Good luck. Banks are required by law to have your SSN, and to report any interest income you get on your money.
The real corruption in this is that nobody will go to prison, despite 1.5 million instances of identity theft. Not a single person will spend a single day behind bars.
Why on earth would banks not do this? There is no downside. The fine is going to end up less than the ill-gotten gains. Pure profit.
Indeed. California is unique in that audio recordings without permission of all parties is a felony, nor a misdemeanor, or a civil offense. So, actually, not "jail" so much as "prison."
That's far better (in that it wastes less of your time) than
"Hi, it's, um, I need you to, there's this thing that's not working, er, can you help, look, I really need, my computer, you know, . .." for about 20 minutes, with not one complete sentence in it.
Don't associate people who having nothing to say, but insist on saying it constantly. If your job really requires that you get hundreds of emails a day, odds are, you really should be replaced by a robot. Made out of Legos. With no moving parts.
Laughable if they're local to him. Not even possible if they're not in the same state.
and will also smear their name all over the internet.
Either they won't be afraid of that because they're stupid, or they won't be afraid of that because they know he's nobody, and nobody will care. Or they'll sue him for extortion.
If they were calling this a discount for accepting advertising instead of a premium for lack of it, nobody would have an issue with this. The only difference between the two is that this is a stealth price increase that they hope will bypass regulators' notice (it might).
Mainly, this means that Comcast's PR people are idiots, but that's hardly news.
In theory, our system has a modem backup system for credit cards. To the best of my knowledge, it has never been used a single time. When credit cards go down, it's either because our T1 is down (and takes the phones with it) or the bank's computers are down (and nothing can connect by any method).
The world has come a long way in 8 years, and the US perhaps has a different view of business internet (which is far more reliable - if you do it right - than consumer internet.
I suspect you shop at stores that care more about pinching every penny until it cries than they do about top of the line customer service.
We spend a lot of money on our new pads, and that after some pretty competitive bids (our merchant service is run by a guy who has a pathological hatred of our POS vendor, so we got a deal-deal), and it was a very worthwhile investment. We actually get comments from customers on how they thought the slowness was inherent to chip cards, and how pleased they are that it's not true in our stores.
Target was one of the few national retailers to implement EMV by the deadline in October. They had a hell of an incentive.
In my experience, that's slow with good equipment. Ours take about one second on mag strip, and less than two on chip. Maybe we have better equipment than what you think of as top of the line?
You are correct. Everything is tokenized. The actual card information is not necessary, and responsible merchants implement P2P encryption specifically to avoid seeing it. (It makes PCI compliant a lot easier. In our case, we got from over 300 questions on the compliance document to a couple dozen.)
1) wrong - the chip contains the same information as the mag stripe in unencrypted form and is just as easy to read out.
As I said, point-to-point encryption is separate from (and dependent on) EMV. Not using it is a choice on the part of the retailer. For now. The credit card companies are (just barely) smart enough to not force two brand new, more complicated to program for technologies onto merchants at the same time.
Many large chains will read that info to match you against their databases for marketing purposes just like they do for magstripes
They don't need card info to do that. That's the purpose of "rewards cards," after all, and they get tokenized information that still uniquely identifies the card holder, even if they don't actually know the name. And the demographics info is far more valuable to a big retailer than the specifically targeted advertising (though they obviously prefer both).
(there was never any reason to keep track of any card info).
In fact, merchants used to have to for accounting purposes. Plus, in a lot of cases, it's the only way to reverse a transaction. Now, a unique (one time) token is given instead of the card number as part of each transaction. This meets the accounting needs, and allows a transaction to be reversed, without revealing card info.
I work with some small retailers, the chip continues to work even when their internet is down, the full info needed for a transaction resides on their POS, chip or swipe - unencrypted and employee accessible.
Only if the merchant (or, more likely, their POS vendor) chooses to do so. With P2P encryption, the offline transactions are still encrypted, and the merchant cannot decrypt it. It gets sent, encrypted, to the merchant service for processing. All the merchant ever sees is the tokenized results. If they fully implement both EMV and P2P encryption.
