Chip cards, I thought they were more secure?

[Mike Henderson]

I would agree with that statement. We use the chip cards and they have never asked for a PIN, not once, except for debit cards. If it's a credit card, it just uses the chip and never asks for any PIN. In fact, I don't even know of any PIN's for our credit cards with chips. Not sure how it's supposed to be more secure when it doesn't ask for 50% of the thing that's supposed to make it more secure.

In the US, chip cards are not PIN cards. They are signature cards. I tried to get a PIN card for European travel and they wouldn't issue me one.

Mike

[Jim Becker]

In the US, chip cards are not PIN cards. They are signature cards. I tried to get a PIN card for European travel and they wouldn't issue me one.

Mike

Yea, As I mentioned, this is a failing of the US banks because they felt that their customers couldn't handle remembering a PIN. That's kinda dumb because the majority of their customers don't have any issue remembering a PIN to access the ATM...

[Art Mann]

A few months ago, I stood in line for 30 minutes at Sam's Club while some stupid woman in front of me couldn't remember her PIN and was calling her entire family to see if they remembered it. Never overestimate the intelligence of the general public -- or the intelligence of a clerk at Sam's club who should have bypassed the woman until she could get her act together.

[Mike Henderson]

Yea, As I mentioned, this is a failing of the US banks because they felt that their customers couldn't handle remembering a PIN. That's kinda dumb because the majority of their customers don't have any issue remembering a PIN to access the ATM...

Or to access their smartphone.

Mike

[Brian Henderson]

Or to access their smartphone.

Mike

Well, to be fair, since I never, ever use cash, I can't remember the last time I was even at an ATM and my smartphone isn't locked. I'm sure lots of people are the same.

[Allan Speers]

You know, there's such a simple solution to it all:


They just need to embed a gps tracker in every card. Then implant GPS trackers under the skin of every cardholder. When someone tries to use a card that is physically more than 5 feet away from the user, it gets automatically shut down!



OK, ok, so the government can now track your every move. That's a small price to pay.... for SAFETY !

[Jim Becker]

Actually, Allan, biometrics are likely to become a factor for many of these things in the future relative to security...credit cards, smartphones (sorta have that now with the finger print reader), etc. There is a lot of work being done to find more secure ways to verify that someone is who they say they are, etc. Fingerprints, retinal scans, etc, are examples. So if you want to withdraw cash from an ATM, for example, you might need both your card and your mark-one eyeball to do it with the retinal scan taking the place of your PIN. I'm personally willing to potentially concede some level of personal privacy in order to secure access to my financial wherewithal as long as there is reasonable transparency around that.

[Curt Harms]

The data describing your fingerprint, retina or whatever is stored in one or more databases. What happens when that database is subject to unauthorized duplication? A pin or password is easy to reset, a fingerprint or retina is tougher. If I had a digital description of your retina or fingerprint could I duplicate it and use it to fool a reader? A fingerprint seems pretty easy with 3D printing.

[Dan Hintz]

If I had a digital description of your retina or fingerprint could I duplicate it and use it to fool a reader? A fingerprint seems pretty easy with 3D printing.

Yes. I've duplicated fingerprints with a laser printer and some silicone... all I needed was a picture of the finger. Biometric data is not the panacea the pundits claim it is...

[Scott Pierce]

A few months ago, I stood in line for 30 minutes at Sam's Club while some stupid woman in front of me couldn't remember her PIN and was calling her entire family to see if they remembered it. Never overestimate the intelligence of the general public -- or the intelligence of a clerk at Sam's club who should have bypassed the woman until she could get her act together.

It bugs me that they added the chip to the card means the transaction approval takes longer but then they don't require a pin to prove it's you and not someone that just stole you card. Seemed kind of silly to go through all this and NOT require a pin... until I read your experience above. Yep, I could see long delays in line because people can't remember their pin. That would really bug me. But I would think eventually those people would remember their pin or would start paying with cash.

[Curt Harms]

Yes. I've duplicated fingerprints with a laser printer and some silicone... all I needed was a picture of the finger. Biometric data is not the panacea the pundits claim it is...

And it's painful to reset.

[Bert Kemp]

Yes its stupid, people can remember a 4 digit pin geesh they remember several 10 digit phone numbers. I have a 14 digit pin for my bank I have no trouble with that. I still remember my service number form 42 years ago and my first tely number from when I was a kid.

It bugs me that they added the chip to the card means the transaction approval takes longer but then they don't require a pin to prove it's you and not someone that just stole you card. Seemed kind of silly to go through all this and NOT require a pin... until I read your experience above. Yep, I could see long delays in line because people can't remember their pin. That would really bug me. But I would think eventually those people would remember their pin or would start paying with cash.

[Bill Cunningham]

It might be just a coincidence, and I don't use amazon all that much, but in two cases after I bought something on amazon that was actually sold and delivered by an amazon 'affiliate', about 3 month later I was finding stuff 'I'(?) bought in other parts of the world. I had tickets to a football game in Spain, spy camera stuff from Texas, several Amazon.it sales. In both cases (about 2 years apart), the purchases were refunded to me, and the cards replaced, but it's still a pain! At least the last time MasterCard did not ask me to file a police report before they gave me my money back.. I guess it was just so obvious that I was not in Italy.. I wonder how many hacks Amazon has had, and kept it quiet. They deal in Billions, so Hacks are probably common but kept under wraps.

[Jim Becker]

That's interesting, Bill. I was under the impression that businesses using the Amazon platform didn't actually see the CC information and that the transaction with the end-customer was financially serviced by Amazon. Maybe I'm wrong about that.
-----

Bert, I agree about the PIN argument...the banks clearly are mis-guided about that in refusing to do chip 'n pin rather than chip 'n sign. Makes no sense to me, especially if my older daughter, who has "many issues" can remember her Debit Card PIN with no issue for ATM use.

[Bill Cunningham]

That's interesting, Bill. I was under the impression that businesses using the Amazon platform didn't actually see the CC information and that the transaction with the end-customer was financially serviced by Amazon. Maybe I'm wrong about that.
-----

Bert, I agree about the PIN argument...the banks clearly are mis-guided about that in refusing to do chip 'n pin rather than chip 'n sign. Makes no sense to me, especially if my older daughter, who has "many issues" can remember her Debit Card PIN with no issue for ATM use.

I was under that impression too.. In the first case, the outside affiliate was in Montreal, in the second, it was shipped in from China (although china was never mentioned anywhere in the vendor info). I still think hacks are possible, and Amazon covers them up. Where else would they get the matching 3 digit validation number on the back of the card. None of my suppliers that I use my card with have it, the only place it has ever been entered for online purchases is Amazon and Cabelas. Plus, if they used the security of never shipping to a address not registered to the card, this problem could be eliminated. I know when my customers use their cards through PayPal, I get a verified shipping address, and will be the only address I will ship stuff to.