General Question

elbanditoroso's avatar

Chip cards have been out for almost a year. Does it make any sense how they're being handled?

Asked by elbanditoroso (33543points) February 7th, 2016

My credit card company sent out replacement cards about a year ago with the new chips that are supposed to make things more secure. I think that the card regulations were supposed to go into effect last fall.

Here’s what I have experienced so far:

1) CVS – takes the chip card, asks for a signature. No PIN. Takes longer than sliding the card used to take.

2) Target red card – takes the chip card, PIN required. No signature.

3) Trader Joe’s – takes the chip, asks for signature.

NOWHERE ELSE – every other place I use a credit card – restaurants, gas stations, grocery, clothing, whatever…. I use the ‘slider’ that reads the magnetic stripe. No difference from previous years.

So what’s the deal? Why did the banks do all this if nothing has changed? If three companies in the US are actually using the chip readers, then what was the point?

What’s your experience?

Observing members: 0 Composing members: 0

36 Answers

LuckyGuy's avatar

They are actually more secure. The numbers change after every use. That prevents some nefarious person from copying the numbers and reusing. They are being phased in slowly. “Eventually” we will be as secure as the rest of the world.

Just like the Metric system.

ragingloli's avatar

I only use my debit card at the atm. I always pay cash.

stanleybmanly's avatar

I almost never use either debit or credit cards for over the counter retail purchases. But I haven’t noticed any changes in behavior on the part of merchants except for the 2 occasions over the holidays when I found myself forced to pickup the check at a couple of upscale restaurants and was surprised that I wasn’t asked to sign anything. Is this common now?

Cruiser's avatar

@LuckyGuy Nailed it. The cards are infinitely more secure and I cringe every time I have to use the old slider because the merchant has not complied with the new CC regulations.

Tropical_Willie's avatar

@elbanditoroso

1) CVS – takes the chip card, asks for a signature. No PIN. Takes longer than sliding the card used to take.
Signature is for Credit Card no pin required. Time is require for chip to talk to bank and receive a new number for chip to use the next time

2) Target red card – takes the chip card, PIN required. No signature.
Pin is for Debit Card only. Chip and PIN is used only overseas not in USA

3) Trader Joe’s – takes the chip, asks for signature.
Signature is for Credit Card no pin required.

JLeslie's avatar

I think this is standard procedure for new technology. I think the point is to give companies time to absorb the cost of the changes. That’s my guess anyway. What that means is some companies are on board faster than others. Think beta>VHS>DVD. Or, when HD TV finally arrived in America.

I heard with the chip they can get your information through your wallet if they have the right equipment. Supposedly, aluminum foil easily blocks it. I also heard having multiple cards in your wallet confuses the readers the scammers use. I don’t know if that’s all true, or just tales I’ve heard.

jerv's avatar

My experience is that much of the US is behind the rest of the industrialized world except for those forms of technology that we can use to watch porn or that allow us to be lazier. Aside from that, we range between 10 years behind (internet and cellphone infrastructure) to >1,000 years behind in social areas like tolerance. What makes you think a society that won’t accept non-white, non-males as equals and favors medieval feudalism will do anything to move into the 21st century when many are stuck in the 11th? So it really doesn’t surprise me that the US is dragging it’s feet on doing what other places have done for years.

Most places I’ve seen either lack chip-readers or they don’t have theirs up and running. None of my cards have RFID chips, though for a fee, I could get an Enhanced Drivers License. No real need to though since it wouldn’t do much good until the rest of the world adopts something two generations advanced from current RFID technology; by that time, we might fully adopt the systems that have been used overseas for a long time.

@JLeslie Not companies; countries. And no, aluminum foil doesn’t block it, though it does reduce range considerably. I haven’t heard about the multiple card thing, but I doubt it; to my mind, the only way that would work would be if it were impossible to tune a radio or send multiple data streams through a single wire.

