What is Digg?98 Comments
- zlintux, on 10/12/2007, -0/+46The magnetic stripe on credit cards does NOT contain your address, or your zip code. Why would it? It'd just make things like this easier, and allow companies who take credit to mine your address to get junk mail.
The stripe contains your credit card number, expiration date and name (and other information that is generic to all cards from your bank).
Also, more than just wait[ers|resses] have these devices. People in retail outlets can have them too, so if you want to feed your paranoia, if you see a cashier's hand holding your credit card drop out of sight for a second, go ahead and freak out.
I've been using credit cards at restaurants since 2002. All my friends have as well. I've never heard even "a friend of a friend" having this happen to them. However, I know that a cashier was canned and arrested at IKEA near here after a customer noticed him doing this.
He got too cocky, and started holding the reader in his hand, concealing it, and then sliding the card right in front of the customer. I wonder how many people didn't notice until one finally did...
This is one of those things in life that's not worth worrying about. Your card can be stolen by any number of a hundred ways. I could set up a camera pointing directly at a register and say "It's for security" as it takes a picture of your card and get all the same information as this device. You have coverage against fraud, just be diligent and look over your statements and don't freak out about it. - Muyoso, on 10/12/2007, -5/+39"This is why you should always pay cash when eating out. A waitress"
I agree. - MissMoist, on 10/12/2007, -0/+20I pay for everything with my credit card, and have never had any problems like this. Not to say that it will never happen, but no sense in being so paranoid ("always pay cash").
- mwsherman, on 10/12/2007, -2/+16Makes me miss the good old days, when credit card receipts would be blowing around in a Sears parking lot. Not these new fangled printed receipts, but the carbons of the card made by one of those totally analog mini-presses with the big lever. That's the main reason that your name, credit card number, and expiration date are elevated on your card to this day.
- IllBeBack, on 10/12/2007, -0/+10I guess we should also all move to Montana and live in a hut up in the mountains so we'll be completely "off the grid".
- chedabob, on 10/12/2007, -0/+101996 called, it wants its news back. This has been going on for absolutely ages. Its nothing new.
- rholloway, on 10/12/2007, -1/+9wow. If they scare us just enough, we'll be begging them to start collecting our DNA for a positive ID when we use our credit cards! Yippie!
- tfizzle, on 10/12/2007, -0/+7No way Visa pays for fraudulent activity. The consumer never loses and the credit card company never loses.
They may tell you that they do, but in fact, the retailers pay for it. It's called a chargeback. When a customer disputes a charge, the retailer gets a chargeback, basically notifying the merchant that the disputed amount WILL be deducted from the merchant account. If the merchant is lucky and has good records, sometimes they can win a chargeback dispute. But, 9 times out of 10 you lose. And with Amex, you will 100% of the time. The customer pretty much always wins, and the credit card company ALWAYS wins--they never lose money on a transaction--ever. - waitasec, on 10/12/2007, -1/+7Wait staff did this for a very short period of time before realizing that after the third card it becomes very easy for credit card companies to track the crime back to the exact waiter/waitress. Since tips placed on credit cards have to be given to the correct waiter/waitress all the credit card software used by restaurants track by employee number or employee name. These records are also kept for tax purposes. Yes it is easy to use a mini-swipe device to read the tracks on the card, which do NOT contain address information. Its even easier to get caught.
Also remember that credit card companies bear the responsibility of fraudulently used cards, so the typical consumer only needs to keep an eye out for these charges. - Bobski, on 10/12/2007, -6/+11This is absolute Bull *****. There is NO personally identifiable information stored on that magnetic strip. PERIOD.
I know, and so does anyone who has an easily acquired magnetic strip reader.
Marked Inaccurate - Chompy, on 10/12/2007, -2/+7"This is absolute Bull *****. There is NO personally identifiable information stored on that magnetic strip. PERIOD.
I know, and so does anyone who has an easily acquired magnetic strip reader."
