TOTALLY GEEKED!

I know what to do_sometimes · Frozen Sucks!

Credit Card Hackers and legislation and my response.

I know what to do_sometimes · Frozen Sucks!

So what do you think? Who's responsibility is it to reign it CC hacker fraud?

karl271 · Guru

I think it is up to the credit card companies to rein in this hacker fraud, although each individual should use their own head about where and when to use their card/cards. I do not know if bringing the machine to the table or customer would be a realistic thing to do or not.

I like the policy my credit card companies have: They simply reverse any charge that is not made by me. And they call me if something unusual shows up on my monthly statement - a large purchase from a place I never use, etc. And they automatically reissue all subscriber's cards if a hacking attempt has been made or has been successful. (This has happened twice and they also sent the equivalent of US100.00 in gift cards to say "sorry").

Mellow Momma · Sniff...sniff, sniff. Yay! A Bum!

The fraud/hacking isn't happening at the point of sale by retail employees. It's happening inside the terminals at the point of sale by outside hackers. Bringing the terminal to the table won't prevent that.

When you swipe your credit card at a terminal, your number and all its info goes from the retailer, through a credit card processing company and finally to the credit card company. It's in the middle of this process that the hackers are working their magic.

Retailers have been asking for years for banks to issue chip and pin credit cards (as used in Europe. The credit card has a computer chip in it and you have a 4 digit pin that younmust use instead of a signature.) Banks refused on the grounds that it would cost them too much to issue cards like that. Target, for example, first proposed to use chip and pin terminals 5 years ago and banks told them no. They would not issue cards compatible with chip and pin terminals. So Target had no choice but to continue to use the old technology, because that's what the banks wanted.

Now that all the hacking has happened, and the banks insurance companies are sick of paying out, the banks want the new technology used. Now that it is hitting them in the pocket book.

That letter makes me steaming mad. The banks are the people who got us in this mess. They have their nerve to circulate any type of petition.

-- Edited by Mellow Momma on Monday 4th of May 2015 10:57:38 PM

I know what to do_sometimes · Frozen Sucks!

Mellow Momma wrote:
The fraud/hacking isn't happening at the point of sale by retail employees. It's happening inside the terminals at the point of sale by outside hackers. Bringing the terminal to the table won't prevent that.

When you swipe your credit card at a terminal, your number and all its info goes from the retailer, through a credit card processing company and finally to the credit card company. It's in the middle of this process that the hackers are working their magic.

Retailers have been asking for years for banks to issue chip and pin credit cards (as used in Europe. The credit card has a computer chip in it and you have a 4 digit pin that younmust use instead of a signature.) Banks refused on the grounds that it would cost them too much to issue cards like that. Target, for example, first proposed to use chip and pin terminals 5 years ago and banks told them no. They would not issue cards compatible with chip and pin terminals. So Target had no choice but to continue to use the old technology, because that's what the banks wanted.

Now that all the hacking has happened, and the banks insurance companies are sick of paying out, the banks want the new technology used. Now that it is hitting them in the pocket book.

That letter makes me steaming mad. The banks are the people who got us in this mess. They have their nerve to circulate any type of petition.

-- Edited by Mellow Momma on Monday 4th of May 2015 10:57:38 PM

I understand about the POS thing, but there have been many instances of waitstaff stealing the credit card number. The chip thing is interesting; the bank that sent me this email did issue cards with the chips.

Southern_Belle · Nothing's Impossible

In the past few months we have had two gas pumps discovered with internal skimming devices. That means someone had a key. I always check any machine I'm using for signs of an external skimmer but there's no way to tell if they get inside.

Mellow Momma · Sniff...sniff, sniff. Yay! A Bum!

Fraud from retail/waitstaff employees is miniscule compared to fraud by hackers. It's such a small percentage that it isn't even worth dealing with on a large scale. The number one threat to your card is hackers - that the credit card companies enabled by not releasing chip and pin card over 10 years ago when the technology came out. They have been in use in Europe since at least 2004. We didn't convert here because the banks refused to reissue cards with chips. They claimed it was too expensive to send out all new cards for no reason. Now, guess what they are doing?! Sending out chip and pin cards.

I have worked for a credit card processor in the past. The company was trying desperately to get the banks to use chip and pin and the banks refused. This was in 2009.

flan327 · Itty bitty's Grammy

MM, I appreciate the update. I'm woefully ignorant on this topic.

flan

Lady Gaga Snerd · Guru

One point. You can get separate cards and set a limit. Say u want a card to use just to shop online. Then get one with a $1000 or $500 limit and don't let the cc company raise that limit. You can protect yourself that way somewhat. Also I will not sign up for anything that automatically bills me. If I want to renew something I will choose to do so. I also will not pay bills electronically. No they are not getting access to my checking acct.

flan327 · Itty bitty's Grammy

Lady Gaga Snerd wrote:
One point. You can get separate cards and set a limit. Say u want a card to use just to shop online. Then get one with a $1000 or $500 limit and don't let the cc company raise that limit. You can protect yourself that way somewhat. Also I will not sign up for anything that automatically bills me. If I want to renew something I will choose to do so. I also will not pay bills electronically. No they are not getting access to my checking acct.

DH does this for car insurance & life insurance. I hate it.

flan

Blankie · Guru

I think all credit cards should have mandatory pin numbers.

JPT · Senior Member

Beginning in 2016, all credit cards in the US will be pin and chip, and at that point, the liability for fraud falls on the merchants. I use Square for my CC processing, and I always swipe the card in front of the customer, and they get an immediate email/text receipt of the transaction. I am waiting now on the new reader to be shipped, where you will have your card inserted, and it remains for the entire transaction, and a unique encrypted code is created for each transaction. Basically, the bank and card "talk" to each other during the whole process, until an approval is given.

