Slashdot Mirror
Visa Claims Chip Cards Reduced Fraud By 70% (arstechnica.com)
An anonymous reader quotes Ars Technica:
Although only 59 percent of US storefronts have terminals that accept chip cards, fraud has dropped 70 percent from September 2015 to December 2017 for those retailers that have completed the chip upgrade, according to Visa.
There are a few ways to interpret those numbers. First, it seems like two years has resulted in staggeringly little progress in encouraging storefronts to shift from magnetic stripe to chip-embedded cards, given that in early 2016, 37 percent of US storefronts were able to process chip cards. On the other hand, fraud dropping 70 percent for retailers who install chip cards seems great. Chip-embedded cards aren't un-hackable, but they do make it harder to steal card numbers en masse as we saw in the Target's 2013 breach.
There are a few ways to interpret those numbers. First, it seems like two years has resulted in staggeringly little progress in encouraging storefronts to shift from magnetic stripe to chip-embedded cards, given that in early 2016, 37 percent of US storefronts were able to process chip cards. On the other hand, fraud dropping 70 percent for retailers who install chip cards seems great. Chip-embedded cards aren't un-hackable, but they do make it harder to steal card numbers en masse as we saw in the Target's 2013 breach.
Seems I heard that Oct the Chip Readers were mandatory. Seems not yet - can anyone fill in these blanks?
Fraud with Card-not-present (e.g., buying things online) is going up.
Now we have one great place left for skimmers to set up: gas pumps. I have yet to see one that is NFC capable or that included a chip reader.
And in the past three years, I've had my card skimmed twice -- it's become annoying enough that I ended up relegating a single card to gas station use, so that when it gets skimmed again I won't need to cancel any sort of auto-pay setup against it.
It's crazy to me that credit companies don't get stricter with gas station owners.
fraud has dropped 70 percent from September 2015 to December 2017 for those retailers that have completed the chip upgrade, according to Visa.
For years credit card companies allowed people to be defrauded because it was cheaper for them. When they were forced to use better security they tell us "Surprise, it's more secure! Who knew? Nobody knew!" Assholes, all of them.
Anons need not reply. Questions end with a question mark.
Seems I heard that Oct the Chip Readers were mandatory. Seems not yet - can anyone fill in these blanks?
They've been "mandatory" for a while now. But many of them don't work.
A group of retailers filed a lawsuit over it but I don't think it has gone anywhere.
When they first deployed the chip cards, I had mine for all of two weeks before it was compromised by the wait staff at one of the restaurants I frequent :|
So the wait staff managed to duplicate the chip in your card? Where do you eat?
Sig ?
Meaning in Canada, we've had cards with chips in them for more than 10 years already and pretty much every single stores have a chip reader and very few actually accept magnetic cards anymore.
Taco Bell
As a business owner who takes credit cards and crypto exclusively I can say we have had 0% of crypto transactions turn out to be fraudulent. You might not like crypto currencies for one reason or another- but I love em. I also have increased our profits by about 33% because of crypto currencies. Please- if you want to get rid of your crypto spend it at my business!
They aren't mandatory but they do charge higher fees to process the transaction if you don't use the chip. Online card purchases still act like swipe cards since all you have is the basic info so it's not like they can just force all transactions to work like using the chip.
So you handed them your pin, and it's their fault? You understand how this works right? You plug your card into the terminal, then enter your pin. If it was compromised, then it was a plain old skim because the business hadn't rolled over to chip & pin and were exempt from requiring *you* from entering it.
Om, nomnomnom...
"Martha? Would you ring up Woodrow 2-4-2 and ask the president of the bank to wire $10,000 to Sparky up in Reno out of my account? It's 5-4-7-9. Thanks!
what the bull leaves out in the pasture! I will dissect anything I purchase if I decide to! If I can not I do not want it in my life.
;)
Just my 2 cents
They are not mandatory. BUT the retailer is now on the hook for fraud. Not the CC co. or the processor. The retailer also must buy the new equipment. If the CC co.s really wanted to stop fraud. They would provide the readers themselves. Payback would be less than a year.