Incorrect: your name is stored on there. That said, there really isn't much someone can do with just your name. - OpenFuture, on 10/12/2007, -1/+5How many restaurants are there that have a portable card reader like that? They always take your card back with them and its not like they couldn't just write down the number in the back. Oh wait they're doing some expose thing on TV so they have to equip the waitress with this ridiculous ankle mounted magnetic card reader to make it seem like some high tech feat to steal the number. wow...
- antdude, on 10/12/2007, -0/+4Funny, the YouTube URL shows sex in http://www.youtube.com/watch?v=sexUus0igWs ... :P
- MScrip, on 10/12/2007, -1/+4I've always thought it was funny how some people are scared to use their credit card online... but they will let that same credit card DISAPPEAR with some waiter!
Still, I've never heard of cloning happening to anyone I know. - cnidog, on 10/12/2007, -2/+5Yeah, this happens but it's not as big a deal as people make out. I don't know about other card companies, but mine (VISA) limits my liability for fraudulent purchases to just $50. In reality, they have never actually made me pay that $50 despite the fact that my credit card number has been swiped several times. In each case, VISA called me as soon as they figured something was amiss and verified my location and that I had not just purchased a carton of cigarettes in upstate NY, $5000 worth of jewelry in Poland, or stereo components in Indonesia. VISA pays for this fraudulent activity out of my credit card fee and the fee they charge retailers.
If you really want to screw yourself over, use your debit card instead of your credit card. Unlike your credit card, the bank will not assume any liability. If a crook steals your debit card number and personal ID number, they can drain your bank account and there is no way for you to get it back. Check out the link below for a story about crooks who actually switched the debit card reader in gas stations and convenience stores when the clerk was not watching with a special reader that harvested card numbers and PIN numbers. The crooks then came back later and switched back the real reader without the clerk ever realizing. Now this is scary.
http://www.cbc.ca/canada/montreal/story/2007/01/19/debit.html - inactive, on 10/12/2007, -0/+3dont know about the UK but credit cards in the US dont use PIN's... i'm thinking they mean 'Debit Cards' - the whole video never says 'credit'
ALWAYS use credit - least you have a credit agency to investigate for you. debit - your get to do the investigation! - Chakz, on 10/12/2007, -1/+4Am I missing the bad grammar or are you just a douchebag?
- exoplasm, on 10/12/2007, -0/+3Besides, if it's a real credit card (and not a debit card/check card) you are protected anyway. You won't be out any money, just the bank will.
Debit/check cards on the other hand... Well I've had mine stolen before. Not fun to deal with money stolen from your checking account. - Willeth, on 10/12/2007, -0/+3Here in the UK (where The Real Hustle is broadcast) most restaurants have wireless card terminals for the very reason of preventing your card disappearing from sight.
- syco123, on 10/12/2007, -1/+3Scan, clone, note the pin, withdraw cash from ATM.
How is it inaccurate? - krinn, on 10/12/2007, -0/+2lol - It's a gift card. You can check the balance here:
https://www.simon.com/giftcard/ - zdiggler, on 10/12/2007, -0/+2Providing convient for customer like accepting credit card for a small store is not convient or not cheap at all. Especially for a Small Convenient Store. Especially Credit Card company take %age of total sale from CC transitions. ATM/Debit system take less.
So please if you goto a small store please choose Debit and enter your pin! - zdiggler, on 10/12/2007, -1/+3I worked at a mall near a ghetto in Oakland when I was in HS. fake checks and counterfeit money all day long. They even have low tech fake CC, Where they use plastic card with number, expiration date and the con artist name to beat ID check. Maganatic strip don't work. You will try it on machine and it doesn't it work, you think its bad machine or bad strip so you result in manual entry with machine to finish the transition. Ask for ID and match their name.