Every method of payment has its advantage and disadvantage, as criminals are most motivated to keep up with the times.

Blankie · Guru

Lady Gaga Snerd wrote:
One point. You can get separate cards and set a limit. Say u want a card to use just to shop online. Then get one with a $1000 or $500 limit and don't let the cc company raise that limit. You can protect yourself that way somewhat. Also I will not sign up for anything that automatically bills me. If I want to renew something I will choose to do so. I also will not pay bills electronically. No they are not getting access to my checking acct.

I don't do any electronic debits from my checking account any more. We had a regular monthly debit arrangement for a life insurance premium. We got other insurance and cancelled the policy and the monthly debit in writing and by phone with the first life insurance. They debited our account for 3 months after. So they stole 3 months of premiums.

I was shocked when my bank told me they (the bank) do not have the authority to stop the debit. That is crazy. And that is why I will never do electronic debits again. Once they have access to your account, God help you. The bank won't.

Blankie · Guru

JPT wrote:
Beginning in 2016, all credit cards in the US will be pin and chip, and at that point, the liability for fraud falls on the merchants. I use Square for my CC processing, and I always swipe the card in front of the customer, and they get an immediate email/text receipt of the transaction. I am waiting now on the new reader to be shipped, where you will have your card inserted, and it remains for the entire transaction, and a unique encrypted code is created for each transaction. Basically, the bank and card "talk" to each other during the whole process, until an approval is given.

Every method of payment has its advantage and disadvantage, as criminals are most motivated to keep up with the times.

JPT, do you know if that means you have to get a new credit card after this to get the pin and chip? Could I get it for my existing credit cards?

JPT · Senior Member

Blankie, the card issuers are replacing them all during this year. I have 3 cards now that have the chip (AMEX was the first to get these out), and am seeing more cards presented that have the chip. You won't have to do anything, they will send out the new cards, so be sure to check any mail you get that looks like it has a card in it, even if you aren't expecting it. All the cards I received have the same account number as the previous incarnation. But the security code has changed.

Ohfour · Hooker

flan327 wrote:
Lady Gaga Snerd wrote:
One point. You can get separate cards and set a limit. Say u want a card to use just to shop online. Then get one with a $1000 or $500 limit and don't let the cc company raise that limit. You can protect yourself that way somewhat. Also I will not sign up for anything that automatically bills me. If I want to renew something I will choose to do so. I also will not pay bills electronically. No they are not getting access to my checking acct.
DH does this for car insurance & life insurance. I hate it.
flan

We pay ALL of our bills electronically. Every single one of them. The mortgage, the credit card, insurance...EVERYTHING. We just get a statement telling us what was charged that month. (G keeps tabs on them online too though). I cannot remember the last time either of us wrote a check. I wouldn't even know where to find a checkbook right now...

Blankie · Guru

JPT wrote:
Blankie, the card issuers are replacing them all during this year. I have 3 cards now that have the chip (AMEX was the first to get these out), and am seeing more cards presented that have the chip. You won't have to do anything, they will send out the new cards, so be sure to check any mail you get that looks like it has a card in it, even if you aren't expecting it. All the cards I received have the same account number as the previous incarnation. But the security code has changed.

Thanks JPT. That's good news!

Lawyerlady · On the bright side...... Christmas is coming! (Mod)

So, basically, the credit card companies are trying to shift all responsibility to the merchants. They already charge merchants a percentage of the transaction - so they should be the ones to fix this issue.

Mellow Momma · Sniff...sniff, sniff. Yay! A Bum!

Lawyerlady wrote:
So, basically, the credit card companies are trying to shift all responsibility to the merchants. They already charge merchants a percentage of the transaction - so they should be the ones to fix this issue.

It isn't the credit card companies per se that charge the fees, its the credit card processing companies. They are middle men who take the transaction info from the merchant and deliver it to the banks. They consolidate the info for the bank so they can say, for example, "American Express, you owe Lawyer Lady's Hello Kitty Warehouse $7,500 this month" instead of the bank getting 100 bills for $75 avg each. The credit card processors charge the merchant the fees, which are substantially lower if you use your card as a debit instead of as credit.

But yes, the banks are trying to put this all on the merchants. And it isn't fair. Merchants have been trying for years to upgrade to chip and pin but the banks refused to do it.

I know what to do_sometimes · Frozen Sucks!

Ohfour wrote:
flan327 wrote:
Lady Gaga Snerd wrote:
One point. You can get separate cards and set a limit. Say u want a card to use just to shop online. Then get one with a $1000 or $500 limit and don't let the cc company raise that limit. You can protect yourself that way somewhat. Also I will not sign up for anything that automatically bills me. If I want to renew something I will choose to do so. I also will not pay bills electronically. No they are not getting access to my checking acct.
DH does this for car insurance & life insurance. I hate it.
flan
We pay ALL of our bills electronically. Every single one of them. The mortgage, the credit card, insurance...EVERYTHING. We just get a statement telling us what was charged that month. (G keeps tabs on them online too though). I cannot remember the last time either of us wrote a check. I wouldn't even know where to find a checkbook right now...

Yeah, don't do that. Just schedule auto payments to the vendors from you account. Do NOT let the vendors do the payment scheduling, that gives the Vendor the right to continue take money from your account. You should be the initiator of ANY payment from your account.

Ohfour · Hooker

How do I schedule payments if I don't know how much they are going to from month to month? We've been doing this since we got married and never had a problem...

I know what to do_sometimes · Frozen Sucks!

Ohfour wrote:
How do I schedule payments if I don't know how much they are going to from month to month? We've been doing this since we got married and never had a problem...

You schedule say 100 each month and when you get the statement, if higher, you send an extra payment. If the payment is too high, schedule the next one to be lower. Just don't give them access to your account. You manage it.