Slashdot Mirror
Death Hovers Politely For Americans' Swipe-and-Sign Credit Cards
schwit1 writes "U.S. banks and merchants are shifting to a more secure way of authorizing credit card transactions in which customers will enter a personal identification number (PIN) at checkout instead of signing a receipt. The US is the last major market in the world using the signature system, which is part of the reason why a disproportionate amount of credit card fraud happens here. The change is especially relevant given the massive fraud perpetrated against customers of Target in the fall. During a Congressional hearing last week, Target CFO John Mulligan said the company is accelerating the $100 million effort to switch to the so-called "chip and pin" system.
The change won't happen all at once. Banks must issue cards with microprocessors and merchants need the right equipment to process the chip and PIN transactions, which is likely to happen gradually. But Visa, American Express, and MasterCard have announced that banks and merchants that have not adopted the technology for face-to-face transactions by October 2015 will be liable for fraudulent purchases. That's a strong incentive to get up to date. The new system will also prepare merchants and banks to transition to contactless payments in the near future."
Finally the US banking system is catching up to the rest of the world.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
Why the hell has it taken y'all so long?
[FUCK BETA]
Increased expenditures for new card readers and technology has been rebuffed universally because the retailers aren't typically the ones out of the cash when a fraudulent credit card is used.
The Target breach was a large enough embarrassment to light the fuel under the motivational bonfire.
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
Pretty sure you have no idea what chip and PIN is. It only works with direct electrical contact. You are probably confusing it with RFID which we already have and nobody really uses.
Why the hell would they switch to a pin system, rather than adding it as a second factor? The signature is useful for forensic analysis of the fraud after the fact. It is hard to beleive this is about security, and easy to believe it is about them saving money by not having to deal with signatures and the overhead, etc.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
In all the time I've spent in America I don't believe I've ever seen anyone really check the signature against the card.. always amazed me how lax and open to fraud that system was. In the UK we switched to chip and pin about 10 years ago.. and we were generally lagging the rest of the EU on that matter.
But why would the US move to chip and pin when it could leapfrog ahead to biometrics.. you're already seeing fingerprint scanners and suchlike appear in mainland Europe (http://www.bbc.co.uk/news/technology-21085738) and surely enough of the initial results are in to guide the decision making there.
Chip and PIN cards use a challenge-response protocol so even if you skim all the information you can only make one charge before it becomes invalid. There is actually a microprocessor on the card that does crypto so the credentials transferred only allow a single authorized transaction. So if the charge goes through for the thing you were supposed to be buying, then you know you aren't getting scammed. Technically they could block the charge and do another one that gives the money to them, but that is a lot harder and more likely to be noticed.
yeah you try getting people to both sign and enter a pin and wait in line as others do so.
the signing is a FUCKING JOKE. one of the funniest things in USA was self service checkout with a credit card paying option where the "signature" was scribbled on a touchscreen(and captured at maybe 300px80px resolution). perfectly usable for buying stuff with any card you found on the street - on a mighty expensive card processing device.
chip/pin is just how the rest of the world does it. you can pay to pizza guys with it(chip/pin debit cards, cash balance verified on the fly) in finland, they carry portable terminals that cost pretty much nothing(sagem seems to be the biggest manufacturer).
world was created 5 seconds before this post as it is.
I find it interesting that the summary above pushes to point out that merchants will be liable for fraud. As it stands currently, merchants are already liable for fraud. A claim results in the merchant losing the money of the transaction. The bank and user recover the money.
Reading the first linked article indicates that the "weakest link" becomes liable. If the merchant has C&P and the bank has not issued a C&P card, the BANK will be liable for the fraudulent transaction. This is a major difference from the current situation, where the bank would simply extract the money from the merchant and the merchant would take a loss.
@Whee
With the machine that is given out by the credit card companies you need to pretty much touch it, but security researchers have shown that you can use higher powered equipment to read it from up to 15-20 feet away.
