Visa Claims Chip Cards Reduced Fraud By 70%

An anonymous reader quotes Ars Technica: Although only 59 percent of US storefronts have terminals that accept chip cards, fraud has dropped 70 percent from September 2015 to December 2017 for those retailers that have completed the chip upgrade, according to Visa.

There are a few ways to interpret those numbers. First, it seems like two years has resulted in staggeringly little progress in encouraging storefronts to shift from magnetic stripe to chip-embedded cards, given that in early 2016, 37 percent of US storefronts were able to process chip cards. On the other hand, fraud dropping 70 percent for retailers who install chip cards seems great. Chip-embedded cards aren't un-hackable, but they do make it harder to steal card numbers en masse as we saw in the Target's 2013 breach.

only 59 percent of US storefronts have terminals

[charlie merritt]

Seems I heard that Oct the Chip Readers were mandatory. Seems not yet - can anyone fill in these blanks?

Re:

[Anonymous Coward]

Seems I heard that Oct the Chip Readers were mandatory. Seems not yet - can anyone fill in these blanks?

They've been "mandatory" for a while now. But many of them don't work.

A group of retailers filed a lawsuit over it but I don't think it has gone anywhere.

Re:

[Anonymous Coward]

They aren't mandatory but they do charge higher fees to process the transaction if you don't use the chip. Online card purchases still act like swipe cards since all you have is the basic info so it's not like they can just force all transactions to work like using the chip.

Re:

[Woldscum]

They are not mandatory. BUT the retailer is now on the hook for fraud. Not the CC co. or the processor. The retailer also must buy the new equipment. If the CC co.s really wanted to stop fraud. They would provide the readers themselves. Payback would be less than a year.

Re: only 59 percent of US storefronts have termina

[Mattatron]

But they DON'T want to prevent fraud, they want to prevent liability, which they they have.

Re:

[scottrocket]

Yeah I wanna tap muh card - but all of my local retailers have the slide-type only. Half of them are bolted in a fixed position that you can't rotate, and they usually have a riser shelf, or some display mounted right next to the slide! Someone here earlier referred to these as "knucklebusters" - sounds like an apt name.

Re: only 59 percent of US storefronts have termina

[Anonymous Coward]

Can I please have it this way instead? "Visa caused 70% of fraud by not implementing decades old system earlier than they did."

The glass can be half empty.

Re:

[lsatenstein]

Can I please have it this way instead? "Visa caused 70% of fraud by not implementing decades old system earlier than they did."

The glass can be half empty.

Presumeably, with less fraud, the fees paid by merchant and by consumer should drop, or am I joking?

Re:

[taustin]

"Mandatory" is a very flexible term. Merchants can, in theory, still imprint cards with a knuckle buster and deposit those in the bank like checks.

The actual rule is that if you don't use a chip card reader, and there's a dispute, the merchant pretty much automatically loses. For merchants who don't have problems with fraud to begin with, it's an expense they can easily do without.

That's why the 59% that have adopted the new technology have produced such a disproportionate reduction in fraud: They're the on

Re:

[silverkniveshotmail.]

Meaning in Canada, we've had cards with chips in them for more than 10 years already and pretty much every single stores have a chip reader and very few actually accept magnetic cards anymore.

I never had a problem with my magnetic US credit card in BC or Quebec.

Re:

[taustin]

I've never seen a chip reader that didn't also have a mag strip reader as well. When I was in Iceland a year and a half ago, the card I used for nearly everything didn't have a chip. The only place I had trouble with it was buying fuel, and that wasn't because it didn't have a chip, but because it didn't have a PIN (which it could have, if I'd known to set it up in advance).

Re:

[LinuxIsGarbage]

Plus it seems if a reader can't read the chip after 3 attempts, it will let it go through as a mag strip tranaction.

Re:

[viperidaenz]

If you ave a decent card issuer, using your card without the ccv should raise a fraud alert

Re:

[Shirley Marquez]

The degree of caution that card issuers call for depends on the site. Online bill payment is a low fraud situation. People just don't seem to use stolen credit cards to pay their electric and cable bills, perhaps because the ongoing relationship with the provider would make it too easy for them to punish you later for fraud.

