Slashdot Mirror
Credit card signatures: Useless?
SpaceAdmiral writes "Everyone should remember John Hargrave's classic Credit Card Prank on Zug. He tried signing fake names on his credit card receipt, and no one seemed to care.
But that's nothing compared to The Credit Card Prank, Part 2. Can he draw obscene pictures instead of signing his credit card? Yes, it turns out. Is there any way of getting your signature checked? . . . Yes, it turns out. But you have to do an awful lot."
One of the first things you notice when on holiday in the US (buying petrol, stuff, whatever) is that they don't look at your credit card signature. Ever.
In the UK (and I think most of Europe) it's a lot different. I've been asked to re-sign because my (legitimate!) signature wasn't quite similar enough. It doesn't help when you've got a 3-year-old card where the signature is pretty much worn-off anyway
Another weird thing about the US is that pretty much the entire world wants to know your social-security number. The only person in the UK who ever asks for my SSN is the taxman, and I want him to know, so I don't get two tax-bills
Simon
Physicists get Hadrons!
When I lived in Australia, a woman at Commonwealth Bank told me that I could not write "Check Identification" on the back of the card with my signature. I insisted that my signature was there, but I still wanted someoene to check the id of the card holder. She was adamant about it. I asked for her manager who was also adamant. Why were they? Because there was no rule or code of conduct which said it "IS OK" to do this. So thereby it must not be done.
My signature is basically a W with a line after.
Wow! Please to meet you Mr. President!
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
Since the U.S. federal government limits my liability to $50 for someone fraudulently using my credit card, and all of my credit card companies waive even that, I don't care who uses my credit card.
Not entirely true. If it can be shown that your negligence contributed to the fraudulant usage of your card, you can be held liable. Granted, you have to really be careless for this to ever be an issue.
For example, loaning it to your friend to make a purchase. He/she makes other purchases on the card, well... you are screwed. The other common occurence is when you do not report a card stolen right away. Then, you can also be held liable.
I've heard of very few instances of this ever being an issue. But do not take the limited liablility policy to be an excuse to be careless. It can come back to bite you.
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
In the US if you have a card linked to your checking account, it can be used as a credit or debit card. As a credit card all that is needed is a signature. A debit card is just a fancy name for an ATM card. When the card is processed as a debit card the machine will ask for your PIN. The problem is in debit mode you can be charged foreign ATM fees (by both your bank and the business processing the card). So it is best to just use the card as a credit card when asked, "credit or debit?" There is also nothing preventing the card from being used one way or the other.
Even worse is that, now, most DMVs make you sign your identification card digitally (like you do with your UPS deliveries). What's the problem with this? Well, when I signed mine at the DMV in 2000, they said "sorry, that isn't valid - sign again".
"What the hell are you talking about? Of course that's valid. That's how I sign my name."
They said that you can't sign your name with any squiggles or crossing lines. My name has a line from the first letter of my last name that slashes through the top of the other letters in my last name. They said that was not valid. So I had to sign it again, without it.
Now, how is that a big problem? Try signing for something where they require checking the signature on your photo identification. I've had people say "have you changed your signature recently?". I even had to sit at my own bank for half an hour once, while they worked out how to deal with my signature not matching - exactly - that on my card.
In other words, I have to sign my signature like the one on my identification card. But the one on my card is not my valid signature, because that's not how I sign things - nor have I ever in my entire life.
I know everyone in concerned about credit card security, but please consider:
1 - Don't just write "see id" on the signature line of your card. Most people don't realize that credit cards are transferable. That is why they almost always contain the phrases "NOT VALID UNLESS SIGNED" and "AUTHORIZED SIGNATURE". If you fail to sign your card, then the person who steals it will just sign it for you. It doesn't matter if the signature matches the name on the front of the card. It only matters if the signature on the back matches the signature on the receipt. If writing "see id" on the back of your card makes you feel safer, great, but please remember to also sign the card.
2 - If you want someone to check your ID when you sign your card, please hand it to the cashier with your credit card.
3 - The security of your credit cards is primarily your concern not the concern of the cashier. I assure you that someone who refuses payment to some yuppie that forgot their driver's license would almost assuredly be reprimanded when that same person calls in to complain. And they WILL complain. People are not reasonable. YOU may be, but trust me, not everyone is as understanding as you are.
Cheers!
-Pointed Stick
My girlfriend is in a wheelchair, and many of the places that have the 'swipe your own card' machines are placed too high for her to reach. She gets me to sign her name and while I felt it rather ridiculous that no other method existed for her to sign her own card, I still complied.
But instead of signing her name, I just wrote things like "she can't reach" or "this is dumb".
A month or two after we received a phone call from VISA who questioned her on all these 'signatures' and wondered why they didn't match, and why she wasn't signing her name.
They were polite, but asked that her actual name be used from now on.
The signature on the back of the card is your acknowledgment of the credit card CONTRACT. It's not a security feature. I don't think it was ever supposed to be a security feature. The reason companies are supposed to refuse your card if you haven't signed it is because that means you haven't accepted the credit card contract, meaning that legally you're not allowed to use the card.
Read the fine print in your credit card contract; I did. That's what the signature is there for. That's ALL it's there for.
http://www.chmodoplusr.com/
I was a clerk in a video store and a cashier at a department store while working my way through school. I would check all Credit Card signatures. Credit cards were required for membership at the video store, most people would pay cash for the rentals.
I confiscated 3 or 4 cards and destroyed them while a cashier after getting "Please Call" back instead of an authorization.
I never caught a bad signature (a couple missing signatures, I would check the Driver's license and look at that signature and photo and tell the person to sign the card later)
I would occasionally get a customer that did not want me to bother checking signatures and one guy belittled me while I was checking. "Oh, now you are a handwriting expert. Oh, how secure." etc etc.
