User Controls

Chip And Pin Bypassed

  1. #1
    SBTlauien African Astronaut
    So as you all know, I have this retail gig that I've been at for about six months now. This allows me to look at people's driver's licenses, checks, credit cards, even hear customer's SSN occasionally.

    A few months back the store changed out all of the card readers so that they can read the new chip cards. Basically, if someone tries to swipe a card, it may ask for them to insert their card so the chip can be read. Apparently, this seems to be based on the issuer, and according to customers, is random(but they could be full of shit).

    I had a customer attempt to pay for about $15 worth of items using his chip card. The register read "CARD ERROR". So the customer said, "I'll try to swipe it instead." After swiping it, it said "PLEASE INSERT CARD". I asked a manager what I should do, and he said to just type in the card info. So I went through the process, which had me type in the card number, expiration date, and the 3 digit security code on the back of the card, and it went through.

    So basically, if you have the card's number, expiration date, and three digit security code, you could just print out a card with a damaged chip, and spend away.
  2. #2
    Sophie Pedophile Tech Support
    Noice, very noice.
  3. #3
    I have thought about it here in the UK too, the cards rip quite easily where the chip is and sometimes don't slide in ok, but I have never paid for something swiping like ever, so I don't want to try it and fuck it up and look a right cunt.

    But OP some places won't allow that, I have seen in some shops the chip was dirty and they refused purchase ('go to the bank, get cash and come back')
  4. #4
    I
  5. #5
    I wanna get some track data and give it a go
  6. #6
    SBTlauien African Astronaut
    But OP some places won't allow that, I have seen in some shops the chip was dirty and they refused purchase ('go to the bank, get cash and come back')

    Maybe that's how it'll end up here...

    Another thing, is that the purchase was small. So maybe a large purchase would have been rejected. Most of the reactions the machines have to cards regard the issuer and their standard of procedures. The store/company doesn't actually have much do do with it.
  7. #7
    Over here sometimes the full amount is not taken until a later day.

    Example Petrol/gas stations - you put in your card type in the pin and top up.

    When you check your online bank it says only £1 pending the full amount gets taken a few days later even if you have no cash in the account
  8. #8
    Merlin Houston
    A few months back the store changed out all of the card readers so that they can read the new chip cards. Basically, if someone tries to swipe a card, it may ask for them to insert their card so the chip can be read. Apparently, this seems to be based on the issuer, and according to customers, is random(but they could be full of shit).
    I just got one and it made it seem like if there was a chip reader I would have to swipe it AND put it into the reader. I fail to see how this will really help anything. Doesn't most fraud involve buying things on the internet? (inb4 every computer comes with a closed source chip reader required to make any purchases).
  9. #9
    SBTlauien African Astronaut
    From what I've read, it that each time you use the chip, a number is generated based on an algorithm that the banks hold, and this number is held for the next transaction. So if someone skims your card data when you use the card and then later sells it, if you used your card since it was skimmed, that number will have changed and the buyer of the data won't be able to successfully purchase goods.

    I'm not 100% clear on how it all works though. Is this number put back onto the card itself each time a transaction is made?
  10. #10
    SBTlauien African Astronaut
    Doesn't most fraud involve buying things on the internet? (inb4 every computer comes with a closed source chip reader required to make any purchases).


    No, the chip is to stop people from actually using cards in stores. I read that they expect online card fraud and bank fraud to rise due to the chip.
  11. #11
    I just got one and it made it seem like if there was a chip reader I would have to swipe it AND put it into the reader. I fail to see how this will really help anything. Doesn't most fraud involve buying things on the internet? (inb4 every computer comes with a closed source chip reader required to make any purchases).

    3D Secure for online is like the chip and pin in real time
Jump to Top