Slashdot Mirror
Credit card signatures: Useless?
SpaceAdmiral writes "Everyone should remember John Hargrave's classic Credit Card Prank on Zug. He tried signing fake names on his credit card receipt, and no one seemed to care.
But that's nothing compared to The Credit Card Prank, Part 2. Can he draw obscene pictures instead of signing his credit card? Yes, it turns out. Is there any way of getting your signature checked? . . . Yes, it turns out. But you have to do an awful lot."
A story I heard once somewhere on the web:
"I once went to Target to buy a CD and used my new credit card to pay. After signing the receipt the cashier took my card and looked at the back and said "You haven't signed the back of your credit card.", I took my credit card back and signed the back of it and gave it back to her. She then proceeded to compare the back of my just signed credit card with the signature I had also just made on the receipt and said "Yep, they match". I just shook my head, took my stuff and left."
Actually, despite my experience in the past with this kind of sillyness, I have noticed a lot more cashiers taking more care to make sure that the signature really matches. Just yesterday I went to Half Price Books and thought that the cashier was going to breakout a magnifying glass to ensure that the signature was authentic.
this comes in handy when I've had a "little" to much to drink at a bar or club. It's nice to know that my friends can sign for me.
One of the first things you notice when on holiday in the US (buying petrol, stuff, whatever) is that they don't look at your credit card signature. Ever.
In the UK (and I think most of Europe) it's a lot different. I've been asked to re-sign because my (legitimate!) signature wasn't quite similar enough. It doesn't help when you've got a 3-year-old card where the signature is pretty much worn-off anyway
Another weird thing about the US is that pretty much the entire world wants to know your social-security number. The only person in the UK who ever asks for my SSN is the taxman, and I want him to know, so I don't get two tax-bills
Simon
Physicists get Hadrons!
While I realize that this "article" was meant to be tongue in cheek, I'll say:
Every time you make a credit card purchase, they're supposed to match your signature against the one on the back of your card. Nobody seems to check anymore, so I tried to see how far I could push it with wacky signatures like "Mariah Carey" and "Zeus," which you can read in the original Credit Card Prank.
My signature is basically a W with a line after. I have been told it's "unique". I always reply, "it's fast." Signatures required for credit card purchases are lame. Checking my ID is even worse. I always make sure to be a PITA when they ask for my ID when I pay w/a CC. Paying with plastic is my way around hassle and if they're going to give me one I'm sure to pay them back with some.
I was grocery shopping when I ran into a new type of signature-checking device: the electronic screen. Instead of a flimsy scrap of paper, you now sign your name right into the screen. Finally, I thought, a better way to check our signatures!
For these I usually just put an X through it or a straight line. I always believed that an X was a valid signature. What happens if I'm truly unable to write my signature? I have to sign in that box in order for the signature to take so I do. I've never had a problem with someone questioning it (most are 16 year old kids that just don't give a shit).
Going back to my ID issues w/CC's. My ID has a signature on it (for what reason I have no idea) but in order to get that signature on there you have to be writing for a certain amount of time. I had to write out my entire name (including middle name) in order for it to take. It basically means that the signature on my ID is worthless as I never sign anything like that. Why bother to require it if you aren't going to get a valid signature from me?
If we are basing the validation of the signature to the back of a possibly stolen card don't you think that someone would attempt to at least forge the signature? I would think that would be the case.
The world is ending if people seriously believe that a handwritten signature on the back of a credit card will end theft. Maybe we should all be required to have our signature stored in a national database. That surely will stop the terrorists!
So to answer the question posed in the article title: "Credit card signatures: useless?" I have to answer, completely.
.. a guy I used to work with that signed all his credit card receipts and checks "I. M. Jesus Christ"
nobody ever though twice about it.
Starbucks doesn't bother to ask for a PIN or signature under $20: http://www.boston.com/business/articles/2004/08/18 /swipe_hype_debit_the_small_stuff/
John.
When I lived in Australia, a woman at Commonwealth Bank told me that I could not write "Check Identification" on the back of the card with my signature. I insisted that my signature was there, but I still wanted someoene to check the id of the card holder. She was adamant about it. I asked for her manager who was also adamant. Why were they? Because there was no rule or code of conduct which said it "IS OK" to do this. So thereby it must not be done.
I could sign my card Micky Mouse and it would still be accepted.
My other half changed her signature so it was in hini rather than english character set, and they still accepted it when she did the english one without any questions.
They are pointless.
Anyway customers get arsey when you question them about the signature anyway so you lose either way.
These days, I just draw a line across the receipt. Nobody really seems to care. My latest thing has been so see just how short I can make the line.
literally. I just put a line through. That's my signature.
Signatures are pretty easy to forge... especially to an untrained eye.
So I keep my "real signature" for important stuff. Some waiter doesn't need my signature. They charge regardless.
I'm asked all the time to show my ID by various cashiers when I use my credit card in a store and it's a bit annoying.
Since the U.S. federal government limits my liability to $50 for someone fraudulently using my credit card, and all of my credit card companies waive even that, I don't care who uses my credit card.
