Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
10997 posts

Uber Geek
+1 received by user: 496

Trusted
Subscriber

  Reply # 713129 6-Nov-2012 20:07 Send private message

Kyanar:
And they didn't immediately cancel your card?  Giving someone else your credit card number to use is a breach of the card's terms and conditions - and definitely voids your zero liability guarantee.  You should really get the card changed, son or no since you've given the bank the perfect out to make you responsible if your card number ever gets swiped.


Only giving the physical card is against the terms and conditions.

If they didnt want the numbers to be given out they wouldnt provide them to you in cleartext embossed on a card.

I have used quickflix and had no phonecall about anything so that may be able to be ruled out.




Richard rich.ms

1936 posts

Uber Geek
+1 received by user: 95

Trusted
Subscriber

  Reply # 713149 6-Nov-2012 20:48 Send private message

I was rung by Kiwibank on Monday about this. It was a quick courtesy call from Kiwibank business banking to tell me that my card information had been passed to a third party by one of the merchants I have used in the past and that they were sending me a new card. They told me it was the card ending in digits XXXX. My new card turned up today. They wouldn't tell me the merchant as it was still "under investigation" but from the text of the letter I get the impression that a merchants credit card on file database had been breached. The nice kiwibank lady told me that there had been no suspicious transactions on my account. She didn't ask for any personal details.

Cheers, Matt.




Nexus 5, Galaxy Note 10.1, ASUS UX31e Ultrabook, Mysky HDi, 2talk

2491 posts

Uber Geek
+1 received by user: 240

Trusted
Subscriber

  Reply # 713325 7-Nov-2012 08:24 Send private message

richms: Only giving the physical card is against the terms and conditions.

If they didnt want the numbers to be given out they wouldnt provide them to you in cleartext embossed on a card.


Incorrect.  The terms for three of the four banks I checked the terms for state that it's absolutely forbidden to give the card number to another person to use, and the fourth said that in the event your card gets stolen they will hold you liable for the entire balance if you have given your card number out.

BTR

453 posts

Ultimate Geek
+1 received by user: 96


  Reply # 713346 7-Nov-2012 08:56 Send private message

I prefer debit cards over credit cards but that depends on the end user and if they actually have the funds for their purchase. All I do is have my card linked to a separate account and transfer money in as I need it, that way if my card is compromised they won't get a cent out of me.

684 posts

Ultimate Geek
+1 received by user: 20

Subscriber

  Reply # 713373 7-Nov-2012 09:37 Send private message

Kyanar:
allan: Yes I've notified my bank the last few times I've been in the USA and good on them for querying an airline booking transaction in the US when I gave my stranded son my credit card # to book a flight home.


And they didn't immediately cancel your card?  Giving someone else your credit card number to use is a breach of the card's terms and conditions - and definitely voids your zero liability guarantee.  You should really get the card changed, son or no since you've given the bank the perfect out to make you responsible if your card number ever gets swiped.

Just to clarify. I did speak to the booking agent to authorize the transaction, so it's not quite as extreme as my initial post made it appear.

Awesome
3964 posts

Uber Geek
+1 received by user: 561

Trusted
Subscriber

  Reply # 713608 7-Nov-2012 16:49 Send private message

When I was in Uni, a guy from BNZ came and spoke to us one day. He said that most cards get hit upwards of 80 times a day with fraudulent transactions, but 99.999% of those are stopped automatically by fraud scoring algorithms. Those that fall into a 'might be dodgy' bucket will then get reviewed by an agent, who will usually put a stop on the card if they suspect something is up, or at least try and get in touch.

I've never had any issues when overseas, and never bothered to tell the bank I was away. Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.

I always use my card to purchase airline tickets (for the free travel insurance), so if they suspected something was up, they would probably just look at my account and see the prior airline, hotel etc booking and be comfortable I was overseas.




Twitter: ajobbins

7189 posts

Uber Geek
+1 received by user: 398


  Reply # 713620 7-Nov-2012 16:59 Send private message

ajobbins: Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.


CC companies though are their own worst enemies, by making it so easy to put through a transaction online without any ID needed. It is the price of convenience.

BDFL
49637 posts

Uber Geek
+1 received by user: 4470

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713633 7-Nov-2012 17:09 Send private message

ajobbins: I've never had any issues when overseas, and never bothered to tell the bank I was away. Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.


Nope. A "carder" uses a clone of a legitimate credit card. Granted, with chip cards this is harder but since in the US these are not being heaviy used there's a lot of space for skimmers, mag writers, carder teams, etc to actually use a physical card in store, buy goods and then sell on eBay.