Re:

[LinuxIsGarbage]

once i paid my time warner bill using the wrong expire date.

My bank issued me a new credit card number as a "security precaution".

I logged into Paypal to update my number and it already had the new number. . .

Re:

[DeBaas]

Meaning in Canada, we've had cards with chips in them for more than 10 years already and pretty much every single stores have a chip reader and very few actually accept magnetic cards anymore.

I never had a problem with my magnetic US credit card in BC or Quebec.

You wouldn't. Liability in this case is at your own bank (the issuer)
The way I understand it, if the acquiring bank supports chip and the merchant doesn't, then the merchant is liable for fraud. If the acquirer (in this case Canadian bank) doesn't support chip, then the acquirer is liable.
If both the acquirer and the merchant support chip, the issuer (your bank) is liable. So they have no problem with you using a magstripe. In case of fraud, your bank is liable.

Re: only 59 percent of US storefronts have termina

[Z00L00K]

Same thing in Europe - chip cards rules since at least 10 years now.

Just minor problems that are easy to resolve by cleaning the chip contacts against the shirt whenever there's a problem.

This seems to be pretty much a symptom where the US is - way behind on a lot of things these days compared to 50 years ago when the US was the leader in technology.

Re:

[thegarbz]

We don't. But out standard cards have been just fine accepting mobile phone NFC payments long before Apple claimed to invent the idea. Hell I rarely use my card.

As for plastic technology ... who developed NFC? The Japanese working with the Dutch. You're welcome.

Re: only 59 percent of US storefronts have termina

[AK Marc]

Funny when Americans think that wirelessly powered computers used for strong crypto embedded in plastic cards are "just plastic cards".

It's not the ancient plastic cards that are technology, it's the computer embedded into them, and the crypto, NFC, wireless power and other things used around them that make them technology. Is it just because the US is the last in the world to start supporting this that it's "backwards"?

Re:

[viperidaenz]

My first smartphone was an i-mate SP2 in 2004.
i-mate is an Irish company. It was built by HTC, a Taiwanese company.

Nokia, Philips and Sony invented NFC, none of which are American companies. One Finnish, one Dutch and one Japanese.

ARM is a UK company, which powers pretty much every smartphone ever.

Where is 'Murica in all this innovation?

Re:

[viperidaenz]

oh.. and first smartphone NFC trial was by Innovision (at the time, a UK company), using a Nokia 6131 in the UK in 2007

Apple's first NFC equipt product, the iPhone 6 came out in 2014
First Android phone with NFC was the Nexus S in 2010

Re:

[jeremyp]

All I can say is that this "stupid idea" has been working for years over here in Europe.

Gas stations

[PhrostyMcByte]

Now we have one great place left for skimmers to set up: gas pumps. I have yet to see one that is NFC capable or that included a chip reader.

And in the past three years, I've had my card skimmed twice -- it's become annoying enough that I ended up relegating a single card to gas station use, so that when it gets skimmed again I won't need to cancel any sort of auto-pay setup against it.

It's crazy to me that credit companies don't get stricter with gas station owners.

Re:

[Mashiki]

Every gas station in Canada uses chip & pin, most were rolled out a year and change before it became mandatory up here. The real problem up here since everything is chip & pin is actually banks and ATM's that are owned by banks but deployed in variety stores and so on. Hitting banks is the big one right now, the fakes are getting damned elaborate too replacing the entire front bezel to pull the card data and pin.

Re:

[rowls]

I am afraid that you are absolutely wrong. Chip cards without signature most definitely prevent skimming. The card number is not read from the cards mag stripe. Data including the card number is encrypted using the chips and sent to the issuer to verify fully encrypted. Chip cards without PIN's allow physical cards to be stolen and used fraudulently. The CC issuers have decided to continue paying to cover this type of fraud instead of forcing PIN's on Americans.

Re:

[jrumney]

The card number is not read from the cards mag stripe.

How do you control the skimming device to ensure that?

Re:

[omnichad]

You don't insert the card fully into the chip reader, so the mag stripe isn't read even if a skimmer was placed there.