They also counterfeit money using real bill so that it will pass the Pen test. They achived that by washing the ink of $1 bill or $20 with certin chemicals and process, then print scanned copy of $100 or $50 on it. Look real, feel real and pass ink test. - thesimo, on 10/12/2007, -0/+2she can clone my card anyday
- wilf_brim, on 10/12/2007, -0/+2What is even better are people who don't use credit cards, or do any bill payments online, but pay for everything with checks. Give strangers something that has your name, address, phone number, bank account number, and bank routing number. Lets face it, there are tons of ways to get ripped off. Unless you go to an all cash life there is always the possibility of taken. At least with credit cards, you have some recourse.
- UnConeD, on 10/12/2007, -0/+2Or North America could move to smartcards for all banking, like Europe has, and get rid of card duplication worries. Swiping is so last century.
- exoplasm, on 10/12/2007, -1/+3G.C. Holder should have given it away...
It's a VISA gift card and probably has a low or zero balance. - inkhead, on 10/12/2007, -0/+2This person hardly knows what he is talking about. This is how a crappy carder steals bins, aka tracks form your card. That like 6 years ago. And 3 years ago was ShadowCrew, the largest SecretService bust ever, THOSE were serious carders, and they usually got their info from credit card services, or background checking services. For $500, you could buy 10,000 credit cards, for $1000 I could buy 1,000 identities complete with ssn, dob, dl, and even your mothers maiden name. People were spending $10k to access an information service that has all your info, YES they do have all your CC numbers.... and yes I can buy access to anyone here's info in 10 minutes. You should be more concerned about the people doing the dirt deals online, if somebody gets your credit card, ODDs are it's because it was sold with 10,000 other credit cards from an information broker online to an criminal, who was willing to front cash to get access to a service that normally wouldn't be open to them.
Oh and another thing, if you live in Ohio, you are pretty much *****, the government never did anything about it LIKE THEY SHOULD HAVE, when they were given SPECIFIC information on how the DMV was compromised, and how everybody with $1,000 can get full access to SSH prompt to search complete records, and download photos. To my knowledge criminals are still doing it TO THIS DAY.
Instead your government wants a National ID card system, which is THE BEST THING A CARDER CAN HOPE FOR IN THIS WORLD, because there will only be one style of ID to counterfeit in the US, making counterfeiters have a single target to focus all their energies too. It will only take a few months before everyone has the "PERFECT ID Template" that can pass muster with any cop. That means rather than having to put energy into making fake IDs with fake info that won't verify, everyone will be required to report and access a SINGLE national database. Meaning all the DMVs that are already compromised will give criminals EASY ACCESS TO THE NATIONAL DATABASE, and soon anyone with $50, will be able to pay for a "FULL" which means a full ID, and will just put their picture on the card instead of yours. Pretty soon, when you apply for a job you will get a background check and find out you have 5 felony arrest warrants in New York, or some state that you've never been, and you'll never be able to get it to go away. Just look what happens when your credit is ruined. You think the government is going to have a way to "remove" false information from your ID? Just think all these agencies can report info to ONE database that is synced. That's billions of POF, points of failures, and points for information to be shared. - pritch, on 10/12/2007, -0/+2@x1987x, yup, we've got PINs on both debit and credit cards.
In the vast majority of places where I use my cards, I don't sign, I have to enter my PIN.
One of the practical upshots of this is that there's pretty much no need for the card to go out of your sight, as you need to be at the machine to enter the PIN; in many restaurants, they use a wireless terminal, which they bring to the table. - DriverDan, on 10/12/2007, -0/+2Credit card skimming is OLD news. It has been going on for decades and will continue to happen until the entire world goes to smart card + pin like the UK. If you know where to look you can buy credit card magnetic strip data (a dump as it's referred to on carder sites) for as little as $10 each, or possibly even less in bulk. Some of it has been skimmed like this video covers but much of it hacked from card processing centers. Credit card companies now implement sophisticated software that can easily detect fraud patterns that lead back to a certain location. Skimmers get caught all the time, it just isn't big news since it happens so frequently.
