[ale] OT security not at QT gas pump

JD jdp at algoloma.com
Sat Jul 27 18:24:41 EDT 2013


By the end of 2014, in theory, EMV (chip-n-pin) cards
https://en.wikipedia.org/wiki/EMV will be required across the USA.  That means a
PIN will be necessary for all transactions. Where I've seen them used overseas,
the transaction machine is brought to you to insert and enter the PIN - your
card never leaves your possession.

EMV has security and fraud issues too. Nothing is perfect.  The main concern for
users is when the PIN is entered, it is assumed that you agreed to the
transaction - little hope of claiming fraud. Some contracts include that clause.
EMV has been used to shift liability to the consumer in some countries.  I
haven't seen this clause added to my EMV card here.

On 07/27/2013 05:48 PM, Mike Harrison wrote:
> On Sat, 27 Jul 2013, Ron Frazier (ALE) wrote:
>> Had to share this with you.  I go to the QT gas pump.  I swipe the debit
>> card.  The screen says enter your pin number or press no.  So, just like I
>> would if I was a thief, I press no.  The pump asks me to select my fuel grade,
>> which I do.  Then I proceed to fill my tank.  Great security.
> 
> On many better systems, you get prompted for a zip code,
> as others have said.
> 
> Option B: "credit card" rather than "debit card" mode, means the merchant pays a
> higher percentage fee for the less secured mode, both in terms of the card
> transaction and your ability to deny the charge (charge back) later. Other logic
> at play may be a limit ($50 or $75) on that swipe only transaction, limiting
> their exposure. I've had pumps when travelling that limited me to a $50 charge
> as a credit card, but no limit in debit mode.
> You notice it when towing a trailer.
> 
> What you also may have run into, but probably not notice, is pumps and
> associated systems with camera's. When you swipe the card, they snap a shot of
> you and your car. The really good ones have camera's mounted at angles that can
> snag you/car and license plate and record a still as part of the transaction,
> saved for as long as they have hard drive space. You'll notice the ones at big
> truck stops with the monitors mounted near the cashiers, but many of them are
> not so noticable.
> 
> What really keeps ancient credit card technology secure is that -most- people
> are honest, and most dishonest people aren't that bright. What keeps me (and the
> world) paranoid is the few times I've bumped into brilliant bad people. They are
> out there.
> 


More information about the Ale mailing list