Re:

[taustin]

Never seen a gas pump where that's actually possible. You put the chip card into the same slot as you put the mag strip card, and you shove it in exactly as far - all the way.

Re: Gas stations

[evenmoreconfused]

No card here in Canada gets inserted all the way into the reader.

Re: Gas stations

[evenmoreconfused]

Actually I take that back. It would be more correct to say that no card gets fully inserted in gas pumps in stations near here.

Re:

[AK Marc]

Every gas pump here lets you hold onto the card with two fingers the whole time. Only ATMs "eat" the card completely. Everyone else leaves the card sticking out.

Re:

[viperidaenz]

At least some cards with chips store the card number on the chip unencrypted.
In a previous job my keyboard had a card reader on it for reading certificates from ID cards. I played around with Java's smartcardio package and read my credit card. Saw the card number right there. Some also give out the number to NFC readers.

The bit that prevents fraud is not keeping the card number secret, it's signing tokens with asymmetric encryption. You can't read the private keys from the chip.

Re:

[execthis]

I find it interesting to note that it's the year 2018 and humans are still working on ways to be able to conduct financial transactions without fraud or theft. There must be something that, how something that seems like it would be such a simple thing actually is not...

Re:

[bobbutts]

There's no perfect solution. Paper and metal currencies offer good anonymity and ease of use but there are issues with trust and they cannot be sent over distance easily. Credit cards are fast and easy, but they are not free, require a central authority to clear transactions, and usually the private keys are revealed during each transaction. Crypto-currencies allow transactions without a central authority, but offer no recourse for reversing charges and there are currently many limits as to what they can

Re:

[taustin]

I've seen gas pumps with NFC. More than once. Not universal yet, but it's getting more common.

(I suspect it's because California is so oppressive to gas stations anyway that the pumps get replaced a lot more often than most places anyway.)

Re:

[jrumney]

I saw it for the first time about a month ago, but it didn't actually work when I tried it. I suspect someone forgot to adjust the pre-auth amount to be under the limit for NFC transactions.

Re:

[AK Marc]

NFC has no limit. NFC without PIN is limited to $80 for me. So the gas pump authorizing more than that requires NFC plus PIN. NFC is contactless chip. The limit for my NFC is the chip limit (the card limit).

Re:

[Junta]

The weird part is the proprietary gas payment apps in lieu of putting in chip readers.

Like if I want to pay for gas with my phone at a shell station, I would *have* to have a Chase credit card.. for some reason.

Exxon has a more open ended payment app, and to their credit it works... most of the time.

Re:

[viperidaenz]

I have never seen a pump without a chip reader.
Probably because I live in a modern country like New Zealand, where chip cards have been widespread for well over a decade. Some of them don't even have a magstripe reader.
I did have a magstripe only card back in the 90 and early 2000's though.

I know how I interpret this.

[Gravis Zero]

fraud has dropped 70 percent from September 2015 to December 2017 for those retailers that have completed the chip upgrade, according to Visa.

For years credit card companies allowed people to be defrauded because it was cheaper for them. When they were forced to use better security they tell us "Surprise, it's more secure! Who knew? Nobody knew!" Assholes, all of them.

Re:

[SlaveToTheGrind]

For years credit card companies allowed people to be defrauded because it was cheaper for them.

Actually, for years the major credit card companies have had zero-liability policies for fraud. Do you own/use a credit card?

Re:

[AK Marc]

No, the limit for "card use after reported stolen" is $50/$0. But unauthorized card use with card in hand was unlimited liability for the cardholder. Live in a dorm? Got your details stolen by a roommate and they bought stuff and shipped it to your address? You didn't report it stolen, and you didn't keep it safe. Your fault. Also it was literally shipped to you so they begin an investigation into you for fraud. I've seen it happen.

Your negligence, real or asserted, removes all limits. You are free

Well, yea...

[jtara]

"Martha? Would you ring up Woodrow 2-4-2 and ask the president of the bank to wire $10,000 to Sparky up in Reno out of my account? It's 5-4-7-9. Thanks!

I call that

[oldgraybeard]

what the bull leaves out in the pasture! I will dissect anything I purchase if I decide to! If I can not I do not want it in my life.

