - the phrase "without good reason" is cited, but this is open to interpretation.

If there truly is an epidemic, then I'll need to rethink, but the whole topic does feel like a media storm with politicians jumping on the bandwagon to me.... what are the hard statistics? Is knife crime really more prevalent, or is it a just more reported? If there is a change, is it statistically significant?

(I refer the reader back to one of the opening paragraphs: "Without wanting to minimise the personal consequences for anyone involved in an incident, I do wonder what the true situation is - the objective view, without the national media hunting out every story which fits the zeitgeist." )

Swiss Army Knife

Still the best small penknife. It can be carried in luggage on planes, though not in hand luggage. It is worth saving up for a high-end model, with as many blades and attachments as you can get. That said, there are good ones to be had for around $30. They are useful for jobs requiring a screwdriver, removing splinters and opening bottles of beer and wine, although this may not be a prime consideration at this time.

Leather holders can also be purchased and the best ones come with a few extras, like a compass, matches, pencil, paper, and Band-Aid.

Quoted from the US Edition of The Dangerous Book for Boys

Update: See this post.

Stolen Laptop photographs thief

One of the features in Mac OSX is something called 'Back to my Mac'. It's a service whereby you can connect to your computer from a different computer. The idea is that you can access that file you left at home from wherever you are. Well, a laptop was stolen - and the owner decided to use the 'Back to My Mac' service and watched the thief using their computer. They used the in-built webcam to take a photograph of the thief, who was known to a room-mate of the victim.

The thief realised what was happening, but by the time they covered the webcam it was too late.

Of course, all of this could have been done with Win or Linux, but not in quite as user-friendly a way.

David Blunkett Defrauded

David Blunkett has had a cheque 'washed' and the amounts/payee replaced with new details. The original story was in the Telegraph. This nicely illustrates the advantages of using a 'bulletproof' ink, such as 'Noodlers'. I ran my own tests on this ink here. I use three different noodlers at the moment, Walnut (not bulletproof), Legal Lapis and Black.

The Black and Legal Lapis are both pretty permanent once on paper. Indeed, there is a reward to anyone who can remove Noodlers Black without damaging the paper (i.e. to show that it's susceptible to the type of fraud used against Blunkett)

Just to make it crystal clear, Identity Cards would not have prevented this theft! Using a non washable ink would have done!

Card Cloned

I was in Tesco yesterday and my card was not accepted. Odd, I resolved to ring the card company when I got home. I forgot. Today I had a call - and I rang them back on their number (they were fine with that, unlike a previous company).

Yesterday there was a payment to someone like totaljobs.com for a few hundred pounds. This was following a transaction for 78p to some obscure place. It triggered some alarm bells with the card company and they froze things until they could talk to me.

The 78p was a test to see if the skimming worked.

I didn't authorise these transactions - somehow the card had been skimmed (amazing really, I never let the card out of my sight in shops and restaurants as I am aware of skimming possibilities).

Fortunately things had been caught, no money changed hands - unfortunately I now have to get a new card.

Tesco Credit card handled the whole thing pretty well.

CCTV in Private Homes?

In the US, Houston's Police Chief is reported as advocating CCTV cameras within private homes (yeah, that'll survive the black spray paint).

HOUSTON -- Houston's police chief on Wednesday proposed placing surveillance cameras in apartment complexes, downtown streets, shopping malls and even private homes to fight crime during a shortage of police officers.

"I know a lot of people are concerned about Big Brother, but my response to that is, if you are not doing anything wrong, why should you worry about it?"

Perhaps, for a start, that this is exactly how Big Brother in 1984 justified itself! More mundanely, in ones own home people want privacy to get undressed for bed, or even (shock!) have sex with their partner, without the thought that they're watched.

This seems so extreme that I did think that this has been misreported. I've yet to find video of what the guy actually said. My instinct says that he was advocating CCTV OF people's homes - e.g. if someone is the target of repeated offences then CCTV of the outside of their home may be justified. (Only with the consent of the homeowner would be my view.)

I have found audio links here, and according to this article is talked of:

The police chief said he would eventually like to see cameras installed in crime-ridden apartment complexes, although he acknowledged that the cameras might cause some criticism.

Which is a different order of things - the communal areas of the buildings as opposed to in appartments.

Of course, there is potential for abuse as soon as you have cameras capable of being pointed at private residences.