Just like coasters2k pointed out fraud protection is mandated by law here in the US. You're foolish if you're "afraid" to use your card somewhere. You're not liable for fraudulent purchases. A few phone calls and some paperwork later the charges are gone. - DJMac317, on 10/12/2007, -0/+2I work in a call center for a bank. I get the calls alot where the client calls in and says there are fraudulent charges on their check card. Until I proceed to go through the charges one by one and they remember that they did indeed to it.
Most commonly people tend to not realize how credit cards and check cards work. When you swipe the card it hits the account as an authorization or hold not as a charge. The funds are then deducted from the available balance. Depending on the financial institution the authorization or hold on the funds is released usually after 24 to 48 business hours and the funds are placed back into the account until the merchant collects on the funds, the merchant has within 3-5 business days to collect on the authorization then they are then posted to the account as a charge. This is where two things happen: 1) People think they have fraudulent charges on their account because they didn't post the same day the actual transaction happened, 2) People go into overdraft because they think they have more money than they think they do, and end up spending the same funds twice. I had one person who used their check card at a Subway in early September and the funds weren't collected on until early November, therefore the client thought they had a fraud charge on their account.
It has been told to me that a lot of banks make a lot of money off of credit cards and check cards, on credit cards it's obviously the interest, on check cards it's because when you swipe the card that merchant has to pay the bank you use $.25, if you use a debit, they pay nothing. Haven't you ever wondered why when you to go Wal-Mart or another store you are thrust automatically into entering your pin number for a debit, only to have to hit the cancel button to select "credit"? It's so the merchant doesn't have to pay the bank $.25.
The point: stick it to the man and the thieves, use cash. - mikeon, on 10/12/2007, -0/+2Never seen a wireless terminal before. But how easy would it be for someone to create their own terminal to read, and copy the card, and record the pin number you put on it?
- Riffraffs, on 10/12/2007, -0/+2@zdiggler
A check card is not a credit card, regardless if is states visa or master card on it. - mousky, on 10/12/2007, -0/+1Oh my god, they can swipe the magnetic strip and get your card number, expiry date and name. Hey, wait a minute, isn't that information already available in plain view on the front of the card? Heck, they even have access to the CVV2 number.
- nightwing2000, on 10/12/2007, -0/+1Yes, the credit card contains your name (and card number, duh!). If you use the airline fast-check-in kiosk, it can grab your name off any credit card. So the only thing different, swiping is a lot easier to hide than, say, the waitress taking a photo of the card on both sides with a digital camera...
The one who pays for fraudulent charges is ultimately the merchant, unless: we were told, when I was the treasurer for a small club that took Visa - the merchant must verify that the card was present and looked valid, and that the signature matched the card, and it was not expired if you were doing the paper impressions. Those terminals also tell whether the card was swiped or the number manually entered. They will also nail a merchant for duplicate entries. I am constantly amazed how rarely the signature is checked. Although, at a Swatch store in Vancouver, my wife was asked for photo ID too. (Vancouver is notorious for smarter-than-average Asian gangs pulling all kinds of scams and I guess trendy merchandise is a prime target). Technically, you do NOT need any further ID with a Visa card.
Not sure what the rules are for on-line, but they do verify your billing address and are on the hook for a lot more charge-backs. After a porn scam about 10 years ago - 1 merchant accounted for 10% of all cc charge-backs that year - they also have the policy that if your charge-backs reach a certain percent, a hefty penalty applies. I'd love to know how fraud artists get by the billing address thing - I suspect it involves more than skimming, either identity theft or faking an address change.
A female co-worker had her number taken and used on-line for porn; never sure who, but they suspected a small gas bar near her.
They have a computer program that checks for odd behaviour. They typical waitress scam is to swipe the card twice and pocket the money for the second charge - apply it against her cash receipts. Newer computerized restaurant software runs the Visa directly (older cash registers did not talk to the Visa machine). This makes it hard to fake a Visa charge, as it must be tied to a specific food order. A waitress at an older restaurant near me was caught doing this. However, I suspect the owner was on the hook for the charges.
