Hidden danger of chip and pin
After the great fanfare about Chip & Pin Day on February 14, the business of punching in a four-digit number instead of scribbling an unintelligible signature when you use a credit card has gone mercifully silent. All the hoo-ha about Pins (personal identification numbers) being compulsory now is just that - I was asked for a signature just the other day, so not all retailers regard the procedure as mandatory, and some big retail chains are holding out because they have to pay for those hand-held terminals that we are all having to get used to.
But a Sunday Times Money reader has phoned in with a rather more sinsiter development. It turns out that a retailer, be it shop or restaurant, can blithely take money out of your account without authority - and you will probably know nothing about it until you get your next credit card statement.
The reader had paid for a restaurant meal, entering his Pin in the usual way. However, when he received his statement he noticed that a second, quite different, amount had been debited from his account by the same restaurant on the same day. He phoned the eaterie and, after being passed to and fro from one reluctant staff member to another, found out that the waiter had forgotten to charge for the wine. The sum the customer had authorised with his Pin had been only for the food. The restaurant discovered its mistake after he had left and rectified the situation off its own bat. The reader acknowledged the debt, but was understandably furious that money could be taken from his account without his authorisation.
Á spokesman for Aoacs, the bank trade body responsible for payments, confirmed that the restaurant had acted wrongly in taking an unauthorised payment - but then admitted that any retailer could do this. The facility is needed mainly for those who order goods or services by phone or over the internet - what are known in the trade as Card Not Present transactions, which is when a retailer will ask you for the three-digit code on the back of your card, to ensure that you actually have it in your hand when you are ordering. But they can also make what is nown as a Pan-key entry. This is another acronym, as Pan stands for Primary Account Number and enable the retailer to enter a transaction without the need for either Pin or CNP number. This is a fail-safe in the event of wrongly entered data.
"That restaurant shouldn't have used that on this occasion," the spokesman said. "They might have had no means of contacting the customer for the extra payment, but that was their mistake. It would be just the same if the customer had paid the original bill in cash."
Moral of the story: check your credit card statements thoroughly. You now know that anyone can tap your account, for good reasons or bad, without your knowledge.
Battle over trusts
The Chancellor's plans to alter the tax treatment of some trusts has led to an outcry in the legal and accountancy worlds. Click here for more and to have your say
if using a relatives pin number to buy goods in store is wrong...is it illegal to use husbands debit card on-line (with his permission) to purchase shopping etc?
Posted by: | 7 Sep 2006 10:13:21
(This is a long one, but it’s worth a read!) I work in a large nationwide chain of stores that were one of the first to implement Chip-and-PIN.
After February 14th, the EPOS systems (tills) where updated, but where still happy to allow cards to be signed for a couple of weeks after. They have since been re-programmed with a 'Denied' message appearing if no PIN is entered. The customer should be the only person to operate the hand-held device (and we encourage that you do pick up the keypad - and not just leave it in its cradle).
Since Chip-and-PIN, however, family members have been entrusted with relatives PIN numbers to pay for shopping on their behalf. Some people don't understand that this is still wrong, and it still should be the named card holder that enters their own PIN number.
On numerous occasions, people have walked out of the shop, leaving their entrusted to enter their PIN, or they have been packing their items, and requested their children to enter their PIN for them. This is still not allowed. You need to be present, and you need to enter it yourself.
One woman insisted that she was allowed to use her husbands credit card (not a joint named card) as she knew his PIN number. I said to her, "Sorry, Sir, but I am unable to accept that." Turned out that the she didn't have any proof that she even had the same surname as him (not that I would have accepted the card anyway), and her excuse was that they'd only just got married. (Poor guy! She's got his card after one week!)
I had another couple have a really bad go at me too. The woman was paying with her Chip-and-PIN card, putting it in the PIN-pad herself and receiving the message "[1] Switch - OK?". Now this screen in annoying, and I think it only appears on the keypads where I work, and gives the option for Switch/MasterCard users to process the cards as either a MasterCard card, or a Switch card (it doesn't matter which). It confuses 95% of customers, so normally I'd confirm the card type for them by pressing OK. The woman entered her PIN, it was authorised, and the keypad requested that the card was removed. It needs to be removed before the till starts printing (possible a feature so the customer doesn't forget their card), so, to save time, I remove their card and pass it back to them. This woman went nuts! She ended up speaking to (well, shouting at) my supervisor, followed by the manager, asking why I'd touched the PIN-pad and her card. She went off on one about me looking at the numbers on her card, and that it was her property (not true - it's the banks). Anyway, that woman was strange. Whatever you think, the details on the cards are printed/stored for administration purposes anyway! The part of the receipt that the store keeps will always have your full credit card number on, unlike your copy, which will only say 1234 **** **** 6789.