But they DON'T want to prevent fraud, they want to prevent liability, which they they have.
Why does Visa need to make this claim now? The rest of the world has had this technology for over a decade, wasnâ(TM)t there already enough data? Why would the US roll out be any different?
In the US typically it is chip only, no PIN. Plus the card could have just been swiped. As pointed out in the article, 41% of storefronts don't have chipreaders.
Can I please have it this way instead? "Visa caused 70% of fraud by not implementing decades old system earlier than they did."
The glass can be half empty.
In the US, very few chip cards come with chip PIN's (these are distinct from credit card ATM PIN's for cash advances); most have you sign something or nothing at all.
Most USA issued CC's are chip and signature. No PIN is required.
Coincidentally, didn't the number of retail card terminals in stores not yet shut down by Amazon has also declined by nearly the exact same percentage during nearly the same time period?
So the US is still 10-15 years behind Canada then is what you're saying. Up here if you don't enter a pin, you can't complete the transaction. I also mentioned the cloning bit in my comment, which makes the original posters point about "omg chip & pin is a failure, it was all their fault" again worthless. Chip & pin didn't fail in that case which is what they were trying to make as a point.
Om, nomnomnom...
A decade on and America still isn't chip and pin. Meanwhile the rest of the world has moved on to the next thing.https://www.cnbc.com/2017/10/08/china-is-living-the-future-of-mobile-pay-right-now.html
In the US, very few chip cards come with chip PIN's (these are distinct from credit card ATM PIN's for cash advances); most have you sign something or nothing at all.
Here's how it works up here. Bank card + pin = direct withdrawal from your bank account(see Interac system). CC, again requires a pin. CC+Pin = billing directly to your CC. You don't sign for things up here unless there's a widespread terminal failure and the company still has an old fashioned carbon-copy style credit device available.
Om, nomnomnom...
which makes the original posters point about "omg chip & pin is a failure, it was all their fault" again worthless.
Go re-read the original post again.
When they first deployed the chip cards, I had mine for all of two weeks before it was compromised
There wasn't any original posters point about chip and pin, let alone a claim that chip & pin failed or worked or did anything.
It says chip card, and yes I will add to that: the chip WITHOUT PIN system has failed, to no ones surprise.
The first mention that chip and pin has failed came from your post. The second mention of chip and pin is also from you and quoted at the very top of my post here.
Literally you are the only person that used the words "chip & pin is a failure"
Why would a thief bother duplicating the chip, when they can do all the online purchases they'd like with just the name, number, expiry and CVV?
This space intentionally left blank
It says chip card, and yes I will add to that: the chip WITHOUT PIN system has failed, to no ones surprise.
Idiot.
somewhere my card will be out of sight for any length of time.
They didn't use the chip system in the US(requires signature). Didn't use the pin system. They were compromised by swiping.
....which really surprises me.
I mean....who the hell has even used a cheque for what?...15 years now ? I haven't even seen one in decades......most kids don't even know what they look like.
CHIP+PIN is even old hat. I use Paywave mostly, for when I have a card with me, and contactless/cardless for when I just want to grab some cash and I don't have my card.
Sending money between banks/accounts using BSB/Account number is commonplace. Every Sunday I sit down, log onto internet banking, pay all my bills (even to just normal people) via the net, then I'm done. Takes all over 10 minutes.
Pay my landscaper guy ?..no problem...just transfer the money straight to his account.......bang, done. Pay my petsitter ?, send straight to her...bang, done. Pay my utility bills ?....same deal.....done.
The real question is, why is the USA so backwards on these things ?
Chip and signature in the USA was designed to combat card skimming and cloning of mag stripes - it can't stop other kinds of fraud. Yes, it can help prevent fraud of stored data as chip data is different then mag stripe data - but the root of the fraud is cloned mag stripe data - often from skimmers.