I just had to have one credit card replaced because someone attempted to charge $9,000 worth of "computer equipment" to it while I was on vacation. It was actually the third incident of someone putting fraudulent charges on that card. The funny thing is that even my credit card company didn't care - it was I that insisted on getting new numbers on the card. Which explains why more and more vendors are asking for ID or checking signatures - they're the ones that lose money when fraud happens.
I'm a big tall mofo.
Something i learned while working in retail is write "check id" in the signature block...not everyone checks, but i usually get at least 60% of the people ask me for id...so it would at least slow down someone having a spending spree with my card.
I used to work in the box office at a performing arts center. We took credit card orders all the time, and all of us knew that we had to double-check the signatures. I remember more than one patron being very indignant when I refused to accept a card with "See ID" (or "CID") on the back, or worse yet, no signature at all.
"Can I just sign the card now?"
"I'm sorry, but I have no way of verifying your signature then."
"But nobody else ever cares!"
"I'm afraid that we do."
It's times like that that a boss who backs you up is a very, very helpful thing. (We would still take a different, and signed, credit card from them. We weren't total jerks!)
At my local starkbutts, I bought a pound of coffee and waited for the pen. and after an awkward pause, was told by the cashier that no signature was required any longer for purchases under $25...she was not even going to give me anything to sign.
I did not feel comforted by that...my stolen wallets have always been used to by gas because of the no-signature-pay-at-the-pump option. anyone else encountered this?
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
UK has all switched over to the chip and pin system now so no signature required, even better, of course its extremely easy now to just watch everyone enter their pins so if u get that its straight to the cash machine and withdraw everything :)
I figured this out when I got my first credit card. If you sign your card, they will never look closely enough at it.
A friend of mine told me that writing "See Identification" in the signature block on a card would work. It sometimes did, but even then merchants would "compare" my signature and OK it. I tried writing "SEE IDENTIFICATION" in large letters with a black Sharpie. Worked better, but not entirely.
I finally came up with a permanent fix, that has yet to fail me:
When I get a new credit card, on the back Signature area I take a black Sharpie and draw X's over the entire signature area. That forces the clerk to ask for ID. It works EVERY TIME. The only time it hasn't worked is when the clerk doesn't bother checking, but there's little you can do about that other than make a scene or report them to their manager. Besides, in some places (maybe all) a signature is not required for purchases $20.
There is no reasonable defense against an idiot with an agenda
:wq
I can't tell people how many times I've written everything from swears to promises of money if people read my signature when I sign and haven't had a single person say anything to me. This problem is significantly greater when I sign electronic pads at businesses after swiping my card. They don't even ask to see the card.
And credit card companies complain about rampant theft and people filing bankrupcy... yet the security on these cards is ridiculous. They promise to pay ALL debt incurred due to a stolen card, yet they give out miniature sized cards to put ON YOUR KEYCHAIN and no one gives half a shit about what you sign when you swipe the damn thing. The whole system is a joke.
If I were running the credit card companies, I would hold the vendors responsible for any loss due to fraud that was a result of their NOT checking signatures and ID's.
THAT would put a stop to that.
The safest thing to write is 'See ID'.
Well, it's safe because it forces them to check the ID of the card's user, and it's funny because you can really tell if they care or not, since maybe people check it 1/10 of the time.
Of course, someone could still buy gas, order online/over phone with it., etc.
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
Instead of signing the back of his credit cards, my dad writes "Ask for photo ID". If they don't, he asks them calmly if the signatures match. If the cashier says yes, he asks to talk to their supervisor. He doesn't make a big fuss out of it most of the time, and tends to joke around with the cashiers more than make them feel bad, but it gets his point across. He also praises those cashiers that do actually ask for photo ID.
I like it because it has the net effect of making cashiers more likely to check ALL signatures, not just his.
You have enemies? Good. That means you've stood up for something, sometime in your life. --Winston Churchill
The credit card companies actually advertise this as a feature. Hasn't anyone seen the "Visa Check Card" commercials?
"Thanks, but I'll have to see some ID."
That's their sole "feature" - that credit cards are less secure than checks. And the percentage that they siphon from the credit card / direct check transaction goes to cover any fraud.
So I fail to see how this is an issue. If someone uses my card fruadulently, then I get reimbursed. That is a lot easier than fooling around with checks from a consumer standpoint. From a business standpoint, it is a ripoff because the cost of credit card / direct check transactions *could* be lower.
In the end, the banks don't even make an effort to catch small scale fraudsters. At one point, I helped a friend do just that but we were displeased to find that the bank and police did not care when we showed them our findings.
More
I've come up with the ultimate 'Impossible to Forge' signature:
I DO IT DIFFERENTLY EVERY TIME!
------ The best brain training is now totally free : )
Sure, it's probably too easy to use someone else's credit card without their permission. But remember that the transactions are not settled until long after the swipe (say, a month). Credit cards, evil as they are with their obscene interest rates, do offer substantial protection for consumers and in case of fraud you have recourse without having to pay a cent.
For example, if someone else purchases something with your card (fraud) you can call up your credit card company and indicate that you did not conduct this transaction, and that the merchant does not have your signature on file. They will check and see, indeed, the signature is not available.