Just my 2 cents ;)

Chip and Sig was designed to target one thing

[alphad0g]

Chip and signature in the USA was designed to combat card skimming and cloning of mag stripes - it can't stop other kinds of fraud. Yes, it can help prevent fraud of stored data as chip data is different then mag stripe data - but the root of the fraud is cloned mag stripe data - often from skimmers.

If no terminals accept mag stripe, then cloned cards won't work. Someone can still copy the data off the front and back of card visually, and they can still clone the mag stripe. But then the fraud is reduced t

Re:

[jrumney]

Chip and signature in the USA was designed to combat card skimming and cloning of mag stripes

Adding a chip has absolutely no effect on card skimming. The only way to combat that is to remove the mag-stripe, but for backwards compatibility, I'm not aware of anywhere in the world that has done that yet.

Once your mag-stripe data is captured, someone somewhere else in the world (where the backwards compatibility will kick in automatically, because the card is foreign and can't be expected to keep up with local standards) will clone the data onto a magstripe only card, and use it to withdraw money a

Re:

[AK Marc]

And the ATM withdrawal will fail and lock the card and the account. Bob in Toledo, who has never left OH, is suddenly withdrawing daily limit in Ukraine? That'll lock the card down. Bob gets a new card in the mail in 2 days, and Ivan the Russian hacker gets nothing.

With the wide-spread hacks into large retailers, the transactions are looked at with a microscope. Purchases under $10 have an 80% chance of locking out my card, and in places the card company knows I am (small transactions to "test" stolen

It's easy to speed up the rollout

[viperidaenz]

Shift the risk. Make merchants with no chip capability liable for fraud.

Pay wave in the US?

[WinstonWolfIT]

I returned from a 10-year stint in Australia, where I stopped carrying cash, wrote only two checks, and for purchases under an amount set by the merchant -- $30 in some cases, $100 more typical -- simply tap the card, faster than cash. I looked into it here and the friction apparently was the cost of the chip. Apparently not. Anyone know what the heck is keeping tap-pay from becoming a thing if the chips are already on the cards?

As to card details being compromised for online purchases, hate PayPal all you

Re:

[moronoxyd]

RFID is as secure as leaving your front door open and shouting 'Rob Me Now'.
Your card details can be read while the card is in your wallet and in your pocket.

That's where RFID secure wallets orRFID blocking cards come in.

Re:

[WinstonWolfIT]

Yes this is common knowledge. But if I don't know someone who knows someone who knows someone who got hijacked, I'm not going to lose sleep and still have the insta-pay convenience. Credit card numbers are far more troublesome than rfid, and my bank freezes my account almost instantly when the flags go up. The thing about rfid is (in this case) it only works in Australia and given you have to make a legit looking card with a chip in it, and the low transaction amounts, it's a huge amount of work for a small

Re:

[jrumney]

Your card details can be read while the card is in your wallet and in your pocket.

When I've used my card online, the details available via unauthenticated RFID or by taking a snapshot or imprint of the front of the card (its the same details) are only sufficient to complete a purchase when I deal with US vendors. Everywhere else, I need 2FA or at least the 3 digits from the back of the card to finish the transaction.

Re:

[damnbunni]

Many cards have all the details on the back now - there's nothing on the front except the bank's logo.

So all you need is a picture of the back of the card.

Re:

[viperidaenz]

All cards have all the details on the back, except prepaid credit cards where the card number is printed on, not stamped.

The stamped numbers can be read from a photo of either side.

Re:

[thegarbz]

I only have one card with RFID

You're an idiot. If you had two cards then the read would simply fail.

Don't believe me? Then google for this

Oh I believe you. Know what? The best thing about card details skimmed via RFID is how in most of the world they are completely useless to fraudsters as they can't replicate cards that require chip+PIN. Now if the USA would get off their arse and mandate PIN like in other sane countries there'd be no more RFID cloning in the USA either.

Re:

[viperidaenz]

That's why my credit card stays in my wallet next to my wallet ninja, that effectly blocks the NFC signal.
I use my phone for NFC payments.