I told him it was better for him that I at least try to catch forgers.
Not really useful to the discussion but that guy still bugs me when I think about it. I was trying to protect his credit not inconvenience him. No wonder clerks don't bother to check.
I run a medium-sized store. The credit card signing IS useless. Why? What do we do with the credit card signatures? Nothing. Absolutely nothing. They get put in a big box, and every so often, they get thrown away. Visa/Mastercard/Amex/Discover makes no requirements on us to do anything with the signatures. The only reason that we could possibly need a signed receipt is if a transaction is fraudulent, and somebody needs proof that they did NOT sign the receipt. And honestly, that's just a guess. Maybe it's buried somewhere in the 100 pages of fine print, but I've never seen it.
1. Credit card companies don't ask for signatures, even in the case of fraud. It's not worth their time and money.
2. Neither myself or any of my employees are handwriting experts. Somebody could forge a signature very easily. It ain't rocket science.
Really, all the signatures for are to provide a sense of security to the tin-foil hat types. In reality, a credit card is as good as cash, but if you lose it, you don't feel the negative consequences. So, while credit card signatures are useless, I readily use mine everywhere without worrying about a signature.
I don't respond to AC's.
One day in a shop I went to pay for a purchase and noticed that my credit card had changed form VISA to MasterCard! On closer examination, I discovered that I had someone else's card. Apart from the user name and the logo it looked just like mine.
My card was missing so obviously it had been switched during some previous transaction. I checked back through my receipts and found, to my amazement, that I had paid for a weekly supermarket shop, a tank of petrol and a small car repair on this other guy's card.
The purchase before had been for a meal on a train home from work a few nights before. On the train they have the habit of collecting several payments at a time and taking them into the kitchen to process. I had been sitting opposite a gentleman at the table and guessed it may have been him.
I live in East Anglia and get off the train at Diss, the stop before the end of the line so I knew this chap would have to get off in Norwich. From there he could have boarded another train or drove off into the countryside. Luckily, when I checked directory enquiries, there was one listing Norwich phone book with his surname and initials. I phoned him up and asked if he had my card in his wallet - he did! What's more he had made three purchases on my card.
I drove to him and we swapped cards. We waited for the statements to arrive and I ended up sending him a cheque for about 30 pounds.
A lucky escape - it's a good job we were both honest. After my experience I'm not really surprised to hear about signatures not being checked. I can understand how it might happen in shops where they know me but all my purchases were not. Here in the UK Chip & PIN is being introduced so that should prevent a similar thing happening. But I always check my card carefully when I get it back now.
For those of you who are afriad of someone stealing your card and making unauthorized purchases, you can rest easy. The credit card companies have been able to detect fraud at the time of purchase for quite a while now. Ever since they felt comfortable enough to offer everyone "zero liability".
First off, the cashier at your local WalMart isn't a handwriting and signature analysis expert or an identity expert. They aren't expected to be. The credit card companies realized this a long time ago. Strangely enough, if your card is stolen and the clerk compared the signature, the store becomes liable for the fraudulent purchases.
A Visa or MasterCard is what's called a bearer instrument. It's the same as having cash. If I handed you a $20 bill to pay for something, you wouldn't ask for ID. The same rule applies to Visa and MasterCard. They're all three bearer instruments.
On the other hand, AMEX is an owner instrument. Only the owner of the card is allowed to use it. IIRC, Diners' Club is the same way. You must be the owner of the card. If you have an AMEX, and your spouse is on the same account, you will each have your own card with your own name on it, and IIRC a different number assigned to the same account.
Using an owner instrument is a little more tricky. In that case, the cashier should make a cursory check to see if the signatures match, and may ask for ID, however, much more than that is placing liability back on the store instead of the Loss Prevention department of the bank or credit card company.
A few years ago, I was sitting at home and got a call from Nike Online. Within about 10-15 seconds of that call, I had a call from Visa Loss Prevention on call waiting. Someone had stolen my Visa number and attempted to use it to buy a lot of Nike stuff from the online store. Both Nike and Visa caught the fraudulent purchase at the time of sale. They were able to get in touch with me, the local police department, and set up a sting to get the thief. I wasn't charged anything, and had only a minor problem while I waited for my new card to arrive since they had to kill the old number (which sucked as I had just memorized it and the code on the back).
Checking IDs is just as bad as airline security. It does nothing to actually prevent crime. It just gives the underinformed a (false) sense of security.
Plant a tree in a developing country.
Uhmm. DUH?
The the pin is not stored on the card. You can copy the card as much as you want, but it won't be of any use as long as you don't have the pin.
The pin could probably be read with interference, but that'd require some hefty equipment. That's not something your ordinary wallet-thief will have access to.
Thats slightly incorrect. Having my wallet stolen now a total of 5 times in the last 5 years. (Why, why does it happen to me) I can tell you from fact, that if you have a Bank of america, or washignton mutal debit card, you CAN request them to deactivate all credit purchuses on your card. (its literly one menu-driven command once they are inside your account) Then, if your card is ever stolen, the moment the credit transaction takes place, its flagged, and I get a call. Last time, they caught the person within 30 minuites of trying to use my card. (She tried it in 5 places) So yes, it is possible just to use the debit part only.
On the PIN number thing, I'm tempted to put a small slip of paper in my wallet, with "0619" written on it. Anyone stealing the wallet may well try it is my PIN, and it won't work. So they turn it upside down (becomes "6190"), and it still doesn't work. If I'm really lucky, they turn it back the other way, try one more time, and the card is now locked.