Credit Card Fraud

[AnOther]

[quote user="Bugbear"]

Following on from Wills comments, the best advice from all this is

1.Always cover the hand that is tapping in your pin number with your other hand.

2. Never throw away slips from card transactions (shread or burn).

[/quote]My sympathies with the OP of course and Bugbear gives excellent advice.

Another way of obscuring the PIN is to touch many numbers but only actually press the 4 relevant ones, anyone watching, either by hidden camera or even physically, will not be able to decipher which 4 were actually pressed.

This has give me pause for thought and everyone's situation is different of course but in my own case when I finally get over there properly I think I will probably drip feed into my French bank from my UK A/C enough to cover the monthly essentials and then withdraw additional cash as required from ATM's with my Nationwide Debit Card. Any fraud will then be covered in UK.

[allanb]

[quote user="Ron Avery"]IMO,  the most likely source of card data being copied is still a restuarant or similar where the card is taken out of your sight for processing, that is why you should never let your card out of your sight.[/quote]Agreed.  I think the portable card machine, which allows the whole process to take place where you can see it, is a significant advance in card security.

 

However: something I didn't realize until quite recently is that although the credit card slip that you get from the restaurant (or whatever) shows only a few digits of your card number - and thus looks nice and "safe" - the other copy, the one that the restaurant keeps, shows the card number in full.

Not a problem, of course, as long as there is no such thing as a dishonest employee in any retail establishment.

[Jc]

Depends on type of machine used-not all do.

[Quillan]

[quote user="allanb"][quote user="Ron Avery"]IMO,  the most likely source of card data being copied is still a restuarant or similar where the card is taken out of your sight for processing, that is why you should never let your card out of your sight.[/quote]Agreed.  I think the portable card machine, which allows the whole process to take place where you can see it, is a significant advance in card security.
 
However: something I didn't realize until quite recently is that although the credit card slip that you get from the restaurant (or whatever) shows only a few digits of your card number - and thus looks nice and "safe" - the other copy, the one that the restaurant keeps, shows the card number in full.

Not a problem, of course, as long as there is no such thing as a dishonest employee in any retail establishment.
[/quote]

Funny enough when I had a contract as the largest credit card clearing house in the UK the biggest amount of fraud value per head was by merchants. The most common fraud was to give refunds to their family and friends via the machines then disappear. It may of changed now as that was 6 years ago.

[Spicy]

Quillan, my bank used to put photos on their cards (5-10 years ago) but for some reason they abandoned it. I have to agree it was a great idea and when my card expired I tried to get another one with a photo but they no longer did it. I even offered to pay to have it done but no luck.

(I tried quoting and it worked on preview but not when I posted - just got gibberish)

[Cat]

[quote user="Spicy"] (I tried quoting and it worked on preview but not when I posted - just got gibberish)[/quote]

Did you delete something from the quote, or type something within the quote Spicy?

[Gluestick]

The core reality to all of this is that the banks and credit card operators could have introduced various security systems yonks ago. They didn't on cost grounds.

Whilst they can get away with stiffing the consumer for the bank's losses (which just shows how much they are making from these areas!), they won't bother.

If the Financial Services Authority and the various toothless consumer and competition bodies brought the banks to task and made them liable every time, you would soon see a host of new security initiatives!

Same with internet and IT network security: the banks knew years ago that their systems were about as open as a Swiss cheese! They would not and still won't spend the capital.

By now, the web should have had the benefit of  PKI (Public Key Infrastructure) which predicates specific personal ID security based on pretty robust encryption standards such as Differ Hellman 250Kbit: which even the NSA using a bank of Cray Supercomputers has difficulty breaking.

And there's the rub: if encrypted comms are too secure, then the global security agencies are stuffed!

However, a compromise was reached some years ago:  now, the various commercial parties can't agree on one common standard. Don't hold your breath!

We use PGP 250K encryption for secure commercial exchange of sensitive data in my software company. cheap, quick and secure.

Cards with biometric data could and should have been rolled out years ago.

It's very hard to defeat DNA and iris recognition.

Even for the Russian Mafiya.