Death Penalty

In a ruling which apparently came out of nowhere (at least from this side of the pond), the US have finally stopped killing people who are legally children. The US has not signed the UN convention on the Rights of the Child. Now, if only they'd realise that the death penalty doesn't allow for the state to correct a miscarriage of justice, or indeed provide a deterrent in many cases!

In other news from the US, people who leap between buildings and get injured are saying 'it's not my fault'.

Reply from Card Company

A while ago I wrote to my Credit Card company, the reply has been sitting in my intray for a while. Here it is.

Thank you for your letter dated 28 November and for taking the time to tell us of your concerns.

I would firstly like to sincerely apologise for any concern you have been caused, and confirm that you are entirely correct about being vigilant with your personal information. I would like to assure you that staff are required to only ask for sections of your identification questions and not the full answer, for example to only give the month of your birth and the first two letters of the password/mothers maiden name.

Please accept my sincere apologies that the member of staff bullied you into giving your security details. I can assure you that customer complaints are taken very seriously and this matter will be raised as internal training issues with the members of staff concerned.

The problems that you have mentioned have been raised before by staff on regular occasions, I am aware that the Royal Bank of Scotland group as a whole is currently looking for a resolution to these problems. Staff have been suggesting some sort of password system, and we are looking to find ways of making a system like this work.

The telephone number given in our messages is given for a specific reason, as the number is for our designated fraud detection call centre with specialist staff.

In the meantime, if you receive a call from someone advising that they are calling from NatWest and is asking for all your security information in full, please feel free to refuse to give this information and call the telephone number on the back of your card. As far as I have been made aware, sales calls will not ask you to divulge any security information so you will only need to do this when we are actually needing to discuss your account.

I would like to confirm that it should have been explained to you that failing to give your details on the phone at that time would only have resulted on problems with your card until you did call the number on the back of your card and confirmed usage genuine. Please accept my apologies that you were threatened with the card not working at all.

I hope that, in spite of your complaint, my response has helped restore your confidence in us. We want you to stay with us and would welcome the chance to look after you in the future.

If you remain dissatisfied with this response, you can write to: (snip). Thereafter if you remain unhappy, The Financial Ombudsman Service is an alternative open to you. Details can be found in the enclosed leaflet.

My reply to this will be sent tomorrow:

I am writing in response to a letter from *****, dated 10th December. Your ref: ***/*****. Please accept my apologies for the delay in this response.

There are several aspects of the reply which I am not satisfied with, and the fact that the fundamental problem remains does not inspire my confidence. I will explain the problems as carefully as I'm able.

Firstly, you quite rightly say that I should not divulge my full security information to anyone who phones me and says they're from RBS or Natwest. However, I was phoned, left a number I did not recognize and when I rang it I was asked to divulge some of my details. This leaves the customer open to two possible attacks.

The first attack is that this could be repeated over a period of time, and each time a different fragment of the security details could be asked for. Eventually there would be enough information for the third party to stand a good chance of gaining access to the accounts of the customer. The second attack is the classic "man in the middle" attack. Once the customer is identified, the person on the phone claims a slow computer whilst a colleague phones the bank. The colleague identifies themselves as the customer, and when asked for the security information the request is relayed back to the customer, the system slowdown having "cleared up". The effect of this is that the customer believes they are talking to the bank, and the bank believes they're talking to the customer. Once the business of the real customer is over, they hang up the phone and the "man in the middle" can continue the conversation with the bank. For this reason, one should not yield ANY security information.

These attacks may seem unlikely, but they are quite workable for an organized team.

The second issue is the statement that "the problems ... mentioned have been raised by staff before on regular occasions". Frankly I find this amazing. If this is the case, then why have steps not been taken to rectify this issue? It was mentioned that the bank was looking into a password system, this seems completely superfluous. A fix could be implemented right this second without any more passwords for the customer. I suggested this in my original letter.

My suggested fix was that if the bank needs to contact the customer, and security information is needed, then the bank should simply say: "please telephone us on the number on the back of your credit card, or on the top of your statement". Should a specific department be needed, then the customer should be asked to dial that number, and then be forwarded on to the appropriate extension. This should be the case even if the person answers the phone. There should be a sentence of the statement reminding customers that they should only divulge security information when they ring one of the numbers which are printed on the statement.

The original letter was due to the fact that I'd been asked to ring back a number which I didn't recognize and asked to provide security details, had the number been the one on my card there would have been no problem.