Simply reading a card with an RFID reader won't give you the expiry date or the CCV number. Reading it with a terminal will leave a trace back to the terminal owner.

and undid those gains...

[BeCre8iv]

with the rollout of contactless pickpocketing.

Re:

[AK Marc]

The rest of the world uses NFC chip + PIN, so skimming will not get you a perfect duplicate (though could allow some "card not present" charges). The US is slow to chips, so obviously slow to chip+ PIN as well.

I gives me pause to wonder

[darthsilun]

What the fraud rate would have been if we'd done what we should have done and gone to Chip&Pin?

Even though I have PINs on all my cards, only Target uses it. Even in Europe and India my cards comes up "signature", not PIN.

But if the fraud rate is low now, that probably only means that the crims haven't figured out how to defraud it – yet.

P.S. I'm still waiting for restaurants to get the portable readers that the wait staff bring to my table and my card never leaves my sight.

chip w/o pin is still crap

[l3v1]

I can't seem to understand how the US can be so behind the curve on some really important issues. One of them regarding financial/banking issues is the matter of the freaking chip&pin cards (or more the lack of proper use of them). Never ever have I seen any US store require chip&pin authentication, they always just read the chip and make you sign, which is crazy a**stupid. I thought they saw finally the light when chip cards were getting introduced - very, very, really late vs. everyone else -, but

Chip and pin was broken in 2007

[davecb]

See Ross Anderson's "Light Blue Touchpaper" for a timeline, https://www.lightbluetouchpape... [lightbluetouchpaper.org]

As other writers noted, Visa has 70% less fraud because they can now disclaim responsibility for all the fraudulent charges on the older, more popular equipment. There might be a small decrease in fraud overall, but the "70% less" is really "70% the merchant has to eat, as we're not accepting fraud reports from their equipment".

Re:

[DarenN]

The entire point of the liability shift was to try and reduce the card present fraud in the system. The level of skimming and cloning in the US is outrageous when fixes for the very issue were in use worldwide for decades. Even chip and signature puts a dent in it because the chip effectively cannot be cloned. The acquiring banks that lease the equipment to the merchants and process their transactions had - literally - no incentive to update. They were rolling out updated equipment that still did not suppor

How many TRANSACTIONS are using chips?

[Shirley Marquez]

"...although only 59 percent of US storefronts have terminals that accept chip cards, fraud has dropped 70 percent from September 2015 to December 2017 for those retailers that have completed the chip upgrade... it seems like two years has resulted in staggeringly little progress in encouraging storefronts to shift from magnetic stripe to chip-embedded cards, given that in early 2016, 37 percent of US storefronts were able to process chip cards."

There are still many storefronts that cannot process chip card

Re:

[zm]

When they first deployed the chip cards, I had mine for all of two weeks before it was compromised by the wait staff at one of the restaurants I frequent :|

So the wait staff managed to duplicate the chip in your card? Where do you eat?

Re:

[Gavagai80]

Why would a thief bother duplicating the chip, when they can do all the online purchases they'd like with just the name, number, expiry and CVV?

Re:

[LordKronos]

You don't even need to do online purchases. After 2 years, the chips on 2 of my cards are so flaky that they often don't work. It works every now an then, but usually it ends up telling me to reinsert the card, then after the 3rd failed chip read it tells me just to swipe it. Never once has a cashier given it a second though and asked to see the card or ID. They just act like it's routine (which wouldn't surprise me if it were). So really all they need to do is clone your card onto a card with an intentiona

Re:

[taustin]

An increasing number of stores are refusing to swipe when the chip isn't working. (My employer does.)

The reason is that thieves will deliberately damage the chip and reprogram the mag strip with a different number than is on the card (if there is one, these days), which is the old fashioned form of credit card fraud all over again.

You really need to call your bank and tell them to replace the card. Otherwise, eventually, you won't be able to use it at all.

Re:

[tepples]

For somebody who uses a non-Apple device in order to run applications that have no close substitute on iOS, is it worthwhile to buy and carry an iPad mini just for Apple Pay?