If no terminals accept mag stripe, then cloned cards won't work. Someone can still copy the data off the front and back of card visually, and they can still clone the mag stripe. But then the fraud is reduced to Card not present (that won't change with internet and phone orders) and mag strip fraud will go away if all terminals require chip.
Chip and PIN is used to combat card theft, but that is only a tiny part of fraud. The credit card companies are going after what makes the most sense. And in the USA most people have multiple cards, so they have to figure out how to give all those cards PINs - not an easy problem to solve.
The chips are nearly impossible to duplicate. If you had technology to clone one secretly in a minute or two you could probably make far more money by selling that than you could steal from credit cards.
Of course the chip is absolutely not needed to run up huge fraudulent charges on a credit card, so the whole thing is kind of silly.
The technology exists to read the credit card chip over the internet, but maybe they think the cost of tens of millions of card readers would be more than the cost of fraud for as far into the future as investors care about?
For the bank info, the problem is that account numbers are treated as the sacred piece of info. You pull money with a routing and account number and protect those numbers like a credit card number. Everywhere else, banking works on a push basis where the account number is merely a destination. It's all about legacy systems and backward compatibility.
why the fuck haven't fees gone down?
You don't even need to do online purchases. After 2 years, the chips on 2 of my cards are so flaky that they often don't work. It works every now an then, but usually it ends up telling me to reinsert the card, then after the 3rd failed chip read it tells me just to swipe it. Never once has a cashier given it a second though and asked to see the card or ID. They just act like it's routine (which wouldn't surprise me if it were). So really all they need to do is clone your card onto a card with an intentionally defective chip and they're back in business as usual
That’s why restaurants use portable card terminals. The card never leaves your sight.
...si hoc legere nimium eruditionis habes...
Why would your card ever be out of sight at a restaurant (or anywhere)? The chip processor is a handheld wireless device about 1.5 x 3 x 6 inches. The card slides into the bottom and you take the whole device to privately enter your pin.
Shift the risk. Make merchants with no chip capability liable for fraud.
cards are starting to get old now
I use Android Pay. As far as the terminal is concerned, my phone is a Visa Paywave card.
While all the terminals in New Zealand support NFC, a lot of merchants don't have the option enabled as the transaction fees are lightly higher. Some don't accept credit cards at all, as debit cards have no transaction fees.
Use Apple Pay. Then you don't have to use the chip reader.
To return the over charge to consumers that paid that fraud.
Meaning in Canada, we've had cards with chips in them for more than 10 years already and pretty much every single stores have a chip reader and very few actually accept magnetic cards anymore.
I never had a problem with my magnetic US credit card in BC or Quebec.
Why would your card ever be out of sight at a restaurant (or anywhere)? The chip processor is a handheld wireless device about 1.5 x 3 x 6 inches. The card slides into the bottom and you take the whole device to privately enter your pin.
I go out to eat fairly regularly at a number of restaurants..Of the very few restaurants I frequent that do have chip readers, (mostly chain/franchise types in the northern Midwest US) only a handful have rolled out chip reader terminals and those are all, every one, a small-tablet sized appliance physically attached to the cash register. I imagine the smaller, more portable, wireless types cost more and/or are more recent models.
I always wait and pay at the register on the way out, I never allow wait staff to walk away with my card. Also, because many of the chip reader terminals in this area that do exist are very unreliable so at least half the time I end up having to swipe & PIN anyway, I use my card much less in favor of cash transactions now.
I think at least some of the reduction in CC fraud reported in TFA can be accounted for by people using cards less and so there is less opportunity for criminals to obtain CC details.
I could, A, use chip and pin around the world with my US based debit and credit cards and, B, every single place in the US that had a card reader had chip based systems.
"Mandatory" is a very flexible term. Merchants can, in theory, still imprint cards with a knuckle buster and deposit those in the bank like checks.
The actual rule is that if you don't use a chip card reader, and there's a dispute, the merchant pretty much automatically loses. For merchants who don't have problems with fraud to begin with, it's an expense they can easily do without.