The only difference is that now the retailer is responsible for all losses and fraud committed with chip cards. This is a big reason retailers want you to continue swiping, a fraudulent swipe is at the loss of the banks, chip card fraud which is just as easy is at the loss of a retailer unless you can prove the chip card was fraudulent.
Here, you simply don't know what you're talking about. The new rules are that the entity with the lowest level of security is liable. So if the bank issued a chip card, and the consumer used the chip card, and the merchant processed it with the mag strip, the merchant automatically loses all disputes. Automatically. Period. (This is from personal knowledge. Our POS vendor took their sweet time, as many did, in implementing and testing EMV. The new rules went into effect in October of last year, and since then, we have automatically lost all chargebacks on chip cards. It was a real incentive to get things deployed once it was available.)
2) In many cases the chip won't work. If there is a mismatch in your payment processor configuration with what the chip or bank expects,
If this isn't fixed quickly, you should sue your POS vendor for fraudulently claiming their shit works.
it just doesn't let you swipe or chip unless you chip 3 times in a row.
Manual overrides are allowed (our system has provision for it). But that shifts liability back to the merchant for not using chip. Most merchant (that know what they're doing) don't like it, because it's an easy access for fraud with stolen card numbers without having the original chip.
I have a business card which I requested to be fully encrypted (so it doesn't have the unencrypted data). The card doesn't work at large retailers like WalMart, Home Depot because they only use unencrypted data.
That's their choice. You should talk to them about that. Or not shop at
We actually have the hardware for NFC (near field communications), and I think it's implemented in point of sale as well. We haven't explored it so far because we've had no one ask for it.
Apple Pay, we've had a few queries on, but that's a mess of ideas that are only beneficial to Apple, at the expense of the merchant. (The biggest objection is that it hides transaction information from our marketing people. And I get why some consumers would like that. But it doesn't hide the marketing information. It hides the marketing information from us, while sending it to Apple instead. And they don't have as good a track record on handling it appropriately as we do, and never will.)
For a disaster, it's been pretty mild for my employer.
Several points to consider, from my personal observations (as the IT guy in charge of deploying and training on this):
1) Chip & PIN vs. Chip & signature. Yeah, chip and PIN is more secure for the consumer, but EMV isn't about security for the consumer. That's not at all the point of EMV. The point of EMV is to protect the banks, who eat the loss, when somebody breaks into a big retailer and steals 120 million credit card numbers at the same time, because PCI compliance hasn't been enough, and never could be. EMV is the half of the new system that gets the news coverage, but the other half, point-to-point encryption, is more important. The transaction gets encrypted in the credit card pad, and the merchant never sees the card information. So if you break into their network, there's nothing there to steal. The benefit to the merchant is that PCI compliance is a hell of a lot easier (and less expensive). The benefit to the consumer is that their cards are, in fact, less likely to be compromised (because that kind of break-in is a huge part of credit card fraud these days), so less hassle waiting for a new card.
But in the US, the consumer isn't protected by the technology, they're protected by the law. If your card is stolen, you're never responsible for more than the first $50 (and if you're bank gives you static about that, file a complaint and open an account with a bank that isn't crooked).
2)It's not confusing, it's just different. The process isn't any more complicated, it's just a different process. So the cashiers need about one minute of training, mainly by me buying a soft drink so they could see the new screens, and then they had it down (because we don't hire idiots as cashiers, and we train them), and the customers will need a few reminders for a while. The only two actual issues we've had (both very minor) are that we used to not need a signature for transactions under a certain amount, and we need a signature on every transaction now (because it's chip & signature, not chip & sometimes signature - but I expect that to be relaxed very soon), and we have to remind the customers to remove the card when it's all done (and our system actually helps on that, because it won't let them sign until the card is removed, which reminds the cashier to remind the customer). The pads could beep a little louder, but it's not a problem.
