• WELCOME Grumblers
    Backup is now done at 3PM EDT. You may find the server down for up to two minutes at that time.

Why are we in the dark ages with respect to credit cards

Sponsor Wanted

shayla

WOW Framer
Yikes.
 

Bill Henry-

SPFG, Supreme Picture Framing God
The article mentioned that CC fraud has been reduced by ~ 1/3. That’s impressive, but how is the other 2/3 of fraud accomplished if you have to have a PIN to complete the transaction?

I suspect that the continued fraud happens at the credit card processing center or at the on-line merchant site, and not at a store’s credit card terminal.

Even with the best encrypted credit card, it seems to me that the most vulnerable place for fraud is still at the data collection/processing center. As long as there are careless or stupid or crooked people working there, the problem wouldn't be completely solved.
 

Rick Bergeron - CPF

SGF, Supreme Grumble Framer
The last line of the article says it all,
"Credit card companies don't have much incentive to make cards safer," Sekar said.​

I suspect that the continued fraud happens at the credit card processing center or at the on-line merchant site, and not at a store’s credit card terminal.


Not for the last 2 large breaches that I know about that occurred within the last 3 months. The breaches occurred at the merchant's credit card terminal/POS application.

A group of locally owned grocery chains who utilized the same POS application using the same, internet connected credit card processing, had both channels of the magstripe obtained by installed malware. That means a physical card can be created from the data and used at other physical locations or online.

From what I've heard, the Target breach is similar in that the entire stripe data was obtained meaning that physical cards can be created.

The cardholder is not responsible for fraudulent transactions but credit card companies are Winners when a fraudulent card is used.
Unknowing merchant accepts card and received an approval code. A month later, the cardholder reports the transaction.

The unknowing merchant has lost:

  • Value of the product
  • Value of the sale
  • AND cost of the chargeback
  • AND black mark on their merchant account for processing the fraudulent charge


The credit card companies WIN this for every use of the card until it is replaced.
Merchants loose in every instance.
 

David N Waldmann

SGF, Supreme Grumble Framer
The article mentioned that CC fraud has been reduced by ~ 1/3. That’s impressive, but how is the other 2/3 of fraud accomplished if you have to have a PIN to complete the transaction?
My first thought as well.

I suspect that the continued fraud happens at the credit card processing center or at the on-line merchant site, and not at a store’s credit card terminal.

Not for the last 2 large breaches that I know about that occurred within the last 3 months. The breaches occurred at the merchant's credit card terminal/POS application.
But the ship and PIN should still prevent that. The data on the chip is encrypted, so if someone steals the data they will have a hard time reading it, and then they still don't have the PIN unless they capture that at the same time and keep it together with the data.
 

David N Waldmann

SGF, Supreme Grumble Framer
Carp. Editing is fouled up. Blank screen. Preview Post is fouled up with a blank screen and wipes all text previously entered.
Yeah, that happens from time to time. I did a little creative editing to put the quotes in my first reply... But this one is 100% legit.

Did you notice I even quoted BH?
 

JFeig

SGF, Supreme Grumble Framer
The ~1/3 savings in fraud were in England and France....... Not the US. It is the US banks that are dragging their feet regarding new technology.
 

MnSue

SGF, Supreme Grumble Framer
a security expert (who was just on the radio in MPLS) highly recommended a useful quick tip

change your PIN number associated with any card that was used at TARGET

The one that was on the card...will be invalid if the data is tried to be used....
your data becomes "not worth the time" to use for "other" means

just a thought
 

Rick Bergeron - CPF

SGF, Supreme Grumble Framer
But the chip and PIN should still prevent that. The data on the chip is encrypted, so if someone steals the data they will have a hard time reading it, and then they still don't have the PIN unless they capture that at the same time and keep it together with the data.
Yes, those thoughts are valid but do not apply to the Target & URM grocer breaches.
 

David N Waldmann

SGF, Supreme Grumble Framer
The ~1/3 savings in fraud were in England and France....... Not the US..
The savings were when they went from mag stripe to chip & PIN. I don't see how location has much if anything to do with it. Maybe if it was Nigeria or China it would be different.
 

RoboFramer

PFG, Picture Framing God
It's a nice system, we've had it for almost 8 years. The retailer does not (have to) touch the credit/debit card or check any signature and once authorised, that's that, no comeback on the retailer if the card was dodgy. The card terminal will swipe non chip & PIN cards (which will either be foreign or for those with bad eyesight) and/or prompt you to swipe if the chip cannot be read - and print out a ticket to be signed.
 

Bill Henry-

SPFG, Supreme Picture Framing God
It's a nice system, we've had it for almost 8 years. The retailer does not (have to) touch the credit/debit card or check any signature and once authorised, that's that, no comeback on the retailer if the card was dodgy. The card terminal will swipe non chip & PIN cards (which will either be foreign or for those with bad eyesight) and/or prompt you to swipe if the chip cannot be read - and print out a ticket to be signed.
You, the merchants, don’t get stuck holding the green wiener, but where does the fraud occur (still 65% of what it used to be)? At the processing center or the banks?

Someone has to pay for the increased cost of a chip-embedded credit/debit card. The banks aren’t likely to eat the cost but, rather, pass it along to the consumer.

What kind of interest rates are you guys paying to hold these credit cards?
 

RoboFramer

PFG, Picture Framing God
You can still use these cards in the same ways as your cards can be used - "card holder not present" - I suspect that's where the major problem is, but the cards, also like the old cards, can be cloned. Interest rates for the cards have not increased, terminal charges etc might have, but always did and always will. It's tried and tested - just like guns being illegal and no death penalty :)
 
Sponsor Wanted
Top