JLeslie's avatar

@jerv Some countries are behind others in rolling it out (similar to HDTV we were way behind Japan for instance) but also some companies are slower to change all their credit card machines than others.

ibstubro's avatar

My local Walmart updated to Chip without updating the hardware, so there is a little slot hiding down under the swiper that you have to find and get your card into. Then it takes 3–4 times as long as swiping.

Lowes has gone to swipe, recently.

None of the machines seem to be truly chip-friendly, in that there is a clearly labeled and easily accessible slot to put the card into. I have yet to sign up for a PIN, or be asked for one, anyplace. I don’t even know what the PIN refers too, actually – each store or one per card.

What a typical, stupid, half-assed way of doing something. Assuring that as many people will be confused and resist the change as possible.
Is this another government program, like the incandescent bulb fiasco?
I suppose we’ll have to have a major security breech, much hand-wringing and overwrought speechifying before we can insert instead of swipe. Metric déjà vu all over again.

Tropical_Willie's avatar

@ibstubro Yup, same as metric, the rest of the world is using it BUT not USA.

The chip came from Europe for increased security of account holders it is not a conspiracy. It is only confusing because the banks and card issuers in USA did not want to use a PIN (PERSONAL IDENTIFICATION NUMBER) like Europe. Any yahoo can fake your signature at the Walmart but only you would have the PIN. At Harrod’s in London you put your card in the slot and key your PIN, wrong PIN no purchase.

ibstubro's avatar

@Tropical_Willie is the PIN singular to the store, or to the card? The card, I’m guessing? Otherwise I knew all about the US PIN dust-up. The major card issuers claim it’s for continuity for their customers. There’s got to be more to it than that.

As a side note, I think Walmart is up to $100, no signature, only a swipe. Use the chip, and it takes 4 times as long.
The US is all over the board.
Walmart? $100, no signature.
Walgreen’s? $50, no sign.
Goodwill? Not only do you have to sign if you use your credit card, but you have to show photo ID, first.

ragingloli's avatar

The pin is specific to the card.
For online purchases and online banking there is also the TAN, which is unique to each transaction.

Tropical_Willie's avatar

@ibstubro Walmart, Walgreen’s and Goodwill differences are corporate decisions not card issuer.
Goodwill and several other stores in my town have signs that say, “Do to the high incidences of credit card fraud and theft a photo ID are required”.

Pachy's avatar

Major tchnology transitions are always bumpy. A few years from now nobody will remember swiping.

jerv's avatar

@JLeslie True, but the US seems to be even slower. There is a reason the metric system has been brought up multiple times in this thread.

ibstubro's avatar

Thanks, @ragingloli. That’s what I thought.

I know the differences are corporate, @Tropical_Willie. From the OP above, PIN’s are being issued, not universally used. Who’s decision is it to go to chips, if not corporate?

@JLeslie and @jerv I suspect that old fashioned corporate greed are responsible for the slow PIN roll-out in the the US. Companies simply aren’t willing to pay to replace things that A.) aren’t broken and B.) don’t appreciably increase the bottom line.

How was it that Europe went full-bore to chip? Who made the decision?
“The chip came from Europe…” but how did Europe get it?

Tropical_Willie's avatar

The chips were added by numerous banks and card issuers in Europe, it has nothing to do with corporate Walmart, Walgreens….

“I know the differences are corporate, @Tropical_Willie. From the OP above, PIN’s are being issued, not universally used. Who’s decision is it to go to chips, if not corporate?” The BANKS are one group and Corporate is the retailers. The Banks were the deciding group for IN’s on chip cards”
PIN’s are used on chip cards in Europe not on chip cards in USA.

The cards are issued by banks and financial institutions, the security of the cards with chip is several times as security as swipe cards

“How was it that Europe went full-bore to chip? Who made the decision?”
The banks in Europe, the financial institutes in the USA figured the consumer in the USA couldn’t handle it.

dappled_leaves's avatar

We’ve had them for several years here… as I recall, it took a loooong time for retailers to become fully accustomed to them. It was definitely over a year before we started to see consistency in how they’re handled. They’re basically everywhere now, with a PIN required, never a signature. I find it faster than any method to date.

