Re: Chip and PIN is Broken!
- From: unruh <unruh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 17 Feb 2010 02:04:07 GMT
On 2010-02-16, Jim Watt <jimwatt@xxxxxxxxxx> wrote:
On Sat, 13 Feb 2010 17:37:36 GMT, "nemo_outis" <abc@xxxxxxx> wrote:
Although you are right that it shifts responsibility to the
user rather than it being the job of the entity accepting the
card to verify a signature, in practice the signature verification
was often badly done as I found out using someone else's card
by mistake one day and signing with a totally different sig
nobody picked up on it.
If it was badly done, the persons who did it badly paid ( the mercant or
the bank.) If chip and pin is badly done, the user pays. Since it is the
merchant/bank that has the control, forcing the user to pay for their
incompetence seems a bit rich, and puts the rewards in entirely the
wrong place ( the bank gets rewarded for their own incompetence-- they
collect the fees etc, even if they screwed up).
Now in the event it was fraudulent of course its harder for the
bank to claim its the card owners fault. However even if th
bank pays the cost of fraud, that cost comes back to the cardholders
by way of charges.
Maybe, or maybe it comes out of theprofits. If card company A has
competition from B ( visa from mastercard, amex, diners,...) and if
visa's costs are way out of line they cannot pass it on, or they lose
all their customers. Now however, they screw up and they sue you.
I never understood why photoid on cards never took off. That
provides another security feature.
Sure, but it makes issuing and reissuing harder.
- Prev by Date: Re: Crypt ascii text in file
- Next by Date: Re: Recommendation for portable hard drive with hardware level encryption for backups
- Previous by thread: Re: Chip and PIN is Broken!
- Next by thread: Re: Chip and PIN is Broken!