That's why the 59% that have adopted the new technology have produced such a disproportionate reduction in fraud: They're the ones who have the most fraud to begin with.
I've never seen a chip reader that didn't also have a mag strip reader as well. When I was in Iceland a year and a half ago, the card I used for nearly everything didn't have a chip. The only place I had trouble with it was buying fuel, and that wasn't because it didn't have a chip, but because it didn't have a PIN (which it could have, if I'd known to set it up in advance).
An increasing number of stores are refusing to swipe when the chip isn't working. (My employer does.)
The reason is that thieves will deliberately damage the chip and reprogram the mag strip with a different number than is on the card (if there is one, these days), which is the old fashioned form of credit card fraud all over again.
You really need to call your bank and tell them to replace the card. Otherwise, eventually, you won't be able to use it at all.
I mean with 70% less fraud, surely they can reduce merchant fees from 3% to 2%?
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
For somebody who uses a non-Apple device in order to run applications that have no close substitute on iOS, is it worthwhile to buy and carry an iPad mini just for Apple Pay?
What. The. Fuck.
Online purchases use verified by visa or MasterCard Securecode over here in Europe. Stores that use those have vastly lower card fraud (95%) since these essentially are 2FA (in most cases; some issuers use a simple password instead of a good 2FA app or dongle). The only stores that don't use them are small outfits like PayPal and eBay who cannot afford to invest in programmers who could implement this feature while major corporations like the corner mom and pop store do support it.
I returned from a 10-year stint in Australia, where I stopped carrying cash, wrote only two checks, and for purchases under an amount set by the merchant -- $30 in some cases, $100 more typical -- simply tap the card, faster than cash. I looked into it here and the friction apparently was the cost of the chip. Apparently not. Anyone know what the heck is keeping tap-pay from becoming a thing if the chips are already on the cards?
As to card details being compromised for online purchases, hate PayPal all you want but with it (and 2fa) I finally got cancelled cards under control and some peace of mind.
In Europe, handing your card to wait staff and letting it out of sight is considered being negligent and you're liable for all charges made to the card. So you do the right thing by not accepting wait staff to take your card (or by following them to the reader).
Visa has always made money on fraud.
https://www.reuters.com/article/us-creditcards-settlement-interchange/visa-mastercard-banks-in-7-25-billion-retail-settlement-idUSBRE86C16H20120714
International Visa, in countries with cardholder protection, have had chips for and photos decades.
Fraud rates vary from low - a Catholic book shop, to very high - Mail order laptop with no previous history. Should fraud occur the stores commission will rise uncomfortably, so usually the store takes the hit. So is the take 1% or 3-5% by Visa.
Given facial reconition IS for sale, any US driver photo, fraudsters do wear a greater risk of identification even 10 years later! In Australia, Bulgarian ATM skimmers are often matched with arrival photals.
So the questionis, will merchant fees be falling anytime soon - in light of the 2012 collusion settlement.
Same thing in Europe - chip cards rules since at least 10 years now.
Just minor problems that are easy to resolve by cleaning the chip contacts against the shirt whenever there's a problem.
This seems to be pretty much a symptom where the US is - way behind on a lot of things these days compared to 50 years ago when the US was the leader in technology.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
There is a Bulgarian startup that offers users the ability to use only the EMV chip and bypass the magnetic strip. I have officially aksed all banks on their opinion of this product, and received emails from maybe 1 or 2 banks only, that were sketchy. My main question was if my card has both an EMV chip and a magnetic stripe - if i block the stripe with SkimProt does this invalidate my card in some way, could it cause issues with ATMs etc. Nobody bothered to answer me, so i simply went and got a card with ONLY an EMV chip and no mag stripe. But you have to ask for it. In the USA most retailers cant yet read EMVs though, kinda backwards.
with the rollout of contactless pickpocketing.
