The US card issuers' insistence that Americans use Chip-and-Sign rather than Chip-and-PIN continues to frustrate me. It is very hard to find a US-issued personal chip card that is Chip-and-PIN. Typically, only a small set of credit unions issue them while none of the major banks do.
US is Number One! In sales register hacking attacks, at least
Hacking attacks against sales terminals have risen by nearly a third last year, and the US is still leading the way in being insecure. Incidents affecting sales tills and payment systems increased to 31 per cent in 2016, according to research by security firm Trustwave, while incidents affecting e-commerce environments fell to …
COMMENTS
-
-
Tuesday 20th June 2017 21:48 GMT Gene Cash
That's not the issuer's fault... it's the merchant's for having a shite terminal and being too cheap to upgrade.
As long as there's no financial penalty or drawback to the merchants or the banks, this will keep on truckin'
It's funny though, I haven't shopped at Target since they got ripped. Not out of any organized boycott on my part, just "ugh don't want to deal with their retardedness..."
-
-
Wednesday 21st June 2017 12:28 GMT Swarthy
Sign vs. PIN
I believe the signing vs. PIN is down to US credit regulations and fraud laws, I don't believe I've ever seen a PIN-enabled credit transaction.
I do know* that using someone else's credit card is not fraudulent, if you sign your own name; only if you forge their signature does it become credit card fraud.
*From personal experience with a "friend" having stolen an actual, physical card from me and using it. The nice policeman explained which of the transactions were fraud and could be prosecuted** and which ones were not.
**Not that the ever were, mind you, but they could have been. - Not that I'm bitter or anything.
-
Wednesday 21st June 2017 14:23 GMT Anonymous Coward
Re: Sign vs. PIN
I had my debit card cloned last year (at a shop which hadn't enabled chip usage on the POS more tan a year after the deadline). It was clear the culprits were just kids as all the charges were for petrol, pizza, beer, etc and they would have been recorded using the card in multiple locations (all of which were less than 75 miles from where I live). Stole over $2500 in 30 or more transactions of less than $100 each.
I filled out all the forms at my bank and got reimbursed quite quickly, but neither the bank or the police were interested in investigating the crime. This is why the issue is so bad in the USA, it's trivially easy to do and there are essentially no criminal consequences for the perpetrators.
-
-
-
Tuesday 20th June 2017 23:38 GMT Mark 85
Re: Target....
This store takes the cake, biscuit, whatever. During the whole mess with the data theft, the clerks kept on asking if I wanted to sign up for a Red Card. After responding about the hack, the typical response was "didn't know that, no one said anything" and they'd ask the next person if they wanted a card. Muppets all of them!!!!!!
-
-
-
Wednesday 21st June 2017 12:16 GMT Swarthy
Chip & PIN vs Chip & Sign vs Swipe & <whatever>
What's actually really interesting is in the current transition from swipe to chip, is noting the priorities. I have been at several retailers who have chip-enabled terminals, but you have to swipe for debit. The credit cards use the (slightly) more secure Chip & Sign, but debit cards use the less secure swipe & PIN.
My guess is that the bank/merchant is on the hook for fraudulent credit purchases, but the customer is on the hook for debit. I can't think that the savings of keeping swipe for one would justify the cost of having two authentication systems, and it can't be regulatory, because some retailers use Chip & <x> for both; so I am forced to assume that there is some
revenue generatingcost saving mechanic in allowing customer-borne fraud. -
Wednesday 21st June 2017 14:18 GMT Anonymous Coward
I live in the US and I still see shops that don't have chip-enabled POS terminals almost 2 years after the deadline. I was at the grocery store last night and the person in front of me still had a non chip card. At that same shop, Apple Pay and Google pay have been broken for over two months as well. Of course it's not quite as bad as the lady I saw a few weeks ago who paid by check/cheque.
I swear the US is so stuck in the past some times and I'm in the so-called progressive and modern part.