this post was submitted on 21 Aug 2023
20 points (91.7% liked)

Privacy

32173 readers
343 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hi, I was wondering if there is an app that enables loyalty cards sharing. When you open it, you can enter your card code of the Store. Now you can use a card of any other participant who entered his own card for the Store (the backend will send a random one) and your code can be used by anyone else using the service. Usually the cards are just permanent ID (shown as a bar code), so it shouldn't be that hard to implement.

While using this, the shop would have no chance of creating a profile on you and tracking you (as the purchases would be “random”), they have these data anyway. You would only give up the data you fill in when you ask for the card.

Do you know something like this? Or am I missing something important, or do you see some major flaws in this design (I don't use loyalty cards, but sometimes they could be quite useful)? Thanks

top 18 comments
sorted by: hot top controversial new old
[–] [email protected] 6 points 1 year ago (1 children)

That would be nice... Because they are super annoying from a privacy standpoint but usually let you save a bundle

[–] [email protected] 2 points 1 year ago (1 children)

Yep, I agree. And even if you were to get a generic loyalty card with no info tied to it, or fake credentials as someone else in the thread suggested, it would still be attributed to a single person/household where they build a solid marketing profile and may tie it to credit card or other financial or tracking information.

[–] [email protected] 1 points 1 year ago

You could use a random one each time and pay cash, but of course they could use facial recognition if you go to the store

[–] i_shot_the_sherry 4 points 1 year ago

Since the company that manufactures usually is different from the loyalty card provider, it's probably safe to just take a screenshot of the loyalty app with the card being visible, and then just using that screenshot during checkout.

Even if you do not plan on actually cashing in on the benefits (which, if you shared the card, might be considered fraud), just presenting the card and creating random and unusable profiles could be a fun thing.

Personally, I would only consider using these screenshot for cash transactions, as credit card payments might be traced back to you.

[–] WhoRoger 2 points 1 year ago (2 children)

It would be nice, but the important part is to apply for a loyalty card with fake credentials. If you apply for a card with your real name and then let somebody else use it, that just makes stuff weird.

[–] to_urcite_ty_kokos 1 points 1 year ago (2 children)

When you sing up for such a card, do they usually check it? I can image some stores checking your ID the first time.

[–] WhoRoger 1 points 1 year ago* (last edited 1 year ago)

May depend on where you live. Around here they don't.

And you can always say you forgot your ID.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Some do, some don't in my experience. They will still build a profile on whoever uses the card though. Then they just need to tie that to a real identity later. Are you paying with a card with your name on it? Whether they would invest any time putting the profile together this way or not is another matter. But they could.

It's like the data anonymization claims from big tech. Many claim the data they collect is all anonymized, but lots of researchers and studies have shown how easy it is to deanonymize the data and build strong profiles on individual users from anonymized data.

[–] [email protected] 1 points 1 year ago (1 children)

This isn't a bad idea, but the original poster's setup is much better for privacy. It would be similar to a VPN with shared IPs, so would obfuscate the individual users by lumping in the shopping habits with tons of other users making any profile built on that cards use unable to be tied to a specific person.

As I mentioned in another comment on this thread, even if you were to get a generic loyalty card with no info tied to it, or fake credentials, it will still be attributed to a single person/household where they build a solid marketing profile and may tie it to credit card or other revealing financial or tracking information that is unique to that user.

[–] WhoRoger 1 points 1 year ago

I'm saying it should be both.

[–] reibekuchen 2 points 1 year ago (1 children)

That's a great idea! I have thrown together a small web app to "emulate" the loyalty card for Payback, one of Germany's biggest loyalty card providers. Take a look here: https://apfelkompott.codeberg.page/loyalty-card-hosting/

To get started with some of the codes, I have scoured the web for images of cards, and added those to a list. (I've also provided the sources as part of the app.) You can also modify the code in the URL. As long as it's a valid EAN13 value, the bar code should render just fine.

Adding new providers/codes should be easily doable, if we had screenshot of the apps that show the design and the number format used for the code.

Let me know what you think.

PS: For the record, I am not affiliated with Payback, nor do I endorse using other people's card or code. This emulator is meant to be used with your number and your number alone.

[–] to_urcite_ty_kokos 2 points 1 year ago (1 children)

That's looking quite promising. The main thing missing before being ready for me is filter/add by region and of course shop name. Then it can go out i think (+ give me a random code feature as the next step).

And make a new post with this, no one will notice otherwise (if you haven't already)

[–] reibekuchen 1 points 1 year ago

Thanks for your suggestion! I've created a dedicated post for the app.

Regarding your suggestions, it's already possible to use a random code: When clicking the "Enter code" button at the top, a random code is suggested to you. With a click on "Let's go", you get to the card with that random number.

If you have some experience with TypeScript and/or React, feel free to fork and contribute! I'm always happy for pull requests.

[–] [email protected] 1 points 1 year ago (1 children)

This is a good idea. If it doesn't exist, someone with the skills should build out an app or service. I don't have the skills or the time, but would definitely donate if someone else took up the cause.

[–] to_urcite_ty_kokos 1 points 1 year ago (1 children)

I personally have the skills (I hope so), but from the time standpoint it's not as great nowadays. I also don't want to write an app that would be used just by few people (the cards should also be separated by region, so even more people would be needed to start going).

[–] [email protected] 2 points 1 year ago

Could it be designed so users generate and share the vast majority of the content? I'm envisioning something that is mostly self-sustaining once coded if it were simplistic enough so that continued development or features were largely unnecessary short of ocassional bug fixes and maintaining hosting.

It wouldn't need much moderation as the scope of the service would be sufficiently narrow. Could it then be written to limit what type of content was even permitted to be submitted in the first place and where content filters catch anything off-topic?

Just spitballing ideas. Anyway, if you ever found time and had interest, I'd be happy to toss some funds at it in an effort to help cover any development, hosting or maintenance costs.

[–] themasteryang 0 points 1 year ago (1 children)

I've been using the stocard app on android. You can just add the card to your phone and then someone else's phone and now you both have it.

[–] to_urcite_ty_kokos 2 points 1 year ago

Yeah, but that you have to do that manually and share it among more people to be really secure. But yes, could be also an option.