This perpetual motion machine Lisa made is a joke, it just keeps getting faster and faster. - Homer
100% stores have accepted chip cards for 10+ years. And now you can make contactless payments everywhere. Almost no one uses magnetic stripe. Americans still do. And they write cheques.
You don't sign for things up here unless there's a widespread terminal failure and the company still has an old fashioned carbon-copy style credit device available.
You only need a carbon-copy device if the power is out or all your terminals are broken and if the power is out there's no lights so most likely the store will close. It's far more common that the Internet connection is down, then it goes into offline mode where instead of the regular receipt it spits out a bill that I sign on, at least that's the way it works here in Norway. I'm not sure if they send it electronically later when it reconnects and the signatures are just for disputes or if the store needs to deliver the paper bills to the bank, but cards eventually get charged and usually everybody is happy.
When that happens the store is on the hook for fraud as you could potentially use a debit card with no money or a credit card in excess of the limit. I'm not sure if they have offline blacklists for blocked cards, so potentially stolen cards too. But unless you're running around with wire cutters that's not something a fraudster can plan for and it's up to the store to get it fixed in a timely manner or invest in redundant connections or simply refuse large/all transactions. Tough in practice I've never been refused in ages, except when the office cafeteria's single terminal was broken. But they took IOUs on a piece of paper...
Live today, because you never know what tomorrow brings
That doesn't match my experience.
Those 41% must be in the flyover states where the rubes and hicks live.
What the fraud rate would have been if we'd done what we should have done and gone to Chip&Pin?
Even though I have PINs on all my cards, only Target uses it. Even in Europe and India my cards comes up "signature", not PIN.
But if the fraud rate is low now, that probably only means that the crims haven't figured out how to defraud it – yet.
P.S. I'm still waiting for restaurants to get the portable readers that the wait staff bring to my table and my card never leaves my sight.
The tech giants are American because Americans are good at business - monetizing inventions and mass producing. Invention as such happens elsewhere. GSM was invented in Europe, Nokia and Ericsson are European companies who did early smartphones - Samsung is an Asian company - and so on.
Americans are great businessmen - but innovation? Nope. Occationally, something nifty comes out of the US too. Still the best microprocessors, keeping the lead aquired in the 70's...
A fucking citation is needed. There were phone payments long before {Apple|Google} Pay. From dumbphone SMS to RFID on SIMs released a year before the iphone ( https://en.wikipedia.org/wiki/Mobile_Suica ). Sure you are right if you want to narrowly define smartphones to something released since the iphone.
Sometimes the cure is worse than the disease.
Why do you give away the card number and all that? If you have a chip, the chip is all you need. So, cut or melt the raised numbers - you don't need them. (Well, write them down somewhere else , for your internet shopping. You don't need a number on the card you use in chip readers.) Also destroy the magnetic stripe. Sand it off, or heat it or de-magnetize.
Now there is no way for fraudsters to get the information, short of reading the chip. Which is not trivial at all - the chip is a small computer, there is end-to-end encryption between chip and card company. The numbers are not available inside the card reader - a cleverly hacked & reprogrammed card reader can't leak the numbers because all the reader can do is pass on an encrypted data stream.
And if you think you need the numbers or magstrip for fallback solutions - keep an extra card for that purpose. The card you use for everyday transactions in chip readers should be the one with no stripe and no raised numbers. Nothing for skimmers to see, so no mysterious items on your bill. No opportunity for a waiter to sneak off with the card number as he handles your card either - not even if they have an extra mag strip reader for their fraud racket.
No, you can't have it that way. Visa and MasterCard were the ones who created that decades-old system in the first place and they've been pushing very hard (and overall very successfully) to get it accepted throughout the world ever since. It's pretty much just the USA that has been refusing to allow the chips despite MasterCard/Visa's efforts.
The real question is, why is the USA so backwards on these things ?
Your life sounds a lot like mine. The real question is why are so many people outside the US so ignorant about how things work in the US? And why do so many of you keep trying to tell us how backward we are when it's clear you don't even have a clue?
