Jump to content

Recommended Posts

Posted

I knew it was coming...but I saw a commercial the other day, and I can't believe they are actually doing it...

I'm not an RFID nut, but theoretically can't you record the signal that a chip gives off and have all the data needed to reproduce a point of sale transaction?.... what are they doing to secure this?  It's ridiculous...

Posted

They still need your autograph on the receipt, no?

Basically, they're shooting themselves in their own foot. Or am I missing something?

Posted
They still need your autograph on the receipt, no?

Basically, they're shooting themselves in their own foot. Or am I missing something?

The autograph on recipts mean nothing... I started signing in glyphs, symbols, and my own art work a couple months ago... no one says anything.

On one of my purchances I even wrote 'And its not even me' and the cashire dident say anything. 

There is no protection... this just means all a crook has to do is point a laser at your wallet insted of taking it.

Posted

It is really easy to setup a ultra mobile laptop in a briefcase with a RFID scanner mounted against the lid and set up the software to remember every single RFID broadcast it receives. Potentially you don't even have to use a full on laptop, you could use some thing like a PDA if you can get a RFID scanner that works with it.

Posted

They still need your autograph on the receipt, no?

The autograph on recipts mean nothing...

Did you bother to contest the charge on the card?

There was an article a while back about some guy who decided to start signing with 'Service sucks', vulgar artwork and worse as time went by. He claims he got all the purchases refunded (which basically means the place that sold the stuff to him gets the bill as they accepted the clearly invalid autograph.

Here it is: http://www.zug.com/pranks/credit/ and part 2 http://www.zug.com/pranks/credit_card/

A coworker of mine went to Turkey on holiday, and paid with credit card there in a number of locations. When he got back and saw his statement, he noticed an extra charge. He contested it and they refunded it because there was no signature on the receipt. I would expect them to not only check that there was an actual signature on the receipt, but also that it sort-of matches your own signature.

Posted
an intersting test would be to see if anyone accepts a receipt signed 'Don't not accept'

...which actually means 'accept', you would be asking them to not tell you they can't accept it.

Posted

You don't even need a signature.  There are coffee shops around here advertising the convenience of purchases "under $25" not needing to be signed.  Just pull into the drive though, flash the card... and bob's your uncle.

Not only do you not need a signature... but these devices are mounted OUTSIDE in the drive through...

If my bank were to send me one of these cards in the mail... they'll cease to be my bank, very quickly.

I'm with DarkBlueBox...  it's safer to post my PIN number in the paper.

Does anyone have any true insight into how actively card issuers monitor things?...  ie: how does the algorithm work?  I wonder if a transaction under $25 even hits the radar?

Posted

an intersting test would be to see if anyone accepts a receipt signed 'Don't not accept'

...which actually means 'accept', you would be asking them to not tell you they can't accept it.

yea yea yea, fixed 'Do Not Accept'
Posted
I wonder if a transaction under $25 even hits the radar?

I doubt it as this is one of the ways that a cracker or phisher will test or use a credit car by making these small payments. I think there was some talk about this on the Network Security podcast.... at least I think that is what I was listening to.

Posted
I wonder if a transaction under $25 even hits the radar?

I doubt it as this is one of the ways that a cracker or phisher will test or use a credit car by making these small payments. I think there was some talk about this on the Network Security podcast.... at least I think that is what I was listening to.

I'm going to go with no... http://www.mastercard.com/us/personal/en/a...rcards/paypass/

* Signature is not required for purchases under $25 at participating locations. PIN may be required for debit transactions

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...