Another example (a bit off topic but still interesting) is when the Canadian discount airline, Jetsgo, suddenly went bankrupt. They were even selling tickets to passengers the day before they shut down operations. AFAIK, people who bought their plane tickets by credit card had their transactions cancelled because they were not / could not be provided the product or service they paid for. There was no legitimate sale.
The card is about 3 years old, the signature has worn off completely, and I can't resign it (so far no pen seems to write on the mangled signature panel). So they always check my ID.
But what's the point anyway? I can go online and spend thousands of dollars with no verification, so what is the point of checking my ID in store?
LordBodak's journal.
Okay, I'm sure that everyone has stories about how useless they are, but I'll share mine.
A month or two ago, checking out in the grocery store line, I got a new clerk. When I swiped my card, the person training her told her to check the card. I was using my wife's card with her name on it and it wasn't even signed. The clerk proceeded to take the card, she examined the front carefully and then examined the back. Then she handed the card back with a smile as if to say, "Yep. It's a real credit card alright."
Worthless.
Ha, ha! Nobody ever says Italy.
http://64.233.167.104/search?q=cache:0NXYo63xW3QJ: www.zug.com/pranks/credit_card/
"Better to be vulgar than non-existent" -Bev Henson
I work twice a week at a large-chain record store. We've all be instructed, repeatedly, to check for the signatures. As a low-level manager there, I make damn sure the store associates are doing it.
We won't take a card without a signature on it, or process a transaction for someone whose name doesn't appear on the card (including family). While we check to see if the signature matches, we generally WON'T generally call someone out on a signature that looks different, unless the purchase is unusually large. If we have a suspicion that someone is using a card fraudulently, we notify our managers, who then notify our corporate office and mall security.
We're not in the business of accusing people without air-tight evidence, because it's bad customer service. Once the appropriate parties have been notified, we and others in our chain keep an eye out for the potential offender and look for more blatant signs of theft or theft of services.
Even worse is that, now, most DMVs make you sign your identification card digitally (like you do with your UPS deliveries). What's the problem with this? Well, when I signed mine at the DMV in 2000, they said "sorry, that isn't valid - sign again".
"What the hell are you talking about? Of course that's valid. That's how I sign my name."
They said that you can't sign your name with any squiggles or crossing lines. My name has a line from the first letter of my last name that slashes through the top of the other letters in my last name. They said that was not valid. So I had to sign it again, without it.
Now, how is that a big problem? Try signing for something where they require checking the signature on your photo identification. I've had people say "have you changed your signature recently?". I even had to sit at my own bank for half an hour once, while they worked out how to deal with my signature not matching - exactly - that on my card.
In other words, I have to sign my signature like the one on my identification card. But the one on my card is not my valid signature, because that's not how I sign things - nor have I ever in my entire life.
As such, you get this box thrust into your hands and you're asked to type in your PIN in full view of all the people around you.
Sometimes you can cover it up with the other hand, but this gets a little difficult if you are actually holding the machine with one of those hands.
Unsurprisingly Chip and Pin fraud is still climbing although the banks are spinning it by claiming it would be worse if we didn't have it. Hardly the end to card fraud that they originally claimed.
Avantslash - View Slashdot cleanly on your mobile phone.
My uncle had his -signature- denied on a formal paper (I think it was for a loan/morgage on his house ; Something financial); :) ).
His signature excists of yer normal scribble, but the O in his name, has a smiley face (he's very consistent with that
When the bank noticed his signature they said they could not allow it, and wanted him to re-sign.
After he showed various ID on which his autograph -did- have that smiley, and they -still- wouldn't want to accept it, he turned to another bank, where they did not give him any slack.
I've worked in retail for a while and I'll say that in some respects it's the customers that are the problem. Most of the places I've been have had a loose policy of checking the backs of unsigned cards/CID/"SEE ID" cards. Whenever I've had to work the cash register I do diligently check the ID of the person I'm ringing up.
More often than not, though, people that are ringing you up won't enforce those rules because the customers will get pissed that you are wasting their time with checking for ID. I remember one time that I wouldn't accept an unsigned card from this lady. I would have accepted it with ID, even though technically the card isn't valid until it's signed. The lady didn't have any ID on her though. So she said that she would sign it right then, so that I could accept it. I told her that doing so would defeat the purpose of requiring a signature or ID. She started getting pissed at me that I wouldn't accept it. I suggested to her that she go up to the ATM and get some money. After a bit, of arguing with me and my manager she did and came back with some cash to pay.
The problem is that most cashiers try to avoid people like this by just accepting everything. Not only that, but the people waiting in line start getting pissed that it is taking so long to pay for their items if you are spending too much time putzing around with someone's Credit Card and ID. One thing that I have noticed is that most cashiers will ask for ID, if you pull it out with your card though. I guess they think that since it's already out, then they can just glance at it to make sure it's right.
Writing 'See ID' on your card is an excercise in retardedness more than anything else.