Re:

[shilly]

Or maybe a refurbished iphone SE? I think that would be cheaper, and a smaller form factor

Re:

[Mashiki]

So you handed them your pin, and it's their fault? You understand how this works right? You plug your card into the terminal, then enter your pin. If it was compromised, then it was a plain old skim because the business hadn't rolled over to chip & pin and were exempt from requiring *you* from entering it.

Re:So full of shit

[SNRatio]

In the US typically it is chip only, no PIN. Plus the card could have just been swiped. As pointed out in the article, 41% of storefronts don't have chipreaders.

Re:

[Mashiki]

So the US is still 10-15 years behind Canada then is what you're saying. Up here if you don't enter a pin, you can't complete the transaction. I also mentioned the cloning bit in my comment, which makes the original posters point about "omg chip & pin is a failure, it was all their fault" again worthless. Chip & pin didn't fail in that case which is what they were trying to make as a point.

Re:

[h4ck7h3p14n37]

I'm amazed that so few storefronts are actually using the chip readers. Most large retailers have had them since the Target hack, but then there are some places like Mariano's who still don't have them. I'm kind of surprised they're willing to eat the losses from fraud.

Re: So full of shit

[Anonymous Coward]

In the US, very few chip cards come with chip PIN's (these are distinct from credit card ATM PIN's for cash advances); most have you sign something or nothing at all.

Re:

[Mashiki]

In the US, very few chip cards come with chip PIN's (these are distinct from credit card ATM PIN's for cash advances); most have you sign something or nothing at all.

Here's how it works up here. Bank card + pin = direct withdrawal from your bank account(see Interac system). CC, again requires a pin. CC+Pin = billing directly to your CC. You don't sign for things up here unless there's a widespread terminal failure and the company still has an old fashioned carbon-copy style credit device available.

Re:

[Kjella]

You don't sign for things up here unless there's a widespread terminal failure and the company still has an old fashioned carbon-copy style credit device available.

You only need a carbon-copy device if the power is out or all your terminals are broken and if the power is out there's no lights so most likely the store will close. It's far more common that the Internet connection is down, then it goes into offline mode where instead of the regular receipt it spits out a bill that I sign on, at least that's the way it works here in Norway. I'm not sure if they send it electronically later when it reconnects and the signatures are just for disputes or if the store needs t

Re:

[Strider-]

It's far more common that the Internet connection is down, then it goes into offline mode where instead of the regular receipt it spits out a bill that I sign on, at least that's the way it works here in Norway

Here, in my part of Canada, if the retailer/restaurant’s internet connection goes down, the hand-held terminals just flip over to 3G or GPRS wireless, and conduct the transaction through the cellular network.

Bad assumption!

[Anonymous Coward]

Most USA issued CC's are chip and signature. No PIN is required.

Re:

[EzInKy]

Signatures aren't required any more.

https://www.creditcards.com/cr... [creditcards.com]

Re:

[rowls]

No, its extremely useful. The fraud rate using stolen physical cards is fairly low. What the CC companies and issuers were really worried about were the data breaches at major retailers that were exposing 100's of thousands or millions of credit card numbers at a time. Once the numbers were stolen, generating fake cards and going shopping was very easy. Chip cards prevent that type of fraud. For consumers, the lack of a PIN means that the issuer covers you for losses if you loose your card. With Chip + PIN,

Re:

[Strider-]

That’s why restaurants use portable card terminals. The card never leaves your sight.

Re:

[Jason1729]

Why would your card ever be out of sight at a restaurant (or anywhere)? The chip processor is a handheld wireless device about 1.5 x 3 x 6 inches. The card slides into the bottom and you take the whole device to privately enter your pin.

Re:

[AK Marc]

In Europe, where the chip cards have been around for a while, you don't give away your card. You keep it in your hand to pay. You handed your card to a stranger who went into the back room with it. And you don't see any problem with that?

Re:

[viperidaenz]

You don't need to clone the chip, all you need to do is damage it.
If a terminal fails to read the chip, it will accept a mag strip.

You'll probably have to swipe it - and be prompted to insert it, insert it - and be prompted to swipe due to read failure, then swipe it again

It may ask you to insert it multiple times before allowing a swipe.