3) It's only slower if you bought shitty equipment. I've seen very slow chip card transactions. They're pretty much always the cheap-ass little standalone terminals that small merchants get on a lease from their merchant service (who don't care how slow it is). The reason for this is that the pad is doing the encryption, and that requires a certain amount of processing horsepower. Ours are new, expensive, and high quality. The difference in time processing a chip card and a mag strip card is less than one second. Barely enough to notice. Other big chain stores I've been in that do EMV also have new, expensive, high quality pads, and they, too, are basically just as fast either way.
So no, it's not the end of the world. Just more hysteria mongering from somebody who has a book to sell, or just hates all change, even for the better. In other words, it's a day that ends in "y."
You obviously have no idea how much money the Getty has. A billion dollars is not even enough to affect the CEOs bonus. Not even a speed bump. It's nearly petty cash.
No, they're not. She licensed the Library of Congress to distribute them royalty free, but did not place them in the public domain. In fact, the license to the LoC specifically requires that they, and anyone they distribute the photos to, give her credit. So your premise is factually incorrect.
And what really pissed her off was when the Getty sent her a legal threat and demanded money for using her own photos on her own web site, when the Getty had no permission to use the photos in any way.
Honestly, a billion dollars in damages seems perfectly reasonable to me, and the Getty will hardly notice it.
Slashdot Mirror
The people that are being laid off aren't engineers, they're tech support. Mostly, I suspect, they're level one help desk.
Too many people forget that interviews are a two way process. The company determines if you meet their needs, and you determine if they meet yours.
The moment the prospective employee forgets that second part, they screwed.
The FCC, in cooperation with the state's public utility commission.
Same as for telephone service for the last decade or two.
Good luck. Banks are required by law to have your SSN, and to report any interest income you get on your money.
The real corruption in this is that nobody will go to prison, despite 1.5 million instances of identity theft. Not a single person will spend a single day behind bars.
Why on earth would banks not do this? There is no downside. The fine is going to end up less than the ill-gotten gains. Pure profit.
Indeed. California is unique in that audio recordings without permission of all parties is a felony, nor a misdemeanor, or a civil offense. So, actually, not "jail" so much as "prison."
If it's actually recording.
If you have something to say that can be said in 140 characters, you have nothing to say.
It's an intelligence test. People who have Twitter accounts have failed.
That's far better (in that it wastes less of your time) than
"Hi, it's, um, I need you to, there's this thing that's not working, er, can you help, look, I really need, my computer, you know, . . ." for about 20 minutes, with not one complete sentence in it.
Isn't that why people swarmed to email in the first place? Precisely because it's more efficient for most communications than phone calls?
I hate talking on the phone. Especially to people who can't speak in complete sentences. Subject, verb, object. It's not fucking rocket science.
Don't associate people who having nothing to say, but insist on saying it constantly. If your job really requires that you get hundreds of emails a day, odds are, you really should be replaced by a robot. Made out of Legos. With no moving parts.
Science is not a belief.
O so you believe.
take them to small claims court
Laughable if they're local to him. Not even possible if they're not in the same state.
and will also smear their name all over the internet.
Either they won't be afraid of that because they're stupid, or they won't be afraid of that because they know he's nobody, and nobody will care. Or they'll sue him for extortion.
Given how many other things that Chrome comes bundled with, usually with "make default browser" pre-checked, what do you expect?
Let's shut down change.org for being part of a Hollywood conspiracy to promote crappy movies that no one wants to see by suppressing honest reviews.
Not that another proof was needed, but this does show on pointless change.org is.
If they were calling this a discount for accepting advertising instead of a premium for lack of it, nobody would have an issue with this. The only difference between the two is that this is a stealth price increase that they hope will bypass regulators' notice (it might).
Mainly, this means that Comcast's PR people are idiots, but that's hardly news.
The mechanical process is the same - insert the card, wait for the beep, withdraw the card.
The screens on the pad are different. But they've always been different from store to store.
Again, it's not more complicated, it's just different, and it takes a little time to get used to it.
