Cashiers rarely even see my card up close since I just swipe it through the machine and put it away. Once in a while they ask to see it so they can punch in the numbers (presumably as some kind of security check) but they never care about whether I've signed it.
Reading this thread one can see why there has been some issues with card security in the USA. Chip N PIN tech not fully imbedded Failure to check to see if signatures match Checking signatures is taking payment 101. It shouldn't matter what the amount is. You might not think it's worth it but if criminals learn that such and such a place always checks signatures they might be less likely to target those stores. Sure no means of payment is 100% secure but you can take steps to minimise loss or potential loss. It's like checking notes to see if the are genuine and not a forgery.
Some cursory googling implies that the Chip and PIN thing in the UK is a handy way to shift liability onto the consumer, someone cracks your PIN, it's your fault... tough shit. Whereas in the US we actually have decent consumer protection laws on that front. I do wonder who the hell has to eat all the fraudulent charges in the end here in the US. I get the feeling for the most part it is the credit card company, but I don't have much to back that up. I just know it doesn't end up on me, maybe the merchant gets charged back? I assume that's not really the case or else yes you'd think they'd spend more effort checking IDs and signatures would actually be a thing here. I don't even sign my credit card. Last one I signed, after a few months of rubbing against the inside of my wallet, was smudged into nothingness anyway, and nobody ever checks it. My bro writes "CHECK ID" in his signature spot. Nobody checks his ID. I can only surmise that credit card companies are losing less money to fraud than it would cost to improve security, so they don't bother. The only thing that doesn't really work for me in our lax, easy-to-scam system, is that once or twice a year I'll either get a call asking me to confirm some transactions as real, or an online transaction will just straight up get blocked because a bank's behavior algorithm flagged me. That can be sort of annoying, missed out on some GOG.com flash sales because the almighty algorithm wasn't keen on me doing multiple online transactions to Europe.
Chip/PIN cards can't be hacked, because the chip generates a one-time code for each transaction. So even if hackers get ahold of your PIN, they can't do anything with it.
I'll also add that, if someone learns of your pin and uses your card, it's your obligation to check your bank account. If you don't catch it timely, it is still your fault.
Can't be hacked and haven't been hacked are two separate things. And some more cursory googling implies that Chip and PIN implementations have been vulnerable to some pretty rudimentary attacks. But it's not like someone can't steal your card altogether, which is what I was picturing in the first place. Some more reading on the chip and PIN scheme says that it shifts liability onto the merchant, not the consumer, so I got that part wrong anyway. Still, I don't see much benefit to me, the end user, coming from an upgrade, especially if most of my annoyances with credit cards involve online purchases that don't read a chip anyway.
http://www.nbcnews.com/id/49020916/...chip-and-pin-cash-card-security/#.VBq-4PldUm8 http://www.cl.cam.ac.uk/~sjm217/papers/oakland14chipandskim.pdf Surely better than standard magnetic strip cards from a raw security perspective, but not necessarily great or hack-proof.
given the tens of millions of cards in use in the UK, the odds of someone stealing your card AND having the technical skills to crack the PIN are next to zero - as opposed to just needing the skills to steal your card and forge your signature.
Well no system is 100% secure, it comes down to which is the more secure system and which system is easier to abuse. Sure criminals will target ATM'with a card reader in order to try and get your card details. But you can take steps against that by checking the machine before inserting your card.
Yes but the point is - Not simply the breach itself but with tens of millions of cards in existence, the chances of YOU as an individual rather than the population itself being the victim are tiny far less than with a signature system.
After reading Bruce Schneier's paper on EMV vulnerabilities, I am far less sold on them than I was before. As Yoda said, it's an improvement, but when banks think they're completely foolproof and thus refuse to refund customers who report fraud, it's a net loser for customers. I've had (non-EMV) credit cards compromised on multiple occasions thanks to lax POS security (thanks, Target!) and, presumably, online vendors who are careless with their systems. I'd really hate to be responsible for those kinds of charges. I will say that it's pretty fucked up that EMV vendors are so lazy as to not take even basic cryptographical safeguards when implementing their systems. Unbelievable. They should be held criminally liable for that kind of negligence.
More and more places will take a check, but it doesn't need to be filled out. The cashier will take the check, put it into a check reader on the register. The reader will read the MICR and process the check electronically. It doesn't need to be filled out or even signed, it's processed as an electronic payment.
Hmm, just had a flashback to a time when I had checks with the TOS Enterprise on them. I don't think TNG was around yet.
I kept my last book of those, as well as the TNG Enterprise ones. They're somewhere around here still.