Yes, there are still plenty of dinosaurs writing checks. In a country of 340M where probably at least 80M are over 60 years old there's bound to be a few. I dare say you've got a few over there too, where ever over there is.
Although it's true we still print these silly $1 notes, even when we've got a perfectly good $1 coin and a $2 note. It's nearly as bad as India, with their R10, R20, and R50 notes (worth about 6, 12, and 30 cents respectively. And silly /. will handle £ and € but not the cent sign. 1980 called, it wants ASCII back.)
I can't seem to understand how the US can be so behind the curve on some really important issues. One of them regarding financial/banking issues is the matter of the freaking chip&pin cards (or more the lack of proper use of them). Never ever have I seen any US store require chip&pin authentication, they always just read the chip and make you sign, which is crazy a**stupid. I thought they saw finally the light when chip cards were getting introduced - very, very, really late vs. everyone else -, but introducing such a half a**ed solution is idiotic, and nothing seems to change.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
It is always funny when Europeans think plastic cards are "technology".
Plus it seems if a reader can't read the chip after 3 attempts, it will let it go through as a mag strip tranaction.
It is even worse than that. They don't have to deactivate the chip and fail it 3 times. In the magstrip there is a bit that tells the terminal this is a chip card. That's how it knows when you swipe it and then it prompt to insert the card.
All the criminal has to do when they rewrite the card is flip that bit so the terminal thinks it is a prechip card and it will work on the 1st swipe every time.
It's far more common that the Internet connection is down, then it goes into offline mode where instead of the regular receipt it spits out a bill that I sign on, at least that's the way it works here in Norway
Here, in my part of Canada, if the retailer/restaurant’s internet connection goes down, the hand-held terminals just flip over to 3G or GPRS wireless, and conduct the transaction through the cellular network.
...si hoc legere nimium eruditionis habes...
Meaning in Canada, we've had cards with chips in them for more than 10 years already and pretty much every single stores have a chip reader and very few actually accept magnetic cards anymore.
I never had a problem with my magnetic US credit card in BC or Quebec.
You wouldn't. Liability in this case is at your own bank (the issuer)
The way I understand it, if the acquiring bank supports chip and the merchant doesn't, then the merchant is liable for fraud. If the acquirer (in this case Canadian bank) doesn't support chip, then the acquirer is liable.
If both the acquirer and the merchant support chip, the issuer (your bank) is liable. So they have no problem with you using a magstripe. In case of fraud, your bank is liable.
---
Moving to chips had nothing to do with fraud, It had to do with liability. If a store uses chip + pin and there is fraud the bank eats the loss, If they use chip with no pin or swipe then the vendor eats the cost on fraud. Some low cost per transition sites still swipe because they are willing to eat the cost in favor of speed. Other locations where product value is high or % of fraud is high have gone chip. With checks pretty much going to way of the Dodo birds and even for the few that accept them, they technically dont accept checks but do an ACH from your account. (ever get your check back at the register, guess what ACH).
Meanwhile China is getting further and further ahead.
Meanwhile China is getting further and further ahead of you.
In Sweden you can get a wireless Chip terminal for as low as 45$ but more common is to pay a monthly fee for a payment solution which would include a wireless terminal. The exact cost would depened what service you need but a basic one would cost around 40-50$ pretty month.
Heck a very small boardgaming meetup (30 people maybe) I went to this weekend had a wireless chip terminal in it's temporary cafeteria that only served drinks, candy and toast.
i still don't get the point of the chip when half the websites don't even need the ccv number from the back. and once i paid my time warner bill using the wrong expire date.
Nope. European dumbfucks decided it was a good idea to put electrical contacts on a plastic carded stored in a wallet. A stupid idea plainly obvious to anyone who even understands the most rudimentary fundamentals of electronics, or ever used a game console with rom cartridges, but you fools adopted it anyways. American banks, also not being very smart, copied a bad idea.