Re:

[jtara]

Please- if you want to get rid of your crypto spend it at my business!

Oh? And what kind of illicit business is that?

Re:

[Khyber]

"Please- if you want to get rid of your crypto spend it at my business!"

>wants people to spend their crypto at their business
>doesn't reveal what that business might be

Sounds more like you're the fraud.

Re:

[SirSlud]

credit cards and crypto exclusively

you have a weird understanding of the word exclusively

Re:

[jargonburn]

Not really. From the dictionary:

to the exclusion of others; only; solely.

By defining a group of payment methods that they accept "exclusively," they are simultaneously defining the group of payment methods that they do NOT accept (i.e. everything else).

Re:

[viperidaenz]

How do you find the convience of $20 tranaction fees and 10+ minutes transaction confirmation times?
Or you're not using bitcoin, but some other crypto "currency" that's about to fail? [slashdot.org]

Re:

[ShanghaiBill]

Fraud with Card-not-present (e.g., buying things online) is going up.

They don't care about that because in any disputed CNP transaction they can just screw the merchant with a chargeback.

It costs Visa/MC nothing, and the merchant has no recourse.

Re:

[AK Marc]

A fraudulent charge isn't a "chargeback". A chargeback is when the merchant lies about sending the item, demands full payment for nothing sent, and whinges for decades about chargebacks ending their fullproof plan for profit. An unauthorized charge is *never* a chargeback, even if the merchant still loses money on the deal.

Re:

[AK Marc]

I don't see how. I bought a game online, and my transaction was refused and the card deactivated. And that's usual behavior for me.

Re:

[omnichad]

If you didn't realize, Visa is part of the group that rolled out chip cards (EMV - Europay, MasterCard, and Visa) in the first place. They are still trying to convince the merchants and processors that are dragging their heels, because that's what people here always seem to do. Everyone is still in denial that chip cards are an important transition, let alone adding a pin.

Re:

[DarenN]

The reason for poor uptake is an argument between the merchants, acquiring banks, CC networks, and issuers. Basically, most of the merchants lease the equipment from the acquirers, and the the acquirers are the only ones who didn't actually suffer from fraud because the liability largely fell on the Network or Issuer. However, the Acquirers own all the equipment and don't want to pay for an update. There is a double cost for them there as they both have to update hardware (the terminals themselves) and the

Re:

[omnichad]

For the bank info, the problem is that account numbers are treated as the sacred piece of info. You pull money with a routing and account number and protect those numbers like a credit card number. Everywhere else, banking works on a push basis where the account number is merely a destination. It's all about legacy systems and backward compatibility.

Re:

[viperidaenz]

cards are starting to get old now
I use Android Pay. As far as the terminal is concerned, my phone is a Visa Paywave card.

While all the terminals in New Zealand support NFC, a lot of merchants don't have the option enabled as the transaction fees are lightly higher. Some don't accept credit cards at all, as debit cards have no transaction fees.

Re:

[darthsilun]

The real question is, why is the USA so backwards on these things ?

Your life sounds a lot like mine. The real question is why are so many people outside the US so ignorant about how things work in the US? And why do so many of you keep trying to tell us how backward we are when it's clear you don't even have a clue?

Yes, there are still plenty of dinosaurs writing checks. In a country of 340M where probably at least 80M are over 60 years old there's bound to be a few. I dare say you've got a few over there too, where ever over there is.

Although it's true we still print thes

Re:

[darthsilun]

You need to get out of Poland more often.

Americans like me haven't written checks (or cheques) in years. And several of my cards have contactless, and I use it.

I suspect that I am not alone in this respect.

Re:

[AK Marc]

Outside the US, your bank account is effectively public. Without checks, having an account will let you deposit, but not withdrawal. In the US, if you find someone's bank account, you can presume it has checks, and you can forge a check with those numbers, and have a 90% chance of making a payment (though it could be stopped later). The rest of the world does something e-check-like at the point of sale that doesn't use account numbers. You give out your account numbers freely, and people do "wire transf

Re:

[jrumney]

A magnet does the job, no need to buy overpriced "nano technology" stickers to act as electromagnetic shields.