Jump to content
^_^

Visa Pushes PIN Requirement With Credit Card Purchases

By ^_^ in Current Events and Hot Social Topics

 Share

6 posts in this topic

Recommended Posts

^_^ Grand Master

^_^   5,021

Posted
Filed: Timeline
Posted

This week, Visa announced that it's putting its muscle behind the adoption of "chip and PIN" capabilities in U.S. credit cards, which require in-person purchasers to input a PIN code into a point-of-sale machine before the card can be used. Also known as EMV--for Europay, MasterCard, and Visa, referring to their global standard for integrated circuit chips built into cards--the U.S. chip will include contactless chip technology, laying the groundwork for greater adoption of mobile payments using near-field communications (NFC).

...

Visa said that starting in October 2012, any merchant that processes at least 75% of its Visa transactions via terminals that are compatible with cards carrying the new chips will be exempt from having to validate their compliance with the Payment Card Industry Data Security Standard (PCI DSS).

...

Beginning in October 2017, Visa said that for merchants who sell fuel, it will transfer the liability for fraudulent transactions to the merchant's bank, if the merchant isn't using contact and contactless chip technology at the point of sale. In the United States, credit card companies now mostly absorb those fraud-related costs.

...

The technology isn't bulletproof, even for card-present transactions. Last week at the Black Hat conference, a UBM TechWeb event in Las Vegas, for example, security researcher Andrea Barisani of Inverse Path demonstrated a card-skimming attack that works against EMV cards, even though their passwords are encrypted. The attack, which sneaks a chip into point-of-sale, EMV-compatible readers, which are supposedly tamperproof, was discovered in the wild.

"We think an EMV skimmer poses a serious threat, due to ease of installation, and is very difficult to detect," said Barisani. "There have been reported chip-skimmer installations dated 2008, being seen in the wild," he said. But it's often impossible for someone to tell if a point-of-sale terminal had been tampered with.

In response to his card-skimming research, Barisani said that some card organizations, such as EMVCo, have said that any such flaws would be mitigated through other means. Meanwhile, MasterCard has said that it would be too difficult at this point to overhaul EMV. But the Netherlands appears to have blocked this type of attack via a point-of-sale machine firmware upgrade that disables plaintext PIN verification for Dutch cards. As a result, a card skimmer can't read the PIN code.

http://www.informationweek.com/news/security/vulnerabilities/231400073?cid=fbook-informationweek&wc=4

scandal Grand Master

scandal   951

Posted
Filed: K-1 Visa Country: Thailand
 Timeline
Posted

This week, Visa announced that it's putting its muscle behind the adoption of "chip and PIN" capabilities in U.S. credit cards, which require in-person purchasers to input a PIN code into a point-of-sale machine before the card can be used. Also known as EMV--for Europay, MasterCard, and Visa, referring to their global standard for integrated circuit chips built into cards--the U.S. chip will include contactless chip technology, laying the groundwork for greater adoption of mobile payments using near-field communications (NFC).

...

Visa said that starting in October 2012, any merchant that processes at least 75% of its Visa transactions via terminals that are compatible with cards carrying the new chips will be exempt from having to validate their compliance with the Payment Card Industry Data Security Standard (PCI DSS).

...

Beginning in October 2017, Visa said that for merchants who sell fuel, it will transfer the liability for fraudulent transactions to the merchant's bank, if the merchant isn't using contact and contactless chip technology at the point of sale. In the United States, credit card companies now mostly absorb those fraud-related costs.

...

The technology isn't bulletproof, even for card-present transactions. Last week at the Black Hat conference, a UBM TechWeb event in Las Vegas, for example, security researcher Andrea Barisani of Inverse Path demonstrated a card-skimming attack that works against EMV cards, even though their passwords are encrypted. The attack, which sneaks a chip into point-of-sale, EMV-compatible readers, which are supposedly tamperproof, was discovered in the wild.

"We think an EMV skimmer poses a serious threat, due to ease of installation, and is very difficult to detect," said Barisani. "There have been reported chip-skimmer installations dated 2008, being seen in the wild," he said. But it's often impossible for someone to tell if a point-of-sale terminal had been tampered with.

In response to his card-skimming research, Barisani said that some card organizations, such as EMVCo, have said that any such flaws would be mitigated through other means. Meanwhile, MasterCard has said that it would be too difficult at this point to overhaul EMV. But the Netherlands appears to have blocked this type of attack via a point-of-sale machine firmware upgrade that disables plaintext PIN verification for Dutch cards. As a result, a card skimmer can't read the PIN code.

http://www.informationweek.com/news/security/vulnerabilities/231400073?cid=fbook-informationweek&wc=4

They have these damned things in Canada now. Everywhere you go, you've got to stick your card in a reader and enter your PIN for verification. :ranting:

mawilson Grand Master

mawilson   2,133

Posted
Filed: Country: United Kingdom
 Timeline
Posted

They have these damned things in Canada now. Everywhere you go, you've got to stick your card in a reader and enter your PIN for verification. :ranting:

They've had them in the UK for ages too.

Very annoying. I hope this fish and chip thing doesn't catch on in the US.

biden_pinhead.jpgspace.gifrolling-stones-american-flag-tongue.jpgspace.gifinside-geico.jpg
Obama 2012 Veteran

Obama 2012   1,714

Posted
Filed: AOS (pnd) Country: Canada
 Timeline
Posted

Given that I've only ever had my card ripped off in the us, I don't see why anyone would object to this

Well, an argument here would be that pin-transactions in the states are not subject to the CC discount fees associated with taking those cards. It's why "pin transactions" are preferred by merchants.

My guess is that once ALL cards have to have pin #'s, this is going to be a way for banks/credit card companies to force all merchants to pay their fees, which get really expensive.

nfrsig.jpg

The Great Canadian to Texas Transfer Timeline:

2/22/2010 - I-129F Packet Mailed

2/24/2010 - Packet Delivered to VSC

2/26/2010 - VSC Cashed Filing Fee

3/04/2010 - NOA1 Received!

8/14/2010 - Touched!

10/04/2010 - NOA2 Received!

10/25/2010 - Packet 3 Received!

02/07/2011 - Medical!

03/15/2011 - Interview in Montreal! - Approved!!!

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
- Back to Top -

Important Disclaimer: Please read carefully the Visajourney.com Terms of Service. If you do not agree to the Terms of Service you should not access or view any page (including this page) on VisaJourney.com. Answers and comments provided on Visajourney.com Forums are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Visajourney.com does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. VisaJourney.com does not condone immigration fraud in any way, shape or manner. VisaJourney.com recommends that if any member or user knows directly of someone involved in fraudulent or illegal activity, that they report such activity directly to the Department of Homeland Security, Immigration and Customs Enforcement. You can contact ICE via email at Immigration.Reply@dhs.gov or you can telephone ICE at 1-866-347-2423. All reported threads/posts containing reference to immigration fraud or illegal activities will be removed from this board. If you feel that you have found inappropriate content, please let us know by contacting us here with a url link to that content. Thank you.
×
×
  • Create New...