I’m not convinced that they’re particularly more secure, but that’s not really in my power to control, so I tend not to dwell on it. There were reports within months of their implementation of people using “card readers” to get people’s card numbers and PINs, but probably at a difficulty level that deters the less determined thieves. I assume credit card fraud will always be with us to some extent.

ibstubro's avatar

Was it a mass implementation, @dappled_leaves, mandated by someone? All retailers going to chip at the same time? (Who?)

Or was the rollout more-or-less haphazard like’s happening in the US?

LuckyGuy's avatar

@ragingloli You mentioned you use a TAN which is unique to each transaction when you make an online purchase. How/when is that generated?

Since we are still in the stone age here, when I make an online purchase I use a Shopsafe number generated by my bank. It looks like a credit card with an normal expiration date but the credit limit is usually set to 1 cent over the purchase amount. The service is free. I am not charged the $0.01. To save time I make up some shopsafe card numbers ahead of time and put a credit limit of $100. If I do not use them they simply expire and I am not charged. Bank of America offers this service.

Jaxk's avatar

The roll out is determined by the banks and credit card issuers. Fraudulent charges are are the responsibility of the of the credit card issuers but if not upgraded to the chip the responsibility for fraudulent charges reverts to the merchant. That’s how they are forcing this upgrade. We just went through an upgrade a couple of years ago to incorporate triple Des encription. It would have reasonable to do it at the same time but that’s not how we work here. One upgrade after another. The upgrade isn’t cheap in either cash or manpower so merchants such as myself are delaying implementation as long as possible. The longer we can delay, the more choices we have and the cheaper the upgrade becomes. The dealine for me was originally Oct of 2015 but it was delayed because there are simply not enough POS terminals available nor enough technicians to install them. New hardware, new software, and hopefully no glitches (what are the odds).

ibstubro's avatar

I knew there was a deadline, but I didn’t know it was extended, @Jaxk.
I wondered why so many major retailers had failed to upgrade when they were risking liability for fraud.
When’s the new deadline?

Jaxk's avatar

@ibstubro – I have until the end of this year. I’m not sure if that is a national deadline or simply the deadline established by my credit card processor. Every time one of these upgrades occurs the scheduling gets very difficult as vendors ramp up the hardware production and the repair shops are stretched to do the installations. As a retailer, the longer I wait, the more vendors get their hardware qualified and the prices begin to drop. Waiting until the last minute to upgrade becomes financially prudent.

JLeslie's avatar

@Jaxk You have to pay for the new machines, is that right? Or, does your merchant service provide it?

ibstubro's avatar

Yes, I can see how waiting until the last minute is a good plan, @Jaxk.

If my local Walmart is any indication, the market should eventually be flooded readers that are chip-capable, but not friendly.
They’d work just fine for you…it’s really the mounting that’s a problem.

Jaxk's avatar

@JLeslie – Yeah, I have to pay for it. I trying to negotiate with my gas company to get them to pay in conjunction with my contract renewal but I don’t yet know how much luck I’ll have. Even if I’m successful I still pay for it but over time. The gas company pays the upfront costs

@ibstubro – Actually it is a little more complicated than that. The terminals must be compatible with my POS system, I need to upgrade the POS system to be compatible with the new card readers, and I will be out of business for at least a full day to make it happen. The mounting problem is only on the pumps and that makes them very expensive.

ibstubro's avatar

Oh, shit, @Jaxk. I forgot you weren’t simple retail.
There never has been a secondary check at the pumps.

dappled_leaves's avatar

@ibstubro “Or was the rollout more-or-less haphazard like’s happening in the US?”

You know, it was really hit-or-miss for the first year especially, but I got the sense that all the banks were in, therefore their customers (i.e., the retailers) had to be in, too. I mean, it’s not like the local grocer can say, “Nope, we don’t take VISA, Mastercard, or AmEx, and don’t even think about trying to use a debit card”. They’d have to use whatever system they were told to use. But I imagine they couldn’t be forced to buy the hardware and install the software all at once. In fact, life might have been harder for everyone if they had.