The signature panel is not there to prove your identity... its there to show that you agreed to the terms of the cardmember agreement. (ie you agree to pay) It has NOTHING to do with your card's security.
When you sign a credit card draft, it says something to the tune of "I agree to adhere to the terms of the previously agreed to cardmember agreement". Your signing the card signals that you agreed to adhere to that agreement.
Its an outdated and silly mechanism that still exists because the precise meaning of electronic signatures still varies in some jurisdictions.
Conformity is the jailer of freedom and enemy of growth. -JFK
I know everyone in concerned about credit card security, but please consider:
1 - Don't just write "see id" on the signature line of your card. Most people don't realize that credit cards are transferable. That is why they almost always contain the phrases "NOT VALID UNLESS SIGNED" and "AUTHORIZED SIGNATURE". If you fail to sign your card, then the person who steals it will just sign it for you. It doesn't matter if the signature matches the name on the front of the card. It only matters if the signature on the back matches the signature on the receipt. If writing "see id" on the back of your card makes you feel safer, great, but please remember to also sign the card.
2 - If you want someone to check your ID when you sign your card, please hand it to the cashier with your credit card.
3 - The security of your credit cards is primarily your concern not the concern of the cashier. I assure you that someone who refuses payment to some yuppie that forgot their driver's license would almost assuredly be reprimanded when that same person calls in to complain. And they WILL complain. People are not reasonable. YOU may be, but trust me, not everyone is as understanding as you are.
Cheers!
-Pointed Stick
If you do not take cards with CID on the back, It will be only a matter of time before you are reported to VISA/Discover. Both accept that customers want an ID back up on their cards and accept this. Basically, you run the risk of losing the ability to use charge cards at the facility. At that point, how happy do you think that patrons will be? And yes, you were total jerks.
I prefer the "u" in honour as it seems to be missing these days.
As a heavy drinker that uses a debit card often at bars I'll be the first to tell you that just about any scribble will do.
I sometimes just scrawl a blob for a signature and apparently it works.
The rules of what contract law considers a signature vary depending on the context. Laws have been amended to allow for oral authorization over the phone or digital signatures online.
Conformity is the jailer of freedom and enemy of growth. -JFK
A few years back a thief broke into our van while we were at the beach with my parents. We didn't notice the theft until later that afternoon(only the credit cards were stolen). On one card the crooks racked up nearly $15K in less than 15 minutes at Dillards. We met with the Dillards manager the next day only to be told that their corporate policy it to not check ID or validate the signature.
"God fights on the side with the best artillery." - Napoleon, Marshal of France - speaking truth to power
In the UK we don't have photo ID. So when we were signing credit cards there was much more reason to check that the signature on the slip matched the card. Now, we've adopted a much more secure system using a smart chip on the card and entering a four digit pin into the card reader. No more signing slips. They've had this for many years in France and have a much lower incidence of card fraud. This is a good thing. I've never been able to duplicate the signature on the back of any of my cards. It always comes out different on the slip (different surface, different pen, etc.). Chip'n'pin should reduce fraud. So now we're exposed to "card not present" as the new fraud.
Sigs. We don't need no steenking sigs.
The signature on the back of your credit card is NOT for the cashier to compare signatures. It is there as your formal acceptance of your credit card companies policies.
According to the merchant's agreement with the credit card company, cashiers are NOT supposed to accept cards that have not been signed. If they do, the merchant, and not the credit company, is responsible for any fraud.
My girlfriend is in a wheelchair, and many of the places that have the 'swipe your own card' machines are placed too high for her to reach. She gets me to sign her name and while I felt it rather ridiculous that no other method existed for her to sign her own card, I still complied.
But instead of signing her name, I just wrote things like "she can't reach" or "this is dumb".
A month or two after we received a phone call from VISA who questioned her on all these 'signatures' and wondered why they didn't match, and why she wasn't signing her name.
They were polite, but asked that her actual name be used from now on.
A lot of people have talked about writing "See ID" on the back of the card for the merchant to check. I've dealt with this before, and if the merchant is following the proper procedures (visa here), they should make you sign the card before they will accept it. The US Postal service will not accept it at all.
So this should only be a one-off for people who do it, although from my experience and most of the reports here it seems that very few places follow through on this even if they check.
As for the main question, are the sigs useless? Well no, they're not foolproof but act as a line of defense which makes fraud a bit harder, puts off some people from trying it and maybe gets some fraudsters caught.
Say you lost your signed credit card and some nefarious type found it. With about 2 minutes of practice they would be able to forge your sig good enough to get by the minimum-wage-high-school-attending cashier so why bother with this lame security device from our distant past. Another reader mentioned signing onto a screen which does not seem to check your sig against any database but makes it easier to store I guess. If the stores can roll out this technology then there should be nothing standing in the way of biometrics. Im currently typing this on a ThinkPad T42 with a fingerprint reader and it works great so to me it would seem that the technology is ready for prime-time. Maybe using bio-metrics and having a picture card backup if the biometrics fails to match would be the answer.
