Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Community > MacNN Lounge > The US + ApplePay + credit card fraud. Right choices?

The US + ApplePay + credit card fraud. Right choices?
Thread Tools
besson3c
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Nov 20, 2016, 12:53 PM
 
The US has recently adopted a part of the EMV standard where credit cards have a chip on them, but I say in part because this standard was only partially adopted. In countries like Canada and areas of Europe (I'm not sure how much of Europe this applies to), payments are made with the chip on your card plus challenging you by asking you for your PIN on high dollar transactions, or where NFC tap is disabled. This PIN is saved onto the chip itself, and can only be reset by ATMs. In the US, in some places you can insert your card to have the chip read, but it is just to read card data. This is still an improvement over the magnetic stripe (where your card data is unencrypted), but it doesn't prevent theft of your card.

The US decided against chip + PIN because of the costs of replacing these machines, but also because they figured that mobile payments was close enough on the horizon. Now that enough time has passed, I question whether the right call was made here?

For one, the costs of credit card fraud are enormous, and right now the onus is basically on the consumer to protect themselves from physical card theft by securing their cards (online transactions are protected by the CCV number in the US/Canada/Europe).

Secondly, ApplePay has been a success, but there are still retailers that want to consolidate payments with their loyalty programs, support their in-store credit cards, and of course ApplePay is iOS only. The Samsung, Google, and other mobile wallets do their own thing with open access to the phone's NFC. I haven't looked in a while to see what kind of marketshare they have, but AFAIK, Starbucks is still the leading mobile payments provider, so I would say that the mobile wallet thing so far as been successful, but not a smash hit. In the meantime fraud still looms.

Thirdly, again, a lot of retailers have decided that the costs of fraud are less costly than replacing their ATMs and payment terminals. What about the fraud that consumers don't catch in their monthly statements?

So, my question to you, was the US right in their choices to ignore the PIN part of the EMV standard? Are Americans aware of the costs of fraud, and how this impacts them?
     
besson3c  (op)
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Nov 20, 2016, 01:07 PM
 
My take: I have no love for credit cards, and with the booming FinTech industry it was perfectly reasonable to expect that chip + PIN was just a temporary measure, and it is just a stopgap sort of solution - chip + PIN doesn't do away with fraud altogether, nor does ApplePay (card theft is still possible with ApplePay). The real future may be with digital cash and crypto-currency sort of solutions, but I think the powers that be underestimated how long it would take to get us there.

The US needed that stopgap security measure.
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Nov 20, 2016, 01:33 PM
 
My understanding is there is no onus on a credit card holder to pay a fraudulent charge. This is whether the charge was made with a stolen number or a stolen card.
     
besson3c  (op)
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Nov 20, 2016, 03:03 PM
 
Originally Posted by subego View Post
My understanding is there is no onus on a credit card holder to pay a fraudulent charge. This is whether the charge was made with a stolen number or a stolen card.
I think you're right, the consumer doesn't pay for the chargeback, the retailer does (this is part of the cost of fraud which creates a big financial overhead), but this is fraud that is caught. What if you don't look at your credit card statements carefully for several months?
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Nov 20, 2016, 03:26 PM
 
Obviously you're out of luck if nobody catches it.

That said, I assume this is bank dependent, but Chase's fraud department are some badass mother****ers. They caught the last three times my number was stolen before I even got a statement.
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Nov 20, 2016, 05:06 PM
 
Originally Posted by subego View Post
My understanding is there is no onus on a credit card holder to pay a fraudulent charge. This is whether the charge was made with a stolen number or a stolen card.
Exactly.

The cost of implementing a secure system would have been higher than eating the fraudulent charges. That's the reason why they didn't go "all the way".

-t
     
besson3c  (op)
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Nov 20, 2016, 06:10 PM
 
Originally Posted by subego View Post
Obviously you're out of luck if nobody catches it.

That said, I assume this is bank dependent, but Chase's fraud department are some badass mother****ers. They caught the last three times my number was stolen before I even got a statement.
The question is, are the costs of crunching through all of this data and detecting fraud patterns more cost effective than challenging customers by making them enter their PIN, thereby reducing some fraud relating to stolen cards?
     
besson3c  (op)
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Nov 20, 2016, 06:12 PM
 
Originally Posted by turtle777 View Post
Exactly.

The cost of implementing a secure system would have been higher than eating the fraudulent charges. That's the reason why they didn't go "all the way".

-t


Which is arguably unfair, because using the weaker technological option puts some consumers at risk.
     
P
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status: Offline
Reply With Quote
Nov 21, 2016, 05:40 AM
 
The point about requiring the PIN is that the merchant gets charged a different amount depending o whether the PIN is required or not. If the PIN is required, they are charged a lower percentage (or in practice, the processor hikes the fees if you don't require it). If the merchant decides to require that of its customers, those customers get a lower price in return. Market economy is a wonderful thing, and it will push everyone into using the PIN in a year or so.
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
     
Laminar
Posting Junkie
Join Date: Apr 2007
Location: Iowa, how long can this be? Does it really ruin the left column spacing?
Status: Offline
Reply With Quote
Nov 21, 2016, 10:25 AM
 
Everyone in Europe was annoyed with me when my card had a chip but no PIN so they had to print off a receipt so I could sign it.

Most places around here have converted to chip-compatible machines, but half of them don't support chips yet.
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Nov 21, 2016, 10:43 AM
 
And so far Walgreens is the only place I've found where the chip reading is accomplished in a timely manner.

At the opposite end of the spectrum, the readers at CVS are the absolute worst.

I also love how these things take for ****ing ever, and then beep at me like I'm the asshole.
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 07:35 PM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,