Good news then, most cards have been replaced with NFC capable chips and most terminals support contact less payments (gas stations being the only exception I've seen so far). So put some insulation tape over the chip if you wish (or use your NFC capable phone instead). Bad news is that most banks over here had the terrible idea to not require PIN for payments 50 EUR of payments ago.
Anything made by a human industrial process is technology. Plastic is technology, as is recording binary data on magnetic film or within microchips.
Misguided national pride made you post a comment that makes no sense.
We don't. But out standard cards have been just fine accepting mobile phone NFC payments long before Apple claimed to invent the idea. Hell I rarely use my card.
As for plastic technology ... who developed NFC? The Japanese working with the Dutch. You're welcome.
If you ave a decent card issuer, using your card without the ccv should raise a fraud alert
My first smartphone was an i-mate SP2 in 2004.
i-mate is an Irish company. It was built by HTC, a Taiwanese company.
Nokia, Philips and Sony invented NFC, none of which are American companies. One Finnish, one Dutch and one Japanese.
ARM is a UK company, which powers pretty much every smartphone ever.
Where is 'Murica in all this innovation?
Funny when Americans think that wirelessly powered computers used for strong crypto embedded in plastic cards are "just plastic cards".
It's not the ancient plastic cards that are technology, it's the computer embedded into them, and the crypto, NFC, wireless power and other things used around them that make them technology. Is it just because the US is the last in the world to start supporting this that it's "backwards"?
Learn to love Alaska
oh.. and first smartphone NFC trial was by Innovision (at the time, a UK company), using a Nokia 6131 in the UK in 2007
Apple's first NFC equipt product, the iPhone 6 came out in 2014
First Android phone with NFC was the Nexus S in 2010
In Europe, where the chip cards have been around for a while, you don't give away your card. You keep it in your hand to pay. You handed your card to a stranger who went into the back room with it. And you don't see any problem with that?
Learn to love Alaska
Not as funny as when Americans think a taxi service offered through a website is technology, though.
What's so stupid about it? It has been working flawlessly for a long time...
You don't need to clone the chip, all you need to do is damage it.
If a terminal fails to read the chip, it will accept a mag strip.
You'll probably have to swipe it - and be prompted to insert it, insert it - and be prompted to swipe due to read failure, then swipe it again
It may ask you to insert it multiple times before allowing a swipe.
Who invented smartphones
Nokia.
and smartphone payments
Merita Bank, Ericsson and Nokia. The technology currently used for contactless phone payments was invented by Philips, Nokia and Sony.
The tech giants are all AMERICAN, skippy. Europe is NOT where innovations originate.
'Tech' giants are not where innovations originate. Innovations usually come from Europe or Asia and occasionally from America, but rarely from 'tech' giants. Those are simply companies offering online services for a fee or in exchange for access to your private data.
Or maybe a refurbished iphone SE? I think that would be cheaper, and a smaller form factor
And in England we have a homeless man who sell magazines instead of begging, who accept cards...
http://www.bbc.co.uk/news/av/uk-england-bristol-43131050/bristol-big-issue-seller-goes-contactless
Yeah I wanna tap muh card - but all of my local retailers have the slide-type only. Half of them are bolted in a fixed position that you can't rotate, and they usually have a riser shelf, or some display mounted right next to the slide! Someone here earlier referred to these as "knucklebusters" - sounds like an apt name.
All I can say is that this "stupid idea" has been working for years over here in Europe.
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
How did that happen?
Good luck finding a shop outside the US that will accept a cheque. Since cashiers tend to be young, odds are it will be the first cheque they see in their life if you try it.
See Ross Anderson's "Light Blue Touchpaper" for a timeline, https://www.lightbluetouchpape...
As other writers noted, Visa has 70% less fraud because they can now disclaim responsibility for all the fraudulent charges on the older, more popular equipment. There might be a small decrease in fraud overall, but the "70% less" is really "70% the merchant has to eat, as we're not accepting fraud reports from their equipment".
davecb@spamcop.net
You should try visiting France sometime!