The signature on the back of the card is your acknowledgment of the credit card CONTRACT. It's not a security feature. I don't think it was ever supposed to be a security feature. The reason companies are supposed to refuse your card if you haven't signed it is because that means you haven't accepted the credit card contract, meaning that legally you're not allowed to use the card.
Read the fine print in your credit card contract; I did. That's what the signature is there for. That's ALL it's there for.
http://www.chmodoplusr.com/
In the UK Tesco's used to pay the £50 bounty for finding stolen cards to the cashier. They had the highest recovery rate going.
Then the management decided to keep the money and they have dropped back to being like everyone else.
I always sign mine as Daffy Duck.
I run a medium-sized store. The credit card signing IS useless. Why? What do we do with the credit card signatures? Nothing. Absolutely nothing. They get put in a big box, and every so often, they get thrown away. Visa/Mastercard/Amex/Discover makes no requirements on us to do anything with the signatures. The only reason that we could possibly need a signed receipt is if a transaction is fraudulent, and somebody needs proof that they did NOT sign the receipt. And honestly, that's just a guess. Maybe it's buried somewhere in the 100 pages of fine print, but I've never seen it.
1. Credit card companies don't ask for signatures, even in the case of fraud. It's not worth their time and money.
2. Neither myself or any of my employees are handwriting experts. Somebody could forge a signature very easily. It ain't rocket science.
Really, all the signatures for are to provide a sense of security to the tin-foil hat types. In reality, a credit card is as good as cash, but if you lose it, you don't feel the negative consequences. So, while credit card signatures are useless, I readily use mine everywhere without worrying about a signature.
I don't respond to AC's.
Mirror can be found at nyud.net
Q: How does a Unix guru have sex? A: unzip;strip;touch;finger;mount;fsck;more;yes;umount;sleep
Credit Card companies explicitly tell merchants to refuse cards with "See ID" written on them. I was refused service at a Post Office for this reason.
As far I as I can tell, the credit card companies WANT to encourage fraud, because (a) they don't pay for it, the vendors do, and (b) advertising fraud-protection (at the vendor's expense) makes them look good. The credit card companies sell the customers on the convenience, and then together the companies and the consumers squeeze the vendors.
I was standing in a supermarket checkout line in Cambridge in the UK once and this pretty festy looking homeless dude is in front of me with a 6 pack of Tennents Super Strength lager. Anyway he whips out this busted up debit card, all scratched and bent, obviously stolen or found. The pimply checkout chick just takes the card and incredulously turns to the bum and asks him if he would like any cash out with his purchase. In the UK you don't have to type in a pin to get cash out with purchases at the supermarket you just have to sign and well...... You should have seen the guys eyes light up. It was going to be his lucky day. "50 pounds please"
The cashier then takes the card and swipes it. Unfortunately for the alkie bum the card was too damaged and wouldn't swipe through the machine correctly. If he had been a bit luckier he would have easily made off with 50 quid and a 6 pack of lager. What was really astounding was the robotic attitude of the checkout chick to the obvious scam. She would have happily handed over that 50 quid if the card had swiped.
The bikini - security through obscurity since 1943
I used to work at a software store, and the regional manager was very concerned that all employees check signatures for all credit card purchases. We even had this long set of rules, and one of them was, "The credit card must have a valid name in the signature area". It is illegal, after all, to put something besides your signature on your card.
So one day, I'm working and this college girl comes in and picks up Wing Commander 3 from the shelf. She walks up to me, smiles, and gives me her credit card. In the signature area is written: "Please ask for ID". So I ask to see her ID, and she smiles at me and says, "Thank you! You're the first person all day who's asked to see my ID." Now, I'm starting to get a good vibe from her, until I remember the rules. I compare her driver's license signature to her credit card, and I'm about to hand it back to her and ask her about the game as a way to get her to talk to me (she's probably buying the game for someone, but who knows, maybe I'm about to meet a single, female gamer - they DO exist!) when the manager wanders over. I suppose he'd seen her dig out her driver's license. Crap. So now I have a choice - it's really too bad that I loved my job. So I hand her back her license and credit card and say, "I'm sorry, I can't accept this credit card." Well, her smile disappears pretty quick. I try to explain the rule, but she pays with cash and leaves the store pretty quick.
Next time the regional manager was in the store, he complimented me on my performance - my manager must have told him about it. Still, I would have rather had her phone number than a compliment from the sleazy regional manager.
And I never saw her in the store again.
Video Cameras.
Go ahead, try and write a bad signature, then claim you didn't make that purchase; they'll show the videos of you Entering the store empty handed, picking up the Merch, your time at the Cashier, and Exiting the store, laden with goods.
Theft, Fraud, Perjury...
Same at the Gas Station, they got an image of your license plate and car.
Comment removed based on user account deletion
One day in a shop I went to pay for a purchase and noticed that my credit card had changed form VISA to MasterCard! On closer examination, I discovered that I had someone else's card. Apart from the user name and the logo it looked just like mine.
My card was missing so obviously it had been switched during some previous transaction. I checked back through my receipts and found, to my amazement, that I had paid for a weekly supermarket shop, a tank of petrol and a small car repair on this other guy's card.