And now I see that @Jaxk is recounting his experience with that.

jerv's avatar

@Jaxk Just my opinion, but you’d think that the revenue generated by POS would be enough for them to see terminals as an investment and at least subsidize the cost if not soak it outright instead of passing it to the merchant. (I mean as a standard practice rather than having to cut a special deal with them just to pay in full in installments.) Then again, passing operating expenses on to the little guy seems to be the preferred method of larger companies like major financial institutions, so it’s really no surprise that you’re the one shelling out for terminals and installation.

Jaxk's avatar

@jerv – Actually the credit card servicer, which is also my gas supplier called today and said they have approval to pay for my upgrade in conjunction with my exclusivity agreement. I have to stay with them for another 10 years but if I do, it won’t cost me anything. Nobody gives you something for nothing.

alluseek's avatar

chip cards are not meant to be a convenience or security for us, even if it may have been promoted as such. it is to protect the financial institutions from fraud.

However the chip card terminals that you’d need to upgrade to as a merchant, imho is like throwing extra pillows in the front seats of the last model year vehicles before passenger air bags became mandatory. its a stepping stone security solution and not an expense you should incur for payment terminals if you can avoid doing so. a couple years from now, at best, applepay, contactless-pay and the like will be the industry norm, whipping out a credit card will be less common. I will still have one, and a flip phone too, if they still have ‘em. If you were a smaller business, like half the businesses out there, would you shell out to upgrade equipment for chipcards, when you can assume you’ll be upgrading next year, again, for nfc payment processing?

ibstubro's avatar

Are any of the other gas suppliers competing for your business, @Jaxk?
10 years is a long time. Especially, as @alluseek points out, in the fast-changing market.

Jaxk's avatar

@ibstubro – Yes, I can entertain other vendors but they all have similar contracts. Changing brands is no trivial task and can impact my business either positively or negatively. Brand preferences and oil company credit cards are still a big deal in this business.

In the old days (20 years ago or so) the oil companies owned a lot of the gas stations. Regulation drove them to selling most of them and Branding agreements are how they insure a stable footprint. @alluseek‘s point is a good one but whether the changes mentioned above or some other hair brained scheme, I have supreme confidence that I will have to upgrade again next year. It is the issue I’ve been complaining about for the past 6 years here. Every time some politician says they will stick it to the rich, they miss by about 4 decimal points.

jerv's avatar

@Jaxk I never imagined that they’d give out readers totally gratis. After all, what sort of investment would giving you a reader for $0.00 be if they didn’t get a percentage of your revenue for X amount of time? As for having to upgrade next year, sometimes it pays to be ahead of the curve rather than drag your feet and live in the past.

One thing I would be wary about is that many Republicans are calling for bans on encryption. They claim it’s to stop terrorism, but neglect all the useful things it does, especially for banking and commerce. Show of hands, who here is willing to post their credit card information here encrypted? Anybody?

If encryption bans, or even mandatory back doors, go through, then chipped credit cards will offer nothing but a tiny bit of convenience and a way to fleece merchants by forcing them to buy snake oil; any and all security anywhere in the system will be utterly compromised. There will be many other problems as well, but we’ll stick to the relevant ones. Anyone who thinks we don’t need encryption because they think they have nothing to hide will be in for a rude shock when they find their bank accounts wiped out.

Jaxk's avatar

@jerv – You say “As for having to upgrade next year, sometimes it pays to be ahead of the curve rather than drag your feet and live in the past.” and then go on to explain why it’s not. I have no idea what’s coming next year but I am fairly sure whatever I buy this year won’t be either compatible or approved for what’s coming. We have about 6 million government workers that are primarily focused on creating new regulations. How could anybody anticipate what new schemes will be created to fix real or imaged problems. One that I can assure you won’t be done is a ban on encryption. But nice try.

jerv's avatar

@Jaxk Check your PMs.

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther