EMV in the US will be chip+signature and EMVCo (Apple Pay, etc.) is a totally separate transaction type.Beowulf wrote:"We show that the card was used with a PIN. Obviously you were the one to use it, so we're denying that the card was stolen. Pay up."
Obama's credit card declined
Moderator: Edi
Re: Obama's credit card declined
Re: Obama's credit card declined
Skimmers don't work with chips. You do in fact, have to have the actual card to use it, but you don't need the PIN. The current effective attack fakes the chip into thinking it doesn't need the PIN, but it's fine for signature, and the POS system into thinking a valid PIN was entered. This is not a theoretical attack. There are signs that it's been in the wild. It works because EMV was not developed by competent cryptographers, and so a man in the middle attack can be done. It remains to be seen whether the next version of the protocol fixes it.Borgholio wrote:You can fight that by claiming your card was skimmed. It's easier if they don't manage to get your PIN number of course but skimming does happen."We show that the card was used with a PIN. Obviously you were the one to use it, so we're denying that the card was stolen. Pay up."
http://www.cl.cam.ac.uk/~sjm217/papers/ ... ndskim.pdf details one of the attacks.
I know... I've got a EMV card already. It's chip+sig with chip+PIN fallback for automated purchases (train tickets, vending machines, etc).phongn wrote:EMV in the US will be chip+signature and EMVCo (Apple Pay, etc.) is a totally separate transaction type.
"preemptive killing of cops might not be such a bad idea from a personal saftey[sic] standpoint..." --Keevan Colton
"There's a word for bias you can't see: Yours." -- William Saletan
"There's a word for bias you can't see: Yours." -- William Saletan
Re: Obama's credit card declined
Do they verify the signature at all or just assume whatever chicken scratch you use is legit?
This is the price of war,
We rise with noble intentions,
And we risk all that is pure..." - Angela & Jeff van Dyck, Forever (Rome: Total War)
"On and on, through the years,
The war continues on..." - Angela & Jeff van Dyck, We Are All One (Medieval 2: Total War)
"Courage is not the absence of fear, but rather the judgment that something else is more important than fear." - Ambrose Redmoon
"You either die a hero, or you live long enough to see yourself become the villain." - Harvey Dent, The Dark Knight
Re: Obama's credit card declined
Chicken scratch is sufficient. Honestly, a straight up "X" would be more legible than my normal signature.RogueIce wrote:Do they verify the signature at all or just assume whatever chicken scratch you use is legit?
You will be assimilated...bunghole!
Re: Obama's credit card declined
Yeah, I'd be pretty screwed at my job if the signature had to actually match what the shithouse drunk guy in the back seat is scribbling on the receipt. I'm lucky if they even get it on the receipt on the first try, half the time; my clipboard is covered in signatures.
"Do I really look like a guy with a plan? Y'know what I am? I'm a dog chasing cars. I wouldn't know what to do with one if I caught it! Y'know, I just do things..." --The Joker