The purchase before had been for a meal on a train home from work a few nights before. On the train they have the habit of collecting several payments at a time and taking them into the kitchen to process. I had been sitting opposite a gentleman at the table and guessed it may have been him.
I live in East Anglia and get off the train at Diss, the stop before the end of the line so I knew this chap would have to get off in Norwich. From there he could have boarded another train or drove off into the countryside. Luckily, when I checked directory enquiries, there was one listing Norwich phone book with his surname and initials. I phoned him up and asked if he had my card in his wallet - he did! What's more he had made three purchases on my card.
I drove to him and we swapped cards. We waited for the statements to arrive and I ended up sending him a cheque for about 30 pounds.
A lucky escape - it's a good job we were both honest. After my experience I'm not really surprised to hear about signatures not being checked. I can understand how it might happen in shops where they know me but all my purchases were not. Here in the UK Chip & PIN is being introduced so that should prevent a similar thing happening. But I always check my card carefully when I get it back now.
I always write "See ID" on the back of my cards. Most people don't bother to check, but some do and then I tell them this story.
When my wife and I were out appliance shopping we went into the local Best Buy. We picked out a washer, dryer, and a couple of other things totaling about $1,800. When we got to the front the cashier was more interested in talking to the young girl standing next to the checkout stand than to even acknowledge my wife and I. With no greeting, and no eye contact, he completed the entire transaction and handed me back the card. It wasn't until I had put my wallet away that he asked to check the signatures. When he saw that the signature line said "See ID" he asked for my ID. I told him that I couldn't show him my ID because the card was stolen and it wouldn't match. His jaw dropped to the ground as he frantically started to void the transaction.
When I got his manager to the front I explained that by not checking before hand he had made the merchant liable for any damages caused by using the stolen card. When the manager told me, " if there had been a problem they would have simply voided the transaction, thus clearing any problems for the person whose card had been stolen." I pointed out that many credit card companies took out the transactions immediately, but processed the returns only after they had been "cleared" by the merchant. (Try it, Target & Best Buy will pull immediately, but not return for a couple of days.) Since they would have just tied up my entire credit limit, if my wife had been out using her legitimate card at a business dinner, it would have been declined causing great anguish on her part possibly opening to a pain and suffering type lawsuit.
I don't always resort to that story, but the kid ticked me off. I wonder if the manager even wrote him up for not acknowledging the customer.
For those of you who are afriad of someone stealing your card and making unauthorized purchases, you can rest easy. The credit card companies have been able to detect fraud at the time of purchase for quite a while now. Ever since they felt comfortable enough to offer everyone "zero liability".
First off, the cashier at your local WalMart isn't a handwriting and signature analysis expert or an identity expert. They aren't expected to be. The credit card companies realized this a long time ago. Strangely enough, if your card is stolen and the clerk compared the signature, the store becomes liable for the fraudulent purchases.
A Visa or MasterCard is what's called a bearer instrument. It's the same as having cash. If I handed you a $20 bill to pay for something, you wouldn't ask for ID. The same rule applies to Visa and MasterCard. They're all three bearer instruments.
On the other hand, AMEX is an owner instrument. Only the owner of the card is allowed to use it. IIRC, Diners' Club is the same way. You must be the owner of the card. If you have an AMEX, and your spouse is on the same account, you will each have your own card with your own name on it, and IIRC a different number assigned to the same account.
Using an owner instrument is a little more tricky. In that case, the cashier should make a cursory check to see if the signatures match, and may ask for ID, however, much more than that is placing liability back on the store instead of the Loss Prevention department of the bank or credit card company.
A few years ago, I was sitting at home and got a call from Nike Online. Within about 10-15 seconds of that call, I had a call from Visa Loss Prevention on call waiting. Someone had stolen my Visa number and attempted to use it to buy a lot of Nike stuff from the online store. Both Nike and Visa caught the fraudulent purchase at the time of sale. They were able to get in touch with me, the local police department, and set up a sting to get the thief. I wasn't charged anything, and had only a minor problem while I waited for my new card to arrive since they had to kill the old number (which sucked as I had just memorized it and the code on the back).
Checking IDs is just as bad as airline security. It does nothing to actually prevent crime. It just gives the underinformed a (false) sense of security.
Plant a tree in a developing country.
the real advantage of credit card signatures is an added criminal charge. In a lot of states using someone else's credit card to buy $1000 worth of stuff amounts to petty theft, and is only grand larceny if you steal a certain monetary value from a single party. Thus the prison terms are often very short. However, if you sign the line, it's fraud, which is usually a felony.
you need to get a different bank. My bank (USAA) not only doesn't charge me for every ATM transaction at a foreign terminal, it reimburses me for charges made by those foreign terminals (up to a certain dollar value per month). I believe ING does this as well. Both of these banks have the drawback that they don't have a brick-and-mortar presence, but I think that, in USAA's case at least, it is more than mitigated by all of the pluses. Another big downside for USAA (to you, probably) is that it only accepts certain types of customers. ING is all-inclusive, I believe, but I know far less about ING.
Ben Hocking
Need a professional organizer?
