We don't have many Exxon or Mobil service stations where I live, but when they were pretty abundant and I had the Spee Pass fob, I had it linked to one of my CCs and the transactions posted as normal gas purchases, not cash advances.  Unfortunately, I can't recall if it authorized just the actual transaction or more than the amount of the purchase since it's been so long.

I have mine linked to my Exxon/Mobil card and it only charges the amount of my gas purchase at the pump.

---

@Anonymous wrote:
Thanks Finstar!

---

Sure, anytime.  Hopefully others can chime in on the authorization amount.  I really loved the convenience of having the Speed Pass fob rather than having to swipe everytime since it can be used inside the conveneince store as well.  But, most of our Mobil/Exxon gas stations pulled out of the market and most became United Dairy Farmers (UDF), unfortunately.

---

@Anomalous wrote:

I have mine linked to my Exxon/Mobil card and it only charges the amount of my gas purchase at the pump.

---

Too bad Exxon/Mobil retired their MC version and it's no longer offered

A few years ago I had one linked to my debit card, and the transaction was for the exact amount of the purchase, and was processed as a 'Visa' transaction (not debit).  Honestly, about half the time I tried to use it there was a problem with the pump or store and it wouldn't work, so I had to 'swipe' my card anyway. 

Other than being slightly safer than a card swipe (due to skimmers) I'm not sure if it was really any faster, but it was definitely novel.

You could also buys merchandise in the store. Seeing how this thing has been around so long. at least 18 years. for sure has nothing to do with cash advance as you can load with any credit card. its kind of like a early version of apple pay i guess.

---

@UncleB wrote:

A few years ago I had one linked to my debit card, and the transaction was for the exact amount of the purchase, and was processed as a 'Visa' transaction (not debit).  Honestly, about half the time I tried to use it there was a problem with the pump or store and it wouldn't work, so I had to 'swipe' my card anyway. 

 

Other than being slightly safer than a card swipe (due to skimmers) I'm not sure if it was really any faster, but it was definitely novel.

---

Pffft! Ha. Slightly safer?

At least with a magstripe, you have to physically swipe the card through a device that has had a skimmer attached.

With RFID tags, the "skimmer" can be someone walking next to you, with a small tag reader in their pocket.

Yeah, yeah, it's all "encrypted for your protection". Sure.

But I haven't seen a case yet where it's been done correctly - either the crypto math has been flawed, or the infrastructure around the crypto has had implementation issues - both resulting in in-practice exploitable flaws.

Yes, magstripes have no security.

Yes, EMV chip-cards are much better - even when they do have implementation issues, at least they are harder to clone than magstripes, and do require physical insertion.

NFC/RFID on phones? The RFID isn't active all the time, just when the phone is unlocked, and for some systems, only when the fingerprint reader is in use.

But RFID from a SpeedPass tag? Always readable, even in your pocket (unless you're doing the literal tin-foil-hat thing), if someone has the right equipment nearby. It was broken over ten years ago.

The only reason you haven't seen widespread attacks on these?  Because skimming magstripes is so much easier, cheaper, and provides more targets.

"No form of security technology is foolproof, of course. Researchers at the University of Cambridge in February 2010 uncovered a vulnerability in EMV smart cards that could allow a criminal armed with certain electronic equipment to make a purchase using a stolen smart card without having the correct PIN, though Gartner’s Litan says that attack method would be relatively easy to guard against."