Chip and pin is not proximity based. You put your card in a handset and enter your pin to authorise the transaction like at a cashpoint. The handset never gets access to the PIN in the card, only the one you enter on the pad. It's genuinely surprising that there is still somewhere where this is not the standard. I can't remember the last time I had to sign for a card transaction.
Fingerprint is a terrible security mechanism. Not only does it give someone a reason to steal you *finger*, you also leave your fingerprint on everything you touch. Credentials shouldn't be revealed unless you are actually in the process of using them.
Chip & pin has never been about security. It's about the ability for CC issuers to eliminate the repudiation of fraudulent transactions by claiming that their authorization system is fraud proof and therefore every transaction is a priori an authorized transaction: http://www.thisismoney.co.uk/m...
Ross is a security researcher at University of Cambridge.
In practice, it is far more secure to use a written signature than a 4-digit password that is exposed to eavesdroppers, video cameras, interception devices and a plethora of other attacks. That's secure for the person, you understand: it prevents the bank from saying "you must have lost your pin".
davecb@spamcop.net
Actually, modern cards not only have the contact chip but also a "Contactless" mode that can be used for small payments.
So you can pay for your Starbucks or bus fare instantly just by tapping your Visa card, no need to swipe or insert the card and enter a PIN number. This is all still more secure than Swipe & Sign, because the cards can't be easily cloned and theres a relatively low transaction limit.
The signature is useful for forensic analysis of the fraud after the fact.
Can you cite a single case of anyone ever being convicted of fraud because of "forensic analysis" of their signature on a credit card receipt? You watch way too much CSI.
The topic is credit cards.
You use a credit card at a cash machine and you are charged a cash advance interest rate immediately.
Europeans are much more shifty people who steal. This is why you are disarmed, have to register your address with the police, carry an internal passport, go through extensive background checks to be allowed to open bank accounts, register your TV sets, submit to home searches by tax collectors, etc. etc. The data breech motivating this change in the USA was perpetrated by a European lowlife. It's unfortunate that the upstanding people of America couldn't insulate themselves from this foreign pollution.
It allows the Bank to make a good argument for not paying you back, as you must have lost your pin. Previously they had to collect from the merchants, who are much bigger customers of the Bank, and so are listened to more than individuals. This was a problem for years in the UK, until the courts wised up.
davecb@spamcop.net
lolwut? What does this have to do with chip and PIN? You can definitely do that now with magnetic stripe, because all the info is available and unencrypted (there is actually a product that will do it on purpose so you don't have to carry around as many cards), but it actually isn't possible with chip and PIN because it is a challenge response system. There are still some flaws with it, but it is better than the magnetic stripe cards by a long shot. Take your weird fear mongering somewhere else please.
So what happens at a restaurant. The waiter gets the check. You go with him to whether the credit card machine is set up to punch your PIN?
The annoying thing is that Target installed new chip and pin readers before the breach occurred, but the port is sealed and there is no way to use them (and the card companies are not helping, etc., etc.)
And if someone hacks your card, they blame you (because you must have given away your PIN) and you have no way to prove it.
Incorrect. There are a variety of ways that your PIN can be compromised, and banks are well aware of that. Anything from shoulder surfing to keystroke logging will work.
My credit card (with chip and PIN) was skimmed last year (based on the timing I believe from a restaurant in Winnipeg) and my bank removed all of the charges with minimal intervention on my part.
...don't give two shits about us or the company they work for for credit card security.
Signature vs PIN: The thing you know.
Try signing with a line or an X sometime. Try writing expletives into the signature pad. Try writing "SEE ID" in the signature area of your card with a sharpie. The cashier that will notice and/or comment on this is far or few in between. What difference does it make to them if you're committing fraud? None. They still get paid. They (probably) won't be fired. The pin is marginally more secure, if only because it has a computer actually enforcing it, rather than a minimum wage cashier who can't be bothered to check.
MagStripe vs Chip: The thing you have.