Additionally, the back of the card should still be signed upon receipt from your bank. Remember that a card is not valid unless signed, and additional photo I.D. could still be requested, to check the name on the card and photo. If you sign the card in front of me, I will ask for another form of I.D. to compare it against. Awkward, but fair, I think anyway.
I have had numerous occasions at my checkout where the customer has entered their correct PIN (I know it was correct otherwise, 'Incorrect PIN' would be displayed immediately) and their card has appeared as denied. Our current software will not print a void receipt for this. (Only if the customer states that they do not know there PIN will a void receipt be printed.) The card needs to be re-processed, and 99% of the time, the card will be authorised the second time. I am unaware if the first transaction will ever be processed normally, but it shouldn’t be with a Denied status.
On the subject of double-payments, there was one incident that affected each of the 250+ branches. Due to some automated or manual error at some point along the line (either at Head Office or by the bank) each customer who paid by card on that day was charged twice for their transaction. Refunds where eventually automatically issued to all the customers, but our branch didn't have one customer returning to complain about the double-charges. This proves that out of all the card transactions that day - not one of the (approximately) 200 customers checked their bank statements properly that month.
I will read any response with interest.
Posted by: Anon | 13 Apr 2006 00:11:32
Have the Banks considered how many till and checkout positions have CCTV surveillance to view the tills and operators? - all these record your PIN entry details - are all CCTV monitoring staff security vetted?
Posted by: ERIC FERBRACHE | 10 Apr 2006 20:32:55
For those who say "chip and pin is more secure", you might want to read the website of Mike Bond and Ross Anderson from the University of Cambridge Computer Laboratory at http://www.chipandspin.co.uk/. It is notable that while the entry point for the transaction is more "secure", my debit card had terms which suggested that in the event of a dispute the computer record would be treated as more correct than the paper receipt. The audit-trail for chip and pin is non-existent if fraud happens.
Also, with respect to the photos on the card, more than one study has shown that most people cannot reliably tell, without training, whether or not a person standing in front of them corresponds to a photo of that person. (think, glasses or not, beard, hairstyle, dyed hair colours, weight loss or gain, lighting in the photo).
Posted by: Matthew | 10 Apr 2006 16:39:01
hi, i work in a restaraunt that has not yet upgraded to chip-and-pin services, we are still using the swipe and sign method. we can also debit money from accounts without authorisation from the card-holder so really this is not something that only chip-and-pin allows. we swipe cards when a tab is set up and if that tab is not settled before the customer leaves i.e. if they piss off on us, we charge their bill ourselves. this has been going on for years, is legal and is nothing new.
Posted by: anna | 10 Apr 2006 11:11:40
In reply to A. McLelland the Royal Bank of Scotland DID have digital photo's and signatures on cash cards but has abandoned them on the new Chip&Pin cards due to 'technical issues'. I have raised a complaint as it was a brilliant system.
Posted by: Andrew Porter | 8 Apr 2006 23:28:22
My wife and I have had a photo debit card for some years now, provided by a well known Scottish bank. Most transactions made on these cards have raised a comment, to the effect that they have never seen one before and yet it is a pity that a photo card is not more common, as it provides security for the retailer and the card holder. I would suggest that the cost of producing a 'chip & pin' or 'photo' would be more or less equal and I cannot understand this mad rush into 'chip & pin'. Cynically, I can only think that the former produces more profit for the banks!
Posted by: D J Fraser | 8 Apr 2006 21:46:43
Wont chip and pin increase violent crime? If your pin is spotted as you type it in, a would be mugger could follow you out of the shop, steal your card and immediately take money out of an ATM. Shouldnt we have 2 numbers - one for paying in shops and one to get money out of an ATM?
Posted by: Niall | 8 Apr 2006 16:38:12
The ability to put through a sale on a card without the owners presence is always open to abuse, and did happen before chip and pin arrived, so is not a hidden danger of chip and pin!
You can type in the card number, and the card machine gives you the option of saying if the customer is present. If you say they aren't present the card machine does not automatically call for authorisation nor contact the owner.