In theory, our system has a modem backup system for credit cards. To the best of my knowledge, it has never been used a single time. When credit cards go down, it's either because our T1 is down (and takes the phones with it) or the bank's computers are down (and nothing can connect by any method).
The world has come a long way in 8 years, and the US perhaps has a different view of business internet (which is far more reliable - if you do it right - than consumer internet.
I suspect you shop at stores that care more about pinching every penny until it cries than they do about top of the line customer service.
We spend a lot of money on our new pads, and that after some pretty competitive bids (our merchant service is run by a guy who has a pathological hatred of our POS vendor, so we got a deal-deal), and it was a very worthwhile investment. We actually get comments from customers on how they thought the slowness was inherent to chip cards, and how pleased they are that it's not true in our stores.
Target was one of the few national retailers to implement EMV by the deadline in October. They had a hell of an incentive.
In my experience, that's slow with good equipment. Ours take about one second on mag strip, and less than two on chip. Maybe we have better equipment than what you think of as top of the line?
You are correct. Everything is tokenized. The actual card information is not necessary, and responsible merchants implement P2P encryption specifically to avoid seeing it. (It makes PCI compliant a lot easier. In our case, we got from over 300 questions on the compliance document to a couple dozen.)
1) wrong - the chip contains the same information as the mag stripe in unencrypted form and is just as easy to read out.
As I said, point-to-point encryption is separate from (and dependent on) EMV. Not using it is a choice on the part of the retailer. For now. The credit card companies are (just barely) smart enough to not force two brand new, more complicated to program for technologies onto merchants at the same time.
Many large chains will read that info to match you against their databases for marketing purposes just like they do for magstripes
They don't need card info to do that. That's the purpose of "rewards cards," after all, and they get tokenized information that still uniquely identifies the card holder, even if they don't actually know the name. And the demographics info is far more valuable to a big retailer than the specifically targeted advertising (though they obviously prefer both).
(there was never any reason to keep track of any card info).
In fact, merchants used to have to for accounting purposes. Plus, in a lot of cases, it's the only way to reverse a transaction. Now, a unique (one time) token is given instead of the card number as part of each transaction. This meets the accounting needs, and allows a transaction to be reversed, without revealing card info.
I work with some small retailers, the chip continues to work even when their internet is down, the full info needed for a transaction resides on their POS, chip or swipe - unencrypted and employee accessible.
Only if the merchant (or, more likely, their POS vendor) chooses to do so. With P2P encryption, the offline transactions are still encrypted, and the merchant cannot decrypt it. It gets sent, encrypted, to the merchant service for processing. All the merchant ever sees is the tokenized results. If they fully implement both EMV and P2P encryption.
The only difference is that now the retailer is responsible for all losses and fraud committed with chip cards. This is a big reason retailers want you to continue swiping, a fraudulent swipe is at the loss of the banks, chip card fraud which is just as easy is at the loss of a retailer unless you can prove the chip card was fraudulent.
Here, you simply don't know what you're talking about. The new rules are that the entity with the lowest level of security is liable. So if the bank issued a chip card, and the consumer used the chip card, and the merchant processed it with the mag strip, the merchant automatically loses all disputes. Automatically. Period. (This is from personal knowledge. Our POS vendor took their sweet time, as many did, in implementing and testing EMV. The new rules went into effect in October of last year, and since then, we have automatically lost all chargebacks on chip cards. It was a real incentive to get things deployed once it was available.)
2) In many cases the chip won't work. If there is a mismatch in your payment processor configuration with what the chip or bank expects,
If this isn't fixed quickly, you should sue your POS vendor for fraudulently claiming their shit works.
it just doesn't let you swipe or chip unless you chip 3 times in a row.
Manual overrides are allowed (our system has provision for it). But that shifts liability back to the merchant for not using chip. Most merchant (that know what they're doing) don't like it, because it's an easy access for fraud with stolen card numbers without having the original chip.