 

[Russethouse]

Just had a random thought - perhaps the OP could post this prob;lem/situation on the Money Saving Expert forum ? http://www.moneysavingexpert.com/

 

[fulcrum]

[quote user="Gluestick"]

By now, the web should have had the benefit of  PKI (Public Key Infrastructure) which predicates specific personal ID security based on pretty robust encryption standards such as Differ Hellman 250Kbit: which even the NSA using a bank of Cray Supercomputers has difficulty breaking.

[/quote]

I think we should all return to the days of Vernam stream cipher (1919). It's still unbreakable if used correctly, even by banks of cray computers [;-)]. Bit slow though.

[Spicy]

[quote user="Cat"]

[quote user="Spicy"] (I tried quoting and it worked on preview but not when I posted - just got gibberish)[/quote]

Did you delete something from the quote, or type something within the quote Spicy?

[/quote] Yes Cat, I tried to quote just a paragraph not all of it. Maybe it'll work this time as i've quoted it all.

[Spicy]

No doesn't work for me. It may be that I'm using Safari.

[Gluestick]

[quote user="fulcrum"][quote user="Gluestick"]

By now, the web should have had the benefit of  PKI (Public Key Infrastructure) which predicates specific personal ID security based on pretty robust encryption standards such as Differ Hellman 250Kbit: which even the NSA using a bank of Cray Supercomputers has difficulty breaking.

[/quote]

I think we should all return to the days of Vernam stream cipher (1919). It's still unbreakable if used correctly, even by banks of cray computers [;-)]. Bit slow though.
[/quote]

Loads of 'em around, Fulcrum. Like this: http://www.freepatentsonline.com/4168396.html

Trouble is it requires a dedicated microprocessor.

The beauty of PGP (Pretty Good Privacy) is it's cheap, cross-platform and the user publishes their Public Key (emails, website, letterhead etc) and creates their unique Private Key and thereafter it's all plain sailing.

Anyone wants it for free?

http://www.pgpi.org/products/pgp/versions/freeware/winxp/8.0/

 

[Dick Smith]

[quote user="Spicy"]No doesn't work for me. It may be that I'm using Safari.[/quote] Quote using Safari

[Dick Smith]

[quote user="Spicy"]No doesn't work for me. It may be that I'm using Safari.[/quote]

Quote using Firefox

[David]

    From a Retired Police Officer.  The norm is that the fraudsters place a dummy card slot over the existing one and place a thin strip above sticking it to the underside of the display, which contains a camera attached to a transmitter. This then ' sees' you putting your pin number in and transmits it to a mobile phone. Usually, the fraudsters are close by and will then remove the dummy once you have gone. usually you don't get any money. The fraudsters then make a clone and suck you dry.

Alternatively, whilst at the machine, you are watched by a very tall person who sees your pin number being entered, you are then distracted by someone else saying there is money on the floor, say a £10 note, whilst you look down another whips your card out, scans it, and then hands it to you saying something of the order ' you left your card in the machine'. This is a very slick way of defrauding you and needs at least 4 people.

My best suggestion, which I adhere to, is try and take the machine apart before inserting your card. Also feel under the rim for attachments that can be pulled off. If nothing comes away in yours hands then tha machine wont be doctored. Also make sure that you know who is about. If you seem to be crowded by several people, usually one a women, then walk away. I'm afraid that the usual perperators of these scams are of  Eastern European extraction so should stand out depending on where you are.  These are the only persons that have come to my notice in my last 10 years of Policing so I am not being racially discriminating either.

THINK AND LOOK  BEFORE YOU  USE AN ATM

Dave Lovell

[Spicy]

Thank you Dick. I'll have to download a copy of Firefox (I just like Safari).

[Cassis]

This browser issue is really odd - maybe something to do with the way brackets are rendered in the different browsers, perhaps? 

< > versus [ ] ? 

Internet Explorer 7 had the same problems until the forum software was altered in some way by James.

[Dick Smith]

I think it's something to do with the Java implementation in the forum software.

[Quillan]

[quote user="Spicy"][quote user="Cat"]

[quote user="Spicy"] (I tried quoting and it worked on preview but not when I posted - just got gibberish)[/quote]

Did you delete something from the quote, or type something within the quote Spicy?

[/quote] Yes Cat, I tried to quote just a paragraph not all of it. Maybe it'll work this time as i've quoted it all.[/quote]

It must be a problem with the browser. all I did was hit the edit bitton and then save it. I didn't do any actual edit. Hoddy gets the same problem when she uses cut and paste.