[ale] OT security not at QT gas pump

Michael H. Warfield mhw at WittsEnd.com
Sat Jul 27 21:17:37 EDT 2013


On Sat, 2013-07-27 at 19:01 -0400, Andy Borgmann wrote:
> What EMV card do you have? I didn't think there were any here except
> the chase card for British Airways. I debated getting it for travel to
> Europe but decided against it (can't remember why now)

They've been available for some time from different banks and suppliers
but you have to ask for them and then they are their "Premium" cards.
Chase wanted to charge me $90 per year (and I lost all the cash back
bonuses) for one.  I had one years ago from American Express, but they
discontinued it years ago, and one from a Visa bank that I think was
picked up by Chase a long while back.  I know the Visa card I had worked
overseas because I used it in a reader.  I've still got the American
Express USB reader I got from them (a older, rebranded, Gemalto reader -
not supported under Linux) that they were pushing for on-line
transactions.

Regards,
Mike

> On Saturday, July 27, 2013, JD wrote:
>         By the end of 2014, in theory, EMV (chip-n-pin) cards
>         https://en.wikipedia.org/wiki/EMV will be required across the
>         USA.  That means a
>         PIN will be necessary for all transactions. Where I've seen
>         them used overseas,
>         the transaction machine is brought to you to insert and enter
>         the PIN - your
>         card never leaves your possession.
>         
>         EMV has security and fraud issues too. Nothing is perfect.
>          The main concern for
>         users is when the PIN is entered, it is assumed that you
>         agreed to the
>         transaction - little hope of claiming fraud. Some contracts
>         include that clause.
>         EMV has been used to shift liability to the consumer in some
>         countries.  I
>         haven't seen this clause added to my EMV card here.
>         
>         On 07/27/2013 05:48 PM, Mike Harrison wrote:
>         > On Sat, 27 Jul 2013, Ron Frazier (ALE) wrote:
>         >> Had to share this with you.  I go to the QT gas pump.  I
>         swipe the debit
>         >> card.  The screen says enter your pin number or press no.
>          So, just like I
>         >> would if I was a thief, I press no.  The pump asks me to
>         select my fuel grade,
>         >> which I do.  Then I proceed to fill my tank.  Great
>         security.
>         >
>         > On many better systems, you get prompted for a zip code,
>         > as others have said.
>         >
>         > Option B: "credit card" rather than "debit card" mode, means
>         the merchant pays a
>         > higher percentage fee for the less secured mode, both in
>         terms of the card
>         > transaction and your ability to deny the charge (charge
>         back) later. Other logic
>         > at play may be a limit ($50 or $75) on that swipe only
>         transaction, limiting
>         > their exposure. I've had pumps when travelling that limited
>         me to a $50 charge
>         > as a credit card, but no limit in debit mode.
>         > You notice it when towing a trailer.
>         >
>         > What you also may have run into, but probably not notice, is
>         pumps and
>         > associated systems with camera's. When you swipe the card,
>         they snap a shot of
>         > you and your car. The really good ones have camera's mounted
>         at angles that can
>         > snag you/car and license plate and record a still as part of
>         the transaction,
>         > saved for as long as they have hard drive space. You'll
>         notice the ones at big
>         > truck stops with the monitors mounted near the cashiers, but
>         many of them are
>         > not so noticable.
>         >
>         > What really keeps ancient credit card technology secure is
>         that -most- people
>         > are honest, and most dishonest people aren't that bright.
>         What keeps me (and the
>         > world) paranoid is the few times I've bumped into brilliant
>         bad people. They are
>         > out there.
>         >
>         _______________________________________________
>         Ale mailing list
>         Ale at ale.org
>         http://mail.ale.org/mailman/listinfo/ale
>         See JOBS, ANNOUNCE and SCHOOLS lists at
>         http://mail.ale.org/mailman/listinfo
> 
> 
> -- 
> 
> 
> --
> Andy Borgmann
> 
> E-mail: andy at borgmann.me                  
> Cell Phone: (404) 492-6527                    
> Personal Website: http://andy.borgmann.me/
> 
> "Preach the Word; be prepared in season and out of season; correct, 
> rebuke and encourage - with great patience and careful instruction." -
> 2Timothy 4:2
> 
> 
> -- 
> This message has been scanned for viruses and 
> dangerous content by MailScanner, and is 
> believed to be clean. 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://mail.ale.org/pipermail/ale/attachments/20130727/bbb753ec/attachment.sig>


More information about the Ale mailing list