When a pattern of fraud emerges, the system can also identify what those cards had in common. You may still be the victim of a fraud, but wholesale theft is very hard to carry on for very long.
I have had my number taken once - after a trip to Amsterdam via the New York area, someone tried to book tickets on Travelocity and a few thousand dollars "against a Colombian telecom"! I suspect it was stolen in the NYC area due to that ethnic connection. I have had my cc flagged; once in the 80's when a stupid postman put my bill in the wrong box, and it was returned to Visa as "not at this address"; once a few years ago, I used it in a pay phone, then to rent a car - they said it looked like someone checked if it was valid with a $1 charge, then put an even $300 (rental hold) on it. Both cases, a phone call set things right.
I don't trust debit cards outside of big banks...
The classic fraud I recall was the guys who wheeled a fake ATM into a mall, chained it to a pillar, and then collected it a few days later. Anyone who went up and tried to use it, it read their debit card and pin and then spit the card out, saying "sorry, out of order".
I've heard of the video camera in the ceiling to catch PINs, and there was a case in Canada of someone putting "card catcher" in a bank machine. It fit over the slot and had a folded strip into the slot that caught your card; then a friendly fellow nearby would offer to help and try to social engineer you out of your PIN, and then retrieve your card when you give up and leave. My bank now has flashing green LEDs around the card slot so it's obvious if someone is putting an insert over it. - geekitechture, on 10/12/2007, -0/+1I covered that point in my first post. Did you even read it before replying? Thanks for merely re-enforcing what I said (how easy it is for store personnel to steal a credit card #) and for not getting my real point...in the States, we don't have wireless terminals that we bring to the table, and most of our stores and restaurants have registers or credit card terminals that don't require a PIN # be used with a debit card payment. Debit and credit cards are processed the same way; both are treated as credit cards. Can I make this explanation any clearer? Should I draw you a diagram?
- mrfreeziexp, on 10/12/2007, -4/+5Imagine how easy it is if they take the credit card to a computer, completely away from the car holder's vision, like most restaurants that I have been to do. Really, the credit card has been a security hole for a long time, and only now are we coming to realize it.
- inkhead, on 10/12/2007, -0/+1Agreed, most credit cards only use tracks #1, #2. Credit cards can have up to #3 stripes. But most only use the first two. These are called bins, with the credit card you can generally download a software program that you put in the info and it generates the track numbers. Usually track number #1 is something like this. john,doe4517239829039834,10,09 which contains your credit card, and your first and last name.
Just google "credit card encoding, magnetic strip bin"
Until credit cards ENCODE the picture of the person, and verify the picture from a remote server on the credit card, you can't really protect cards, even with pictures people will still get away with it, but this would stop big ticket items like electronics and tvs... - inkhead, on 10/12/2007, -0/+1Credit Card numbers are very useful. You can easily make fake credit cards, you need a Fargo printer, and a punch that pushes up the numbers and name. You also need holograms. Many of the carder forums used to have vendors who sold holos with visa or mastercard logo. You could easily print the hidden UV ink (look at it under a black light).
One of the best ways to detect a "fake" credit card, is to run your hand over the hologram on the front of the credit card. On REAL cards the holo is stamped on, and should feel almost flush with the card, very smooth, and you can't feel the edge of the sticker. On most fake credit cards, if you run your hand over the hologram, you will notice that the sticker doesn't feel smooth at the edges, it hasn't been pressed into the card with a machine, rather it's stuck on like any other sticker.
However some enterprising carders have used heavy pressure to smash the holo into the card. So in some cases (not many) you won't notice the difference.
You can usually catch a carder, because they are quick to swipe the credit card and stick it back in their wallet so you won't ask to exam it. - thoand, on 10/12/2007, -0/+1My Visa has my personal id written on it (bithdate + some random number)
With this people can easily find my address, zip code etc..
I think this just happened to me. Somebody has changed my address twice in January 2007
Here in Norway all you need to change homebody's home address is my name and person id(all written on the Visa). It is all based on trust.