A "Knuckleduster" is the old school device that would imprint the card on a carbon paper reciept. This was how we did it before the magnetic stripe.
I used to work for a software company that desgined POS systems for the entertainment industry. It's a well known fact that EMV in america does reduce actual physical card fraud, but actually drove eFraud way up. When we're trying to sell a customer on implementing chip & pin we tell them that it reduces fraud (but we're talking about people who physically possess the card, and neglect to mention that overall it doesn't reduce it at all.) There are other horrible things that come along with EMV implementation too. For starters, almost all EMV terminals (card readers by Ingenico, FirstData, etc.) send their traffic over ethernet. For most companies, this means they now have credit card data going over their network instead of over a phone line like the past. This means THEIR WHOLE NETWORK now has to be PCI-DSS compliant (or sectioned off very carefully), which is a fucking nightmare. I'm too lazy to look up the studies about how it increases eFraud but the marketing team has shown it to me before.
No kidding, the chip and pin technology has been around since the mid 90's, and all of my cards have had it for at least a decade if not more.
It's surprising to go to the US and see the backwards ass retail payment system.
Bragging how decades old technology designed to reduce fraud actually works to reduce fraud has to be looked at in the context of the fact that it's taken this long to deploy it.
If Visa gave a damn about preventing fraud, they should have rolled this out years ago. This is hardly new technology, and it could have been preventing more fraud for a very long time.
European dumbfucks decided it was a good idea to put electrical contacts on a plastic carded stored in a wallet.
Yeah, really dumb to have something that actually works reliably for at least the three year card life.
I've never had a card misread, and never had to clean the contacts.
The degree of caution that card issuers call for depends on the site. Online bill payment is a low fraud situation. People just don't seem to use stolen credit cards to pay their electric and cable bills, perhaps because the ongoing relationship with the provider would make it too easy for them to punish you later for fraud.
I've been to France countless times. Never seen a cheque. They do like credit cards, though. Even supermarkets accept them.
once i paid my time warner bill using the wrong expire date.
My bank issued me a new credit card number as a "security precaution".
I logged into Paypal to update my number and it already had the new number. . .
"...although only 59 percent of US storefronts have terminals that accept chip cards, fraud has dropped 70 percent from September 2015 to December 2017 for those retailers that have completed the chip upgrade... it seems like two years has resulted in staggeringly little progress in encouraging storefronts to shift from magnetic stripe to chip-embedded cards, given that in early 2016, 37 percent of US storefronts were able to process chip cards."
There are still many storefronts that cannot process chip cards, but this statistic ignores the matter of the size and volume of the stores. In general, the big stores that do the most transactions have converted; smaller stores lag behind, as do gas stations. (I have not yet encountered a chip reader at a gas pump.) So the percentage of transactions that are chip-enabled is likely higher.
Another variable: the number of customers who are actually using the chip readers. In early 2016, some stores had the readers but they didn't work yet, or if they did the customers were not yet being encouraged to use them. Many stores now have their readers programmed to refuse swipe transactions if your card has a chip.
I'm amazed that so few storefronts are actually using the chip readers. Most large retailers have had them since the Target hack, but then there are some places like Mariano's who still don't have them. I'm kind of surprised they're willing to eat the losses from fraud.
Can I please have it this way instead? "Visa caused 70% of fraud by not implementing decades old system earlier than they did."
The glass can be half empty.
Presumeably, with less fraud, the fees paid by merchant and by consumer should drop, or am I joking?
Leslie Satenstein Montreal Quebec Canada
Maybe it's a north/south thing but I can't count the number of times I've stood in a supermarket checkout line at Leclerc or Carrefour while someone pulls out a chequebook. The checkout clerk sometimes even has a printer which fills in the amount automatically. There are cheques for everything here - restaurants, vacations, school, you name it. Sure, they like cards as well (though to be fair these are more like charge cards than US credit cards) and they are chip/PIN or contactless.