The first thing that caught my eye was the technology vs. the price.
You can still pre-order (how “limited” is this campaign anyway?) even after they have reached their goal of $50.000 for $50. $50, minus sales tax, minus (potentially) $5 fee for recommending Coin to a friend, will buy you a swipe card reader to attach to your iPhone (like Square), a piece of software to manage your Coin card, and the Coin card itself with wireless connectivity, a display, button, power, and all that in a package as small as a credit card.
Amazing, isn’t it?
Then, as the FAQ states, you’re supposed to swipe your credit cards through the reader on the iPhone and transfer them to the Coin card wirelessly (how does the card charge?). You’re also entering your CVV for good measure, which is a PCI violation right there, or at least a security concern (as coin is supposed to replace cards in a swipe scenario, and NOT in an online scenario, what business does it have to store the CVV/CVC???).
Next, what will a merchant say if you approach them with something that doesn’t have the VISA / Mastercard logo on it? If you’re running a pizza joint, would you accept a blank white stripe card for payment? How do you verify the cardholder signature? You can’t even run ID against the card details.
Coin does not support EMV (how could they??) so you’ll still have to carry the original cards for chip terminals.
Coin’s statements to PCI are very contradictory, too:
“Q. Does Coin satisfy PCI DSS standards for storing and transmitting card data?
A. Coin is in the process of earning a PCI DSS certification.
Q. Does Coin have a PCI PA-DSS validation?
A. The PCI Security Standards Council PA-DSS program addresses payment applications used to accept and process payment for goods and services. A device such as a Coin is seen as similar to a payment card in a consumer’s wallet and the standard does not apply.”
They charge your credit card immediately for something they’re planning to ship summer 2014. I’ll be following this closely, I would be surprised if credit card issuers would not be taking issue with the whole thing in the meantime.
I’m all for supporting startups, but thsi one raises way too many red lights for my taste.