When my card was stolen, the thief who went on a 1 day shopping spree simply claimed to be my brother. He had a signed note to prove it, and, funny how that signed note did match the signature on the credit card. Not every store bothered to ask him for that signed note, and no one ever asked the thief for his own identification.
Now my CC signature bar has a partial signature and a "check ID." About twice a year a clerk reads it and then asks to see an ID.
Some new credit card machines require at least a few somewhat recognizable characters. At Harris Teeter when I use my credit card, I have to alter my signature in order for the machine to accept it. I find this somewhat amusing, and somewhat disturbing.
Ben Hocking
Need a professional organizer?
One rate is for phone or internet orders, and the other is for in-person (cardholder present) sales. Sales without the cardholder present are a higher risk, and the bank charges the merchant (or at least in our case) a higher fee per transaction. I really don't pay attention to what the fees are anymore... there is little we can do about it, so time and energy is better spent trying to increase sales rather than worry about small, unavoidable fees.
Again, according to Robin, the card swipe through the terminal proves that the physical card was present, and the signature proves that the customer was present, saw and accepted the goods. These are factors that, on average over the sum of all transactions, significantly reduce risk. That is why they are important. It is this overall trend that matters to banks and the credit card processing clearinghouses.
Now, in the IT/computer security world, there's a tendancy to think of potential weaknesses, how to exploit them, and how to design countermeasures... roughly in that order, and in this case the first two. Valuable as this is, the constructive approach is to apply creative throught towards improvement, rather than cynical dismissal (common of slashdot comment posters) of the importance of a signature because most clerks don't check.
In fact, the truth is that on average, in-person transactions with a card swipe and signature carry a lower risk of fraud. Perhaps that risk would be even lower if most clerks checked the signature more closely, but even with the reality of today's environment, the card swipe and signature do indeed result in lower risk of fraud, which is passed on to the merchant as a lower fee.
PJRC: Electronic Projects, 8051 Microcontroller Tools
I stumbled onto the best way to get cashiers to check ID. I had an account that I maxxed out for an 18 month 0% deal. I wrote 'DO NOT USE!' on the front in sharpie to make sure I wouldn't accidently charge something and go over the limit. When the 0% was over and I paid off the balance, I started using the card. Almost everyone noticed it and asked that I show ID. A few people were a bit rude about it, but I just mention that I put it there because of lazy cashiers who don't bother to do their damn job, and it shuts them up quick.
your credit card company would not make any money.
1)the signature is an agreement to pay what you charge, nothing more. The security aspect was added on later as a 'feel good' measure.
2)They(the stores) make more money this way. it's quicker, which means more purchases.
The credit card bean counters look at this every year, they make more money not pissing off the stores then they would with more secure transactions. Now, if somebody comes up with a secure way of doing business, that doesn't slow the transaction and the customers don't mind the credit card companies would implement it.
The Kruger Dunning explains most post on
As others have noted, if you read the card holder agreement, the signature on the card accepts the terms of the that agreement. If you read your receipt, the signature on the receipt signifies that you agree to pay the retailer the sum charged. I do not think authentication is mentioned anywhere. So, this is my problem with credit cards and debit cards used as credit cards: there is no authentication at the time of purchase. I would like to see broad deployment of "smart" credit cards in the US. I am not a cryptographer, but I think a credit card purchase should depend on at least the following: the holder knowing a secret (PIN?), the card knowing a separate secret, the card issuer knowing a third secret, and an algorithm that ties the secrets together. That way, there is some hope of proving that the relationship between the three entities is valid at purchase time. The current system only works, because there is such massive indemnification (no responsibility for unauthorized purchases over 50.00). The indemnification does not keep fraud down; it only foists the cost of fraud onto the retailers who then raise their prices to cover themselves.
.02.
My
-ghostis
Computer Science is all about trying to find the right wrench to bang in the right screw. -T.Cumbo?
When Ninja Gaiden came out for the XBox, I headed over to the local Wal-Mart to grab me a copy. Taking it over to the register, the upitty cashier first demanded proof that I was 17 (I was 21 at the time and have always appeared older for my age. Example: At my sister's 15th birthday dinner, when I was 13, the waitress handed me the wine list.). Upon being begrudgingly satisfied by my driver's license, we went through the purchase. When I handed him the receipt, he literally took the credit card back out of my hand and compared my signature on the back to my signature on the receipt. "Ummmm...ok, I guess it's close enough. But try to do it better next time or I won't sell it to you."
It's the closest I've ever come to outright decking a store employee. Jump through hoops to get your signature checked? Nah, just find the newly promoted manager at Hell*Mart.
ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
When my wife and I were traveling in Sri Lanka, we saw an interesting advertisement in one of the English dailies. A bank was advertising a credit card system under which you'd receive a text message every time your credit card was used. Idea being, I suppose, that if fraud occurred the owner would learn of their impending bankrupcy instantly.
I have never punched in my zip wrong, since I want to get my gas, not test the theory that it would cause an authorization problem.
Matching the billing zip to the card might prevent a little fraud - especially at a gas pump which has no signature or even a human attendant. I wouldn't be surprized to see more of it. Lots of places already make the clerk punch in the last four digits, to make sure the embossed number matches the magnetic number, what's another few digits?
