Previous Entry Share Next Entry
(no subject)
2012
unknownj
http://news.bbc.co.uk/2/hi/talking_point/4098331.stm

Oh you stupid motherfuckers... One by one now..



I want to know whose fault it will be if someone steals your card from you outside the store after seeing you punch in your number?

It's your fault for being a careless dick. Fortunately, fault does not equate to liability, so quit whining.

We couldn't understand how they are supposed to be more secure when anyone can see exactly what number you're entering

Because it's nigh on impossible to clone a card from the chip (unlike a mag strip), and without a copy of your card, the PIN is of no use to anyone.

I am also concerned that if the chip in card is damaged, I will have no other means of paying for the goods I've just bought!

Yeah, because a magnetic strip is impossible to damage.

All it takes is for someone to pick your pocket on the way out of the shop, and they have your card and your pin, and will then empty £500 from the nearest cash machine before you even notice it's gone.

So what? You won't have to foot the bill for that, so why do you care? Previously, all you had to do was pick someone's pocket in order to steal their card and use it to buy stuff - now with two-factor authentication, they need more than just the physical card, they need to know what you know. And if you're responsible, then they won't be able to do that.

Chip and Pin DOES, however, do a great job of protecting credit card companies as you, not they, are entirely liable for any loss if your pin is compromised by someone else.

Not when last I checked - liability is still either with the bank or the retailer (Simon, you probably know way more about C&P than me, am I right?)

And why is the PIN number for payment not different to the PIN for the cash machine?

What a stupid idea - people find it hard enough to remember the one number, let alone two..

Also, a signature is a bit harder to fake than a PIN if someone is watching over your shoulder

But a signature is easy to fake if you go away for ten minutes with somebody's card and practice. A PIN, on the other hand, is very hard to fake if all you've got is the card.

Also - I hope in shop CCTV is not watching you enter it at checkouts.

Why? You're afraid the CCTV operators will be waiting outside to nick your card off you?

I deliberately want to avoid knowing the PIN for credit cards so I can't use them to get money at cash points...

But we want you to know your PIN.. we also encourage you to put your card in an ATM to change the PIN.. because it's tempting...

I can't believe they expect us to type our "secret" number into a keyboard in front of all the other shoppers. Now we know why this system only cut losses by 80% in France. The other 20% of losses must have been due to rogues looking over peoples shoulders and stealing customer's PIN numbers.

You're absolutely right, shit, why bother cutting fraud by 80% if there's still going to be 20% left? Let's keep it at 100%, at least that's an easy round number...

There is nothing secure about entering a pin number in front of hundreds of other shoppers.

.. except the fact that authentication is explicit, rather than implicit. There's certainly nothing secure about signing a receipt when the retailer won't even bother to check it against the card.


For the last fucking time, you're safer showing off your PIN to a million people (none of which are in possession of your card) than walking around with a piece of plastic in the pocket which has on the back of it a copy of the only authentication you would need in order to use it.

If I pick up a card off the ground, if it's not C&P then I can use it straight away so long as I can bluff the signature (and even then, people probably won't check it anyway). But with a C&P card, I would have to deliberately steal it from you, after I've spied on you entering your PIN. Pretty unlikely..

But of course, when you cut out all the opportunist fraud, it just brings into focus all the premeditated fraud that remains. Because people are stupid.

  • 1
Hahaha, I can't believe you bothered to go through each nitwit, one-by-one, even though they'll never see this. I seriously can't believe that comment that person left about cutting losses by 80%.

(Deleted comment)
I'm not sure if you're being clear enough here, perhaps you mean to say Personal Identification PIN Number.

As far as I'm aware, at no point did I use the redundant "PIN Number" - I merely quoted other people who did.

I know, I just prefer Personal Identification PIN Number...

  • 1
?

Log in

No account? Create an account