D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] OT: Money fraud

 
On Fri, 12 Feb 2010, Henry Bremridge wrote:


Saw an article this morning about how chip and PIN security on debit /
credit cards can be bypassed

http://resources.zdnet.co.uk/articles/0,1000001991,40022669,00.htm


Big story on /. too.


In case it happens to anyone, the regulations are now clear

Quote from FSA http://bit.ly/cf4kDu

Full link

        
http://www.moneymadeclear.fsa.gov.uk/news/product/payment_services_regulations.html

        Unauthorised transactions ÿÿ if you think a transaction on your
        account was not authorised by you, the bank or building society will
        need to prove either that you authorised it, or that you either
        deliberately or carelessly allowed someone else to get hold of your
        password or PIN.  Just because your PIN was used will not
        necessarily be enough to prove that this is the case. Unless the
        bank or building society can prove this, it will have to refund your
        account immediately. If it can show that it needs to investigate the
        claim, then that investigation must be done quickly (within a few
        days).

End Quote

I believe this means that the financial institution needs to show that
you were careless. Not you prove you were not.
Somehow, I still don't trust them... Having been the potential victim of a card fraud 6-months back, on a card that has no magstrip and no raised lettering - ie. a chip & pin card only... I say potential as the bank concerend actually did the right thing by blocking the transaction and phoning me, however if they hadn't been on the ball, who knows...
And how did the perps get the card details? Well, 6 months before that, I used that card in-person in one location - a hotel in London, and that's the only time I'd ever used that card. (It's on our joint account and wifey nornally does all the online stuff with her card which has a different number) I suspect it was scanned/photographed under the counter. The perps didn't have the pin but tried to force a CNP transaction to an online gambling site. The bank wasn't that interested in catching them, and I was less interested in trying to chase this up with the police, knowing they'll just bounce me back to the bank. +1 for Halifax. This time. 

Gordon
-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html