Post #408,779
3/15/16 11:12:21 AM
3/15/16 11:12:21 AM
|
Credit card skimmer installed in 3 seconds
Regards,
-scott
Welcome to Rivendell, Mr. Anderson.
|
Post #408,785
3/15/16 12:28:16 PM
3/15/16 12:29:34 PM
|
Very smooth!
Deployment of chip cards can't come fast enough. Alex
"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."
-- Isaac Asimov
Edited by a6l6e6x
March 15, 2016, 12:29:34 PM EDT
|
Post #408,803
3/16/16 5:17:53 AM
3/16/16 5:18:22 AM
|
I use my phone wherever possible
(at present that means purchases under £30)
I trust Apple's security, as far as I trust anyone's. It's certainly way more secure than my card (no-one who isn't me can use it, frexample, ETA unless they steal my fingerprints)
But there are a couple of factors at play here that are significantly different from the clown-car that is US card payment methods.
Firstly, we've been chip & pin for years - you swipe only when the chip reader is bust or your card is playing up, which is almost never. Secondly, we have contactless everywhere - basically as C&P terminals are upgraded or rolled out, contactless-capable units are the default.
I've been working in London for a couple of days and I don't think I've used any method of payment that isn't my phone or my Oyster card - for anything.
Edited by pwhysall
March 16, 2016, 05:18:22 AM EDT
|
Post #408,804
3/16/16 8:01:32 AM
3/16/16 8:01:32 AM
|
My CC went chip a few weeks ago.
Half the time I still have to swipe it. Half the time I seemingly don't insert it all the way. I've never been asked for the PIN yet - apparently here the store is responsible for bad charges if a PIN is used, but the CC company is responsible if it's still swiped or just inserted. Or something.
Things are very slow to change here....
Cheers,
Scott.
(Who expects he'll be using his (next) phone for payments in 2017 or so.)
|
Post #408,805
3/16/16 10:02:48 AM
3/16/16 10:02:48 AM
|
You have no idea the number of combinations possible
Does this card link to one or multiple accounts?
Is any of those accounts debit? Global debit? (There's a difference.)
What authorization methods does the card's issuing bank support? For each account?
What authorization methods does the merchant's bank support?
Do those methods depend on the value of the transaction? Before or after tax? Before or after currency conversion?
Speaking of currency conversion ... no, actually let's not.
And if the chip read fails - rare, yes, but to certify the platform you have to develop, test and demonstrate the fallback mode - what are the answers to all those questions when swiping? Are the answers different when in fallback mode than when using an older card reader that doesn't support chip yet?
The implementation guides for this stuff run 400+ pages, and each party has their own guide: the merchant's bank, the payment processor, the card reader manufacturer. And the guides are updated twice a year, with changelogs each of the last few updates running 4-5 pages single spaced.
It would have been faster, cheaper and more secure to simplify the options, but no one wanted to give up their particular way of doing things, so we implemented all of them.
|
Post #408,807
3/16/16 11:09:11 AM
3/16/16 11:09:11 AM
|
USA! USA! USA!! :-/
|
Post #408,811
3/16/16 12:45:54 PM
3/16/16 12:45:54 PM
|
" if the chip read fails - rare," the readers however fail a lot
so you swipe the card but the CC company knows that retailer uses a chip so fails to authorize the purchase. Actually I am starting to carry around a checkbook lately. always look out for number one and don't step in number two
|
Post #408,813
3/16/16 1:04:06 PM
3/16/16 1:04:06 PM
|
And your check has all the information needed to access your checking account with a forgery.
Alex
"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."
-- Isaac Asimov
|
Post #408,816
3/16/16 1:10:49 PM
3/16/16 1:10:49 PM
|
so do most of my credit cards, happened twice last year.
always look out for number one and don't step in number two
|
Post #408,819
3/16/16 2:20:17 PM
3/16/16 2:20:17 PM
|
Unpossible!
And it's not that the bank knows the retailer uses chip. It's that the device knows the card has a chip.
If the magstripe indicates that the card has a chip, the reader must have already implemented the three tries before fallback is authorized, and logged each failure. The reader either sends a message saying, "Authorize this chip" or "Authorize this magstripe in fallback mode".
IOW if your system is set up right, and the device has a hardware failure that causes it to not just fail to read the chip but fail to register that it's even been inserted, it should never allow you to even attempt a swipe.
Defense-in-depth suggests that the bank should also enforce this, but what exactly would you send in the case of a failed read?
Gah! Stop making me think about this!
|
Post #408,824
3/16/16 4:23:25 PM
3/16/16 4:23:25 PM
|
unable to read card several times, then swipe and decline about 1/3 of the readers fail at walmart
always look out for number one and don't step in number two
|
Post #408,820
3/16/16 2:42:31 PM
3/16/16 2:42:31 PM
|
For the past year or two, I've been using cash 99% of the time.
|
Post #408,821
3/16/16 2:57:36 PM
3/16/16 2:57:36 PM
|
Luddite! :)
Think of the kickback you could have gotten. At least 1%. Alex
"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."
-- Isaac Asimov
|
Post #408,826
3/16/16 6:26:41 PM
3/16/16 6:26:41 PM
|
Technically, it is chip + signature
Fell off my chair when I first realized that. This was the banks' choice. They're of the opinion that GenPop would be unable to comprehend an immediate transition to chip + PIN.
But the stores did stop asking for signatures, so if you find a PIN card, you can go shopping...
|
Post #408,806
3/16/16 10:20:26 AM
3/16/16 10:20:26 AM
|
Is this you?
|
Post #408,828
3/16/16 6:50:49 PM
3/16/16 6:50:49 PM
|
not really
I don't know how to tell you it's super-reliable and ubiquitous without sounding like I'm describing the contactless payment version of Narnia with unicorns and pixies and rainbows and shit, but it really is like that over here.
|
Post #408,837
3/17/16 9:38:13 PM
3/17/16 9:38:13 PM
|
Aaannnndddd... now a chip card skimmer.
Regards,
-scott
Welcome to Rivendell, Mr. Anderson.
|
Post #408,838
3/17/16 11:49:12 PM
3/17/16 11:49:12 PM
|
I can't wait until we have to use 15 digit pins with 5 special characters....
|
Post #408,839
3/18/16 9:23:34 AM
3/18/16 9:23:34 AM
|
:-D
Regards,
-scott
Welcome to Rivendell, Mr. Anderson.
|
Post #408,840
3/18/16 9:55:49 AM
3/18/16 9:56:07 AM
|
to be changed every 60 days with a diff of 6
always look out for number one and don't step in number two
Edited by boxley
March 18, 2016, 09:56:07 AM EDT
|
Post #408,841
3/18/16 10:19:27 AM
3/18/16 10:19:27 AM
|
TIME SINK WARNING!
|
Post #408,843
3/18/16 3:34:16 PM
3/18/16 3:34:16 PM
|
Well. damn!
I was under the delusion that the dialog between the card and the reader was encrypted. Alex
"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."
-- Isaac Asimov
|
