CVV (was: Re: bloomberg on supermicro: sky is falling)

• Previous message (by thread): CVV (was: Re: bloomberg on supermicro: sky is falling)
• Next message (by thread): CVV
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Once upon a time, Scott Christopher <sc at ottie.org> said:
> Swipe-and-sign (and now just swipe for small amounts) is for Visa, Mastercard, Discover transactions (called credit)

Signatures are no longer required for chip card transactions in the US,
except I think for transactions where the auth is done on the amount
before an added tip (restaurants).

> Skimming and card fraud is actually uncommon in the U.S. these days, and the police are very effective at combating it. It's just cheaper for the industry to eat fraud losses than to "upgrade" systems. The transition to chip-based cards was a debacle.

Skimming is still highly active at gas pumps, where chip support was
pushed off (current requirement I believe is late 2020, but may be
delayed again).

The skimmers get more creative all the time; they're getting inside
pumps (possibly with help of low-paid station attendants, but also
because of poor physical security) and installing the skimmer hardware
out of sight.  The hardware has Bluetooth, so the bad guys just pull up
and get gas and someone in the car can retrieve the data (from multiple
pumps even).

-- 
Chris Adams <cma at cmadams.net>

• Previous message (by thread): CVV (was: Re: bloomberg on supermicro: sky is falling)
• Next message (by thread): CVV
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]