The important part of the "Chip and Pin" system is more the "Chip" part than the "Pin" part. It's meant to make the cards far more difficult to duplicate. Right now, it's trivial to duplicate a magstripe. A few hundred bucks worth of equipment and a strategically placed skimmer and you can have your own private criminal enterprise. As I understand the weakness that's been described, it's a replay attack that only works once. (This may be incorrect. It's just what I remember.) That's a damn sight better than the the mag stripe.
Is this some excuse for the banks to push more responsibility onto their consumers for their own data security? Yeah, it is. But I'll take the higher security.
My (Canadian debit) card has been scanned twice, and both times the bank called me up, notified me of the fraudulent charges on my account, and the money was back in my account in under two weeks.
"Old man yells at systemd"
That's because the outdated infrastructure had been economically viable to use, so there had been no reason to update it, until now, that is.
Many ways of the US rely on an honor system. There used to be unattended shops where you take the goods and put money in a box. The box didn't use to require a lock. This might be possible in a small town where everyone trusted each other, but in a city where crime is rampant, this business model is simply not economically viable. Public transportation used to allow monthly or weekly pass holders to board from the rear doors without verifying their passes, but they don't allow that anymore because nowadays enough non-paying passengers take advantage of that such that the honor system is no longer economically viable.
The honor system is always able to absorb a small percentage of fraud cases and remain economically viable. It's only when the fraud rate rises past a certain threshold when the system breaks down.
When a merchant displays a credit card logo, you trust the merchant. When the merchant hands you a receipt and you sign it, the merchant trusts you to pay. Again, this is an honor system. The rest of the world also started off with a complete "out of date" manual-imprint or swipe-card honor system. They were forced to upgrade the infrastructure because they suffered enough fraud such that the old system was no longer economically viable. The new smart card system is designed to enforce contractual agreement so that you don't need to rely on the honor system anymore, making credit payments economically viable again.
The US simply held off this long because the honor system had worked until now. Economic viability is the reason. The bad news is that the US has morally declined to the level of the rest of the world. The good news is that the US upheld its morals longer, being the last to abandon the honor system.
I once had a signature.
If the network hardware was compromised, what would've stopped the hackers from collecting the PINs as well?
The pin is useless without the card and unlike magnetic strip cards the card cannot be easily duplicated
With this increase in security encourage hackers to go after debit cards more - which would be worse for consumers (fewer fraud protections there)?
Not if credit and debitt cards have the same chip+pin system
Will there even really be a difference between credit and debit cards anymore?
It terms of security they will be equally secure
How will this affect online transactions (especially for web developers)?
It won't. Chip and pin does not work online, so other security mechanism's have to be used such as quoting the 3 fig number on the back of the card or a extra verification step involving a password or a one time key.
This sounds like a bigger change than some people realize.
Choose your allies carefully, it is highly unlikely you will be held accountable for the actions of your enemies
For this to be a new system you need to travel back to 1992 when France adopted it.
Anyway, it can't ever be purely proximity based (like the contactless payments systems that you are presumably worried about) because it requires your PIN to authorise the transaction. Since its challenge/response there is presumably little benefit to eavesdropping on one transaction - you're not going to capture anything that will allow you to perform additional transactions in future.
The approximate way that chip and pin works in cards is that unique transaction information is sent to the chip. The chip then signs the response with the entered pin and that's sent for authorization. Even if a particular transaction is sent to the chip from 20 feet away, and the PIN is also sent, the most you'll be able to do is to fraudulently authorize a single transaction. IIRC (may be remembering an obsolete spec, its been a few years) part of the auth is even time-based, so even that's not much use for thieves.
Bottom line though, this isn't new technology. Its used everywhere else on the planet. American's looking at it as if someone's moved our cheese and saying, "This'll never work," just end up looking like Flatlanders in a 3D world - because it totally does work, and has elsewhere for decades. For real.
You're special forces then? That's great! I just love your olympics!