This issue is a bit more complicated than you think.
Comment removed based on user account deletion
All of you you See ID fanatics get out of my lane you are wasting my time. And doubly so for those that insist on calling a manager over or some of the other dumb crap people have done in these postings. If you can't simply follow the rules for making a transaction (ie sign card, sign recipt) Then please don't shop or possibly just wear a hat that says Im an a** hole so I don't get behind you in line. I mean I could write "check for birth marck on ass" The clerk doesn't need to do it thats not how the card works. I bet you are all the same people that have a coupon that says internet only and think "Hey they will accept this at the store".
Maybe you don't have any real money?
It could be what they're thinking.. I know I feel stupid when I forget to hit the ATM and have to charge something like toothpaste.
Can you be Even More Awesome?!
I was in China 2 weeks ago, and my co-worker tried to pay for our dinner with his credit card. The waiter came back after my co-worker signed the bill, and turned over his card, which had "CHECK ID" written in block letters on the back of it. The waiter would not let us go until my co-worker wrote "CHECK ID" in block letters on the signature line of our bill.
here is the text from your link:
Step one is to ensure that the CARD MUST BE SIGNED in order to ensure that the cardholder has agreed to VISA's policies. So again, what was I wrong about?
Anyway, BoA's procedure is simple. A little longer than necessary, but simple. You notify an agency (who notifies two others) that the card number is being misused. You then spend 30 minutes convincing a Bank of America teller that you are who you are (and that's actually admirable security). The card is then locked down. You then talk to a third person about the disputed charges, and they then send you a report card you need to fill in.
Wha's good about a process as long and complex as that? Simple. They HAVE a process. Americans seem to assume that money is there to be stolen, so there are usually no procedures of any kind at all. No safety checks, no verification. The FBI openly say they won't touch online fraud that is worth less than something like $15,000. Which means that they don't give a damn about anything that happens to people, just corporations.
America has nothing similar to the Data Protection Act. The retention of data that could be misused or abused is therefore entirely OK. With nobody taking responsibility for dealing with online fraud and identity theft, there's zero incentive to NOT put such data at risk.
This is just my personal opinion, but in cases of identity theft, I'd argue that those responsible for the safekeeping of the data are just as criminally culpable as the thief. If irresponsible behaviour and criminal negligence really was regarded as criminal, we might see some major improvements.
There was a documentary a few years back, on Russian crackers. Apparently, major banks TO THIS DAY have unsecured dial-in lines that directly access the bank's computers. By unsecured, they made it clear that this included no passwords or other authentication of any kind. Apparently, banks lose a good few million on a yearly basis to skript-kiddies with a war-dialler.
This is a broken, defective system. That is the only way to describe it. Personal information needs better protection, and critical systems need hefty security. In general, this isn't happening.
On security, I give America a grade of F-.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
The requirement for fraud is, well, intent to defraud. IANAL, but my father was and one of his favorite bits of legal trivia was thus:
I can sign your name if you tell me I can, so there is no fraud if I sign your name without fraudlent intent.
Your signature doesn't have to be related to your name in any way; as long as it is something you use as your signature its valid. This goes back to illiterate persons "making their mark" to sign documents. You don't even have "a signature" you have as many signatures as you want to. For instance I have an added glyph I use on some kinds of documents, it cannot be represented in any current character set and it will botch any OCR scan. It has its uses... but it only shows up on some things.
The "signature card" on a bank account and the place to sign on the back of a credit card exist solely to act as arbiters; they exist only to define what your signature is on that account. In this respect the signatures involved are simple, anonymous key matching operations.
I can sign my name to where yours should be, but if I do so with the intent to pass-off and say that what I wrote is supposed to be your signature, it doesn't matter that the letters spell out my name, by presenting the document as something signed by you (the authorized party etc) I am engaged in fraud.
If you mean to defraud it is fraud.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
You've done this before, haven't you? Go on, admit it! :)
Two years ago, I began signing documents with a simple graphic that my friends call "the booby lady", a line drawing of a naked (and extremely busty) female form, nipples included. Since then, I've co-signed a bank loan, signed a lease, gotten a new driver's license, and signed innumerable credit card statements and other documents. I've only had about a dozen experiences over these past two years when the signature-requester even noticed that my signature is odd (nevermind that I always sign documents sideways), and only a handful of these make any kind of verbal acknowledgement.
My new signature has only been challenged twice, and both were employers: the first (which was my employer during the signature change) apparently got a complaint from a female employee in human resources, noticed that my signature at hire was different from my current one, and told me to "print my name instead of using my signature" if I needed to sign anything for them in the future. The second (my current employer) simply wanted some official documentation that this was my legal signature before they hired me, so I went over to the DMV and got a new driver's license with nothing more than a double-take from the employee that watched me sign the license.
So not only can you sign anything you like any way you like, as very few people (less than 5%) will even bother to check that it matches, but also, as far as I can tell, *no one* will prevent you from legally changing your signature to something completely nonverbal and nonsensical.