[lug] OT: Credit Cards w/ Chips

David L. Willson DLWillson at TheGeek.NU
Fri May 15 13:37:48 MDT 2015


+1 to the rant. Go bitcoin method. 

-- 
David L. Willson 
Teacher, Engineer, Evangelist 
RHCE+Satellite CCAH Network+ A+ Linux+ LPIC-1 UbuntuCP NovellCLA 
Mobile 720-333-LANS(5267) 
http://sofree.us 

This is a good time for a r3VOLution. 

----- Original Message -----

> I used to have an account with an Italian bank. Some time ago they
> stopped issuing swipable cards, they went chip-only (they were
> issuing cards with both chips and magnetic stripes for years, at
> that time). About a year ago, my
> card-with-both-chip-and-magnetic-stripe expired and the replacement
> was chip-only. I've never been able to use it in the USA, IIRC not
> even online. Long story short, I had to close that account, since I
> could not find any way to pull money out of it. That's all I know
> about your question.

> <rant>

> The whole credit card approach to payment is totally flawed.
> Regardless of chips, it's like going to a store and instead of
> handing the cash at checkout, you hand the other party (or a
> man-in-the-middle) the whole wallet and trust them to only pick the
> amount they claim they'll pick. In the USA, people tend to me more
> honest than somewhere else in the world, so, it's seldom a problem
> (and when is a problem, credit card companies cover that -- which is
> not always the case for cards issued in Italy). However I still
> don't think is the right model. One should be able to make business
> with people they don't trust, with little fear of man-in-the-middle.

> The right model would be something more similar to the "wiring funds"
> (or bitcoins, if you will): the store tells the customers "where"
> and they put the money there for the store to grab, like what I do
> in stores when I pay cash. Man-in-the-middle can still steal money,
> but only what is on the desk, the bad guy cannot take a whole
> account because the customer spent $3 at target on the wrong day.

> </rant>

> On Fri, May 15, 2015 at 12:36 PM, Maxwell Spangler <
> maxlists at maxwellspangler.com > wrote:

> > I received an Amazon/Chase VISA card recently with a chip on it.
> 

> > While I know this is not guarantee of my credit card's security,
> > it's
> > a step in the right direction.
> 

> > However, I have yet to find an place where I can use it.
> 

> > Terminals with chip reader hardware exist at Target, King Soopers
> > and
> > many other places where I shop, but when I stick my card in, I get
> > no response and have to swipe.
> 

> > Does anyone know anything about this?
> 

> > Posting here because this list has security aware people who may be
> > able to share some backstory about the enabling of chip cards in
> > 2015.
> 

> > Thanks,
> 
> > 
> 

> > --
> 
> > Maxwell Spangler
> 
> > ========================================================================
> 
> > Boulder, Colorado, USA
> 
> > http://www.maxwellspangler.com/
> 
> > _______________________________________________
> 
> > Web Page: http://lug.boulder.co.us
> 
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> 
> > Join us on IRC: irc.hackingsociety.org port=6667
> > channel=#hackingsociety
> 

> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667
> channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20150515/6e48c0eb/attachment.html>


More information about the LUG mailing list