Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:try this (Score 1) 159

take them to small claims court

Laughable if they're local to him. Not even possible if they're not in the same state.

and will also smear their name all over the internet.

Either they won't be afraid of that because they're stupid, or they won't be afraid of that because they know he's nobody, and nobody will care. Or they'll sue him for extortion.

Comment It all depends on how you say it (Score 1) 182

If they were calling this a discount for accepting advertising instead of a premium for lack of it, nobody would have an issue with this. The only difference between the two is that this is a stealth price increase that they hope will bypass regulators' notice (it might).

Mainly, this means that Comcast's PR people are idiots, but that's hardly news.

Comment Re:They don't make disasters like they used to (Score 1) 675

In theory, our system has a modem backup system for credit cards. To the best of my knowledge, it has never been used a single time. When credit cards go down, it's either because our T1 is down (and takes the phones with it) or the bank's computers are down (and nothing can connect by any method).

The world has come a long way in 8 years, and the US perhaps has a different view of business internet (which is far more reliable - if you do it right - than consumer internet.

Comment Re:They don't make disasters like they used to (Score 1) 675

I suspect you shop at stores that care more about pinching every penny until it cries than they do about top of the line customer service.

We spend a lot of money on our new pads, and that after some pretty competitive bids (our merchant service is run by a guy who has a pathological hatred of our POS vendor, so we got a deal-deal), and it was a very worthwhile investment. We actually get comments from customers on how they thought the slowness was inherent to chip cards, and how pleased they are that it's not true in our stores.

Comment Re:No shit (Score 1) 675

Target was one of the few national retailers to implement EMV by the deadline in October. They had a hell of an incentive.

In my experience, that's slow with good equipment. Ours take about one second on mag strip, and less than two on chip. Maybe we have better equipment than what you think of as top of the line?

Comment Re:They don't make disasters like they used to (Score 1) 675

You are correct. Everything is tokenized. The actual card information is not necessary, and responsible merchants implement P2P encryption specifically to avoid seeing it. (It makes PCI compliant a lot easier. In our case, we got from over 300 questions on the compliance document to a couple dozen.)

Comment Re:They don't make disasters like they used to (Score 1) 675

1) wrong - the chip contains the same information as the mag stripe in unencrypted form and is just as easy to read out.

As I said, point-to-point encryption is separate from (and dependent on) EMV. Not using it is a choice on the part of the retailer. For now. The credit card companies are (just barely) smart enough to not force two brand new, more complicated to program for technologies onto merchants at the same time.

Many large chains will read that info to match you against their databases for marketing purposes just like they do for magstripes

They don't need card info to do that. That's the purpose of "rewards cards," after all, and they get tokenized information that still uniquely identifies the card holder, even if they don't actually know the name. And the demographics info is far more valuable to a big retailer than the specifically targeted advertising (though they obviously prefer both).

(there was never any reason to keep track of any card info).

In fact, merchants used to have to for accounting purposes. Plus, in a lot of cases, it's the only way to reverse a transaction. Now, a unique (one time) token is given instead of the card number as part of each transaction. This meets the accounting needs, and allows a transaction to be reversed, without revealing card info.

I work with some small retailers, the chip continues to work even when their internet is down, the full info needed for a transaction resides on their POS, chip or swipe - unencrypted and employee accessible.

Only if the merchant (or, more likely, their POS vendor) chooses to do so. With P2P encryption, the offline transactions are still encrypted, and the merchant cannot decrypt it. It gets sent, encrypted, to the merchant service for processing. All the merchant ever sees is the tokenized results. If they fully implement both EMV and P2P encryption.

The only difference is that now the retailer is responsible for all losses and fraud committed with chip cards. This is a big reason retailers want you to continue swiping, a fraudulent swipe is at the loss of the banks, chip card fraud which is just as easy is at the loss of a retailer unless you can prove the chip card was fraudulent.

Here, you simply don't know what you're talking about. The new rules are that the entity with the lowest level of security is liable. So if the bank issued a chip card, and the consumer used the chip card, and the merchant processed it with the mag strip, the merchant automatically loses all disputes. Automatically. Period. (This is from personal knowledge. Our POS vendor took their sweet time, as many did, in implementing and testing EMV. The new rules went into effect in October of last year, and since then, we have automatically lost all chargebacks on chip cards. It was a real incentive to get things deployed once it was available.)

2) In many cases the chip won't work. If there is a mismatch in your payment processor configuration with what the chip or bank expects,

If this isn't fixed quickly, you should sue your POS vendor for fraudulently claiming their shit works.

it just doesn't let you swipe or chip unless you chip 3 times in a row.

Manual overrides are allowed (our system has provision for it). But that shifts liability back to the merchant for not using chip. Most merchant (that know what they're doing) don't like it, because it's an easy access for fraud with stolen card numbers without having the original chip.

I have a business card which I requested to be fully encrypted (so it doesn't have the unencrypted data). The card doesn't work at large retailers like WalMart, Home Depot because they only use unencrypted data.

That's their choice. You should talk to them about that. Or not shop at a place that chooses to reduce the available security.

And they'll be coming up to speed soon enough, because of the fraud.

3) yes. But most retailers aren't willing to spend $1200 on the top of the line reader which is the cost (shakedown) a lot of payment processors are charging for an upgrade. Many of those don't allow BYOD so unless you're willing to switch banks, you're SOL, just upgrading to the cheapest chip reader costs $250 and up.

Yes, being in business is expensive. Especially if you want top of the line equipment. If $1200 (which is about the most expensive you'll find) is that big a deal to your business, you have problems beyond whether or not you take chip cards. Seriously.

Slashdot Top Deals