[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Fri, 12 Feb 2010, Henry Bremridge wrote:
Saw an article this morning about how chip and PIN security on debit / credit cards can be bypassed http://resources.zdnet.co.uk/articles/0,1000001991,40022669,00.htm
Big story on /. too.
In case it happens to anyone, the regulations are now clear Quote from FSA http://bit.ly/cf4kDu Full link http://www.moneymadeclear.fsa.gov.uk/news/product/payment_services_regulations.html Unauthorised transactions ÿÿ if you think a transaction on your account was not authorised by you, the bank or building society will need to prove either that you authorised it, or that you either deliberately or carelessly allowed someone else to get hold of your password or PIN. Just because your PIN was used will not necessarily be enough to prove that this is the case. Unless the bank or building society can prove this, it will have to refund your account immediately. If it can show that it needs to investigate the claim, then that investigation must be done quickly (within a few days). End Quote I believe this means that the financial institution needs to show that you were careless. Not you prove you were not.
Somehow, I still don't trust them... Having been the potential victim of a card fraud 6-months back, on a card that has no magstrip and no raised lettering - ie. a chip & pin card only... I say potential as the bank concerend actually did the right thing by blocking the transaction and phoning me, however if they hadn't been on the ball, who knows...
And how did the perps get the card details? Well, 6 months before that, I used that card in-person in one location - a hotel in London, and that's the only time I'd ever used that card. (It's on our joint account and wifey nornally does all the online stuff with her card which has a different number) I suspect it was scanned/photographed under the counter. The perps didn't have the pin but tried to force a CNP transaction to an online gambling site. The bank wasn't that interested in catching them, and I was less interested in trying to chase this up with the police, knowing they'll just bounce me back to the bank. +1 for Halifax. This time.
Gordon
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html