Posted by: Jane Davidson | 8 Apr 2006 14:41:38
Security experts at Cambridge University's Dept. of Computer Science have issued a layman's guide to what's really going on with this. Here's the link...
http://www.chipandspin.co.uk/
Posted by: Helpful Harry | 7 Apr 2006 18:14:58
Both I and my son bank with a High Street bank (separate accounts) and, on three separate occasions, we have visited one particular branch and requested and been given a mini statement without any questions being asked. This is worrying as my account details are unsafe, in addition if you use your card to pay at a well known supermarket petrol station or self serve checkout, there is no need to enter PIN in either, just swipe your card. At the time I received my mini-statement, a/c had only 2 days previously been credited with 40k.
I will continue to test their systems and will consider reporting any more instances to the FSA. Bank customers should check this doesn't happen in your bank/branch.
Posted by: Anonymous | 6 Apr 2006 22:49:01
my eldest son is working out in aus on a conservation holiday through sta travel. two days after he had left a letter came from his bank to say they had carried out his instructions but his account was now overdrawn but they would give him a free overdraft for 30 days.after a lot of worry and phone calls to aus,banks,sta we found that a debit card paymnet for part of the trip had not been taken by sta,s bank hsbc. so sta reprosented the amount again and it was paid three months after the first transaction? so effectivly emptying the account?. moral- check your statements but how long can a bank keep asking for payment.
Posted by: mitch mitchell | 6 Apr 2006 21:49:26
I made a false entry with my debit card on line, then corrected it (for the tsanmi appeal). I was debited twice, the second 3 months later, and I have no recourse to bank and do not know if the 2nd payment went to the intended appeal.I received only one acknowledgement.
Posted by: R Arnold | 6 Apr 2006 14:22:43
I am a retailer and recently had a customers transaction declined and a "Void" printout given , The customer said he wasn't certain of the pin and asked to try again assuring us that there were funds to cover the transaction. After three tries - and void receipts - a message on the terminal said the customer should contact the card issuer. He was not given the goods . 4 weeks later the customer called to say he had been debited with the amount and upon checking we found we had indeed been credited with the amount, which we immediately refunded of course. Moral is ALWAYS check your statements carefully .
Posted by: Alan Shons | 6 Apr 2006 13:52:03
It is possible to enter your PIN whilst covering the keypad with your free hand. You just have to remember the 'shape' of your PIN on the keypad, a small price to pay for keeping your number safe from prying eyes.
Posted by: Julie Taylor | 6 Apr 2006 13:01:32
I had my account skimmed yesterday and Tuesday. I had not lost my card or had it stolen and no one knows my PIN. The two transactions were from ATMs both in London. With what is supposed to be a more secure system, how can this happen? Is it an inside job?
Check your statement thoroughly and if you have internet banking do it every day. If you are going to change your PIN on a regular basis do it at an ATM inside your bank.
Posted by: Robin Chandler | 6 Apr 2006 11:30:16
Passports and driving licenses require a photo, so why not bank and credit cards? I lived in Norway during the 90's, where cards had for some years been issued with digital photographs and digital signatures held by the bank. These were printed on the card from the bank's records, not stuck or written on the card. This was simple security that is streets better than the ridiculously unsafe system we've used in the UK. A PIN is an improvement on a signature, but far from ideal.
Posted by: Paul Armitage | 6 Apr 2006 11:13:29
Good News: Some BP stations make you press the ENTER button to check and confirm the amount you have just spent on fuel before you enter your PIN.
Bad news: In some of these stations, the staff authorise the amount for you, thus removing the very check that someone was so careful to provide. Not all staff are happy to let the customer check and confirm the amount him/herself, even though the message on the little screen clearly says that the customer should confirm the amount.
Posted by: A McLellan | 6 Apr 2006 11:03:52
On several occasions I have heard that friends have entered their pin and the system has refused it and have been asked to enter it again. This works but on examination of the bank statement the payment has been taken twice!! Just a warning for all of you out there, refuse to enter your pin a second time unless a void receipt is issued.
Posted by: Andy Hall | 5 Apr 2006 11:20:30
On the subject of Chip and PIN system, I have noticed that in a number of petrol stations the CCTV camera is oriented such that the recording can easily capture the card number you enter and even worse, if they have the monitor in the shop, other customers can also see you enter your PIN!
Posted by: Oliver Butler | 5 Apr 2006 07:49:16