I have a business card which I requested to be fully encrypted (so it doesn't have the unencrypted data). The card doesn't work at large retailers like WalMart, Home Depot because they only use unencrypted data.
That's their choice. You should talk to them about that. Or not shop at
We actually have the hardware for NFC (near field communications), and I think it's implemented in point of sale as well. We haven't explored it so far because we've had no one ask for it.
Apple Pay, we've had a few queries on, but that's a mess of ideas that are only beneficial to Apple, at the expense of the merchant. (The biggest objection is that it hides transaction information from our marketing people. And I get why some consumers would like that. But it doesn't hide the marketing information. It hides the marketing information from us, while sending it to Apple instead. And they don't have as good a track record on handling it appropriately as we do, and never will.)
For a disaster, it's been pretty mild for my employer.
Several points to consider, from my personal observations (as the IT guy in charge of deploying and training on this):
1) Chip & PIN vs. Chip & signature. Yeah, chip and PIN is more secure for the consumer, but EMV isn't about security for the consumer. That's not at all the point of EMV. The point of EMV is to protect the banks, who eat the loss, when somebody breaks into a big retailer and steals 120 million credit card numbers at the same time, because PCI compliance hasn't been enough, and never could be. EMV is the half of the new system that gets the news coverage, but the other half, point-to-point encryption, is more important. The transaction gets encrypted in the credit card pad, and the merchant never sees the card information. So if you break into their network, there's nothing there to steal. The benefit to the merchant is that PCI compliance is a hell of a lot easier (and less expensive). The benefit to the consumer is that their cards are, in fact, less likely to be compromised (because that kind of break-in is a huge part of credit card fraud these days), so less hassle waiting for a new card.
But in the US, the consumer isn't protected by the technology, they're protected by the law. If your card is stolen, you're never responsible for more than the first $50 (and if you're bank gives you static about that, file a complaint and open an account with a bank that isn't crooked).
2)It's not confusing, it's just different. The process isn't any more complicated, it's just a different process. So the cashiers need about one minute of training, mainly by me buying a soft drink so they could see the new screens, and then they had it down (because we don't hire idiots as cashiers, and we train them), and the customers will need a few reminders for a while. The only two actual issues we've had (both very minor) are that we used to not need a signature for transactions under a certain amount, and we need a signature on every transaction now (because it's chip & signature, not chip & sometimes signature - but I expect that to be relaxed very soon), and we have to remind the customers to remove the card when it's all done (and our system actually helps on that, because it won't let them sign until the card is removed, which reminds the cashier to remind the customer). The pads could beep a little louder, but it's not a problem.
3) It's only slower if you bought shitty equipment. I've seen very slow chip card transactions. They're pretty much always the cheap-ass little standalone terminals that small merchants get on a lease from their merchant service (who don't care how slow it is). The reason for this is that the pad is doing the encryption, and that requires a certain amount of processing horsepower. Ours are new, expensive, and high quality. The difference in time processing a chip card and a mag strip card is less than one second. Barely enough to notice. Other big chain stores I've been in that do EMV also have new, expensive, high quality pads, and they, too, are basically just as fast either way.
So no, it's not the end of the world. Just more hysteria mongering from somebody who has a book to sell, or just hates all change, even for the better. In other words, it's a day that ends in "y."
Well, somebody should. The monkeys aren't doing a very good job.
With any luck, she will end up owning Getty;
You obviously have no idea how much money the Getty has. A billion dollars is not even enough to affect the CEOs bonus. Not even a speed bump. It's nearly petty cash.
Hard to sue:
No, they're not. She licensed the Library of Congress to distribute them royalty free, but did not place them in the public domain. In fact, the license to the LoC specifically requires that they, and anyone they distribute the photos to, give her credit. So your premise is factually incorrect.
And what really pissed her off was when the Getty sent her a legal threat and demanded money for using her own photos on her own web site, when the Getty had no permission to use the photos in any way.
Honestly, a billion dollars in damages seems perfectly reasonable to me, and the Getty will hardly notice it.