Imagine what they could do after an address change ... - webist, on 10/12/2007, -0/+1a year ago 2600 had an article detailing how to steal mag stripe info and then re-create it for a cloned card. Now that most stores have you swipe the card yourself they never see that its a piece of white plastic.
- Chompy, on 10/12/2007, -1/+2Who cares? You're not responsible for fraudulent charges on a credit card anyway.
- syco123, on 10/12/2007, -0/+1I sold some photographs to a guy who didn't trust the internet with his card. So he calls me on the phone, a total stranger, gives me all his details, including the 3 digit number. I write it on a piece of paper and process the payment through my online CC terminal.
Nice one mate real secure! People are idiots and while thats true others will con them.
We did have a spurious payment of $6 go through and it was more hassle then it was worth to track. The bank were dicks about it. so we let it go. If whoever did that to us did it to another random million people some russian gangster is laughing all the way to the bank. - zlintux, on 10/12/2007, -0/+1Actually counterfeit credit cards are a real thing. As such, every credit card has several security features that can be used to determine if the card is fake or not:
Mastercard:
All account numbers start with 5.
The first 4 digits are printed below the embossed section (this is harder to fake, since there are 30 year old label makers that can emboss plastic)
When placed under a UV light, the card will read "MC"
The standard MC hologram and logo in the bottom right.
Visa:
All account numbers start with 4.
As above, the first 4 are printed below the embossed numbers.
Under UV light, older (most/99%) will display an eagle, much like the eagle in the hologram. Newer ones (within past few months) will display a large V with the tapered edge as with the V in the Visa logo.
The standard Visa hologram in the bottom right. Also, the classic Visa logo on the old design (with the UV eagle) and a new one for the newer cards which drops the top and bottom blue/gold bars and stylising the V more.
Amex:
All cards, somewhere on the card, will contain the phrase "NOT TRANSFERABLE"
Under UV light, one of several designs will occur... I've seen a centurion, the letters "AMEX" and the letters "AMEX" with a centurion in the middle.
Of course, many of those features are easily duplicated.. save for the UV light. I don't know why more stores don't put a $20 UV light at registers... check cards, certain types of checks and cash (>=$5) in such a way that is MUCH more difficult to fake.
Most places these days don't even touch your card though. I've been tempted to get some random giftcard and re-write the magstripe to my credit card and see how many places don't notice... - zdiggler, on 10/12/2007, -0/+1Not my bank. they got MasterCard check card. Once mine got taken, probably from a webshop somewhere I tried to dispute it I have to file three forms to get my $40 back. What a pain, Visa check card are better thought, they don't even ask, just tell them which one you want to dispute and they will give you the money right away, they will only charge if the other side have valid reason then you.
- mallipeddi, on 10/12/2007, -0/+1what software were they using to extract the information out of the card swipe in the video?
- kd1s, on 10/12/2007, -0/+1@zlintux: There are two tracks on most magnetic stripe cards. POS only reads track 2 which is the account number, expiration etc. Track 1 can contain all sorts of data. I know, I used to build POS systems.
- zdiggler, on 10/12/2007, -0/+1Every body use Checks in Montana. I was there a few years back, I have to wait for people writing checks to pay for gas. :(
They still got Pump First gas pumps too. - noncn4mst, on 04/15/2009, -0/+1dugg down as lame and inaccurate.
by the way, people - no personal information is stored on your hotel key card, either. - smitting, on 10/12/2007, -0/+1I was surprised how easy it is the read a credit card the first time I got ahold of some magnetic scanner hardware, but this is all child's play compared to the identity theft possible with RealID. I've changed my credit card number about 5 times in the last 7 years... if RealID uses biometrics then you can't change your "number". Scary! And you might not even require direct contact to read the card? scarier!
-
Show 51 - 92 of 92 discussions
Check out the new & improved 
© Digg Inc. 2009
— Content created and posted by Digg users is