Slashdot Mirror
Credit card signatures: Useless?
SpaceAdmiral writes "Everyone should remember John Hargrave's classic Credit Card Prank on Zug. He tried signing fake names on his credit card receipt, and no one seemed to care.
But that's nothing compared to The Credit Card Prank, Part 2. Can he draw obscene pictures instead of signing his credit card? Yes, it turns out. Is there any way of getting your signature checked? . . . Yes, it turns out. But you have to do an awful lot."
I write in "SEE ID" and then my signature next to it on my credit cars. I then say thank you to the cashiers who check my ID.
I know it isnt a lot, but it helps me feel a little more comfortable that had I been a criminal trying to get a bad credit card accross I would have been foild.
Then you have Wal Marts and such that you swipe the card yourself.... ugh.
If you don't vote, you don't matter, so don't waste your time telling me your opinion
The safest thing to write is 'See ID'.
Well, it's safe because it forces them to check the ID of the card's user, and it's funny because you can really tell if they care or not, since maybe people check it 1/10 of the time.
Of course, someone could still buy gas, order online/over phone with it., etc.
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
But as this article is proving is "no you don't have to have talent to forge".
And smart cards you're talking about are WAY better than what we have here [america]. First off, having the card doesn't net you anything. You need the pin to get it todo anything.
Second, the reader doesn't get anything useful off you. This stops magreader thieves from stealing your card info.
Third, you actually need the pin to make it work.
I think guessing a 4 digit pin is harder than writing "shamoo" on a receipt...
Tom
Someday, I'll have a real sig.
Writing 'See ID' on your card is an excercise in retardedness more than anything else.
The signature panel is not there to prove your identity... its there to show that you agreed to the terms of the cardmember agreement. (ie you agree to pay) It has NOTHING to do with your card's security.
When you sign a credit card draft, it says something to the tune of "I agree to adhere to the terms of the previously agreed to cardmember agreement". Your signing the card signals that you agreed to adhere to that agreement.
Its an outdated and silly mechanism that still exists because the precise meaning of electronic signatures still varies in some jurisdictions.
Conformity is the jailer of freedom and enemy of growth. -JFK
I know everyone in concerned about credit card security, but please consider:
1 - Don't just write "see id" on the signature line of your card. Most people don't realize that credit cards are transferable. That is why they almost always contain the phrases "NOT VALID UNLESS SIGNED" and "AUTHORIZED SIGNATURE". If you fail to sign your card, then the person who steals it will just sign it for you. It doesn't matter if the signature matches the name on the front of the card. It only matters if the signature on the back matches the signature on the receipt. If writing "see id" on the back of your card makes you feel safer, great, but please remember to also sign the card.
2 - If you want someone to check your ID when you sign your card, please hand it to the cashier with your credit card.
3 - The security of your credit cards is primarily your concern not the concern of the cashier. I assure you that someone who refuses payment to some yuppie that forgot their driver's license would almost assuredly be reprimanded when that same person calls in to complain. And they WILL complain. People are not reasonable. YOU may be, but trust me, not everyone is as understanding as you are.
Cheers!
-Pointed Stick
If you do not take cards with CID on the back, It will be only a matter of time before you are reported to VISA/Discover. Both accept that customers want an ID back up on their cards and accept this. Basically, you run the risk of losing the ability to use charge cards at the facility. At that point, how happy do you think that patrons will be? And yes, you were total jerks.
I prefer the "u" in honour as it seems to be missing these days.
Say you lost your signed credit card and some nefarious type found it. With about 2 minutes of practice they would be able to forge your sig good enough to get by the minimum-wage-high-school-attending cashier so why bother with this lame security device from our distant past. Another reader mentioned signing onto a screen which does not seem to check your sig against any database but makes it easier to store I guess. If the stores can roll out this technology then there should be nothing standing in the way of biometrics. Im currently typing this on a ThinkPad T42 with a fingerprint reader and it works great so to me it would seem that the technology is ready for prime-time. Maybe using bio-metrics and having a picture card backup if the biometrics fails to match would be the answer.
Uhmm. DUH?
The the pin is not stored on the card. You can copy the card as much as you want, but it won't be of any use as long as you don't have the pin.
The pin could probably be read with interference, but that'd require some hefty equipment. That's not something your ordinary wallet-thief will have access to.
Except the signature line on the back of your card isn't there for authentication purposes. It's your acceptance of the card holder agreement. Merchants are not supposed to accept a card that does not have a signature on the back of the card.
But what if you sign your own name? ANd the store still accepts it, is it fraud too then?
your credit card company would not make any money.
1)the signature is an agreement to pay what you charge, nothing more. The security aspect was added on later as a 'feel good' measure.
2)They(the stores) make more money this way. it's quicker, which means more purchases.
The credit card bean counters look at this every year, they make more money not pissing off the stores then they would with more secure transactions. Now, if somebody comes up with a secure way of doing business, that doesn't slow the transaction and the customers don't mind the credit card companies would implement it.
The Kruger Dunning explains most post on
If you're keeping your life savings in a savings account, let me tell you, you're losing a lot of money every year, because inflation is approximately 4%. Check the laughable interest rate that any bank gives you. Don't be surprised if it's something like 0.2%
You should keep your life savings in bonds, funds or stocks, not savings accounts. An indexed fund gives, very roughly, about 10% annually.
The requirement for fraud is, well, intent to defraud. IANAL, but my father was and one of his favorite bits of legal trivia was thus:
I can sign your name if you tell me I can, so there is no fraud if I sign your name without fraudlent intent.
Your signature doesn't have to be related to your name in any way; as long as it is something you use as your signature its valid. This goes back to illiterate persons "making their mark" to sign documents. You don't even have "a signature" you have as many signatures as you want to. For instance I have an added glyph I use on some kinds of documents, it cannot be represented in any current character set and it will botch any OCR scan. It has its uses... but it only shows up on some things.
The "signature card" on a bank account and the place to sign on the back of a credit card exist solely to act as arbiters; they exist only to define what your signature is on that account. In this respect the signatures involved are simple, anonymous key matching operations.
I can sign my name to where yours should be, but if I do so with the intent to pass-off and say that what I wrote is supposed to be your signature, it doesn't matter that the letters spell out my name, by presenting the document as something signed by you (the authorized party etc) I am engaged in fraud.
If you mean to defraud it is fraud.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press