Read Kingpin: The true story of Max Butler, the master hacker who ran a billion dollar cyber crime network and you will be scared. Max Butler made millions stealing, selling and using stolen credit cards.

Watch the video here.




Awesome
3964 posts

Uber Geek
+1 received by user: 561

Trusted
Subscriber

  Reply # 713634 7-Nov-2012 17:14 Send private message

freitasm: Nope. A "carder" uses a clone of a legitimate credit card. Granted, with chip cards this is harder but since in the US these are not being heaviy used there's a lot of space for skimmers, mag writers, carder teams, etc to actually use a physical card in store, buy goods and then sell on eBay.


I'm going off what the BNZ guy said. Assume he was talking in volumes of transactions, with most being failed.

It's a lot easier to use the LUHN algorithm to generate hundreds or thousands of card numbers, and then just take a stab at the expiry date. With most cards only being issued for 2-3 years at a time, you have a pretty good hit rate on a couple of hundred cards.

CVV codes are pretty much universally required now, so that helps hugely too.




Twitter: ajobbins

BDFL
49637 posts

Uber Geek
+1 received by user: 4470

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713636 7-Nov-2012 17:19 Send private message

Read the book, by a Wired editor. The CVV codes were part of the mag stripe, so easily skimmed. New ones have different numbers but still easy to connect to the pizza joint and download transactions as they happen.

Max used a (at the time) VNC vulnerability (basically the server tells the client what protocols are available but a client can issue a connection request with any security - including "0" meaning no security - and the server accepted without checking against policies) to log into restaurants and download credit card transactions as they happened. That's because most of the POS checkout app were actually storing ALL the credit card information, including the mag stripe information.

Obviously things changed a lot since then, but not all retail store updated their systems, VNC servers, etc, etc.

A couple of years ago I was interested to find out why Dick Smith would use my credit card on EFTPOS terminals and then enter my credit card number in their POS - I mean, it's paid, accepted, they don't have to store my credit card for anything, so why do they?

Also skimmers are very active in New Zealand.




Awesome
3964 posts

Uber Geek
+1 received by user: 561

Trusted
Subscriber

  Reply # 713649 7-Nov-2012 17:29 Send private message

freitasm: A couple of years ago I was interested to find out why Dick Smith would use my credit card on EFTPOS terminals and then enter my credit card number in their POS - I mean, it's paid, accepted, they don't have to store my credit card for anything, so why do they?


Did you ever find out? I remember they used to write the last four digits on a copy of the receipt that went in the till.




Twitter: ajobbins

BDFL
49637 posts

Uber Geek
+1 received by user: 4470

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713693 7-Nov-2012 18:17 Send private message

No, never found out.




2491 posts

Uber Geek
+1 received by user: 240

Trusted
Subscriber

  Reply # 713829 7-Nov-2012 21:17 Send private message

EB Games used to do the same thing. I've not seen them do it in some time though, and I've never seen DSE do it (not saying they didn't, just that I've not seen it).

What I'm wondering is with those carders cloning cards, is how BNZ's new dynamically rewriting cards actually stop that - they claim that every time a BNZ card is inserted in a BNZ ATM, the ATM will actually rewrite the track 2 data, making any cloned copies useless. I've actually seen what track 2 data looks like though, and I can't imagine how this tech would actually work since the track still needs to have the card number, name on card, expiry and CVV.

973 posts

Ultimate Geek
+1 received by user: 11


  Reply # 713858 7-Nov-2012 22:12 Send private message

I just tried to make a purchase with my debit card and got a "do not honor" error. Logged into my Kiwibank account to see if my account's empty and there's a message stating:
"Hi, we've sent you a new Visa Debit Card. From 20 November 2012 your old card will no longer work. Please cut up your old card immediately and activate your new one. If you haven't received your card yet, please call us on 0800 11 33 55."

I haven't been called, emailed, or (as far as I am aware) mailed any details about this, so I'm not sure if it's the same thing or not... but my card wasn't due to expire >Q2 next year.




rm *

385 posts

Ultimate Geek
+1 received by user: 33


  Reply # 713863 7-Nov-2012 22:17 Send private message

This happened to me about 2 months ago.
Got a call from my bank at 8.30am to tell me someone had been buying Skype credits on my credit card and had sucked it dry.

Luckily I didn't have that much money on it.
The bank managed to stop it going through or something.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Moment of Truth?
Created by BarTender, last reply by gzt on 22-Sep-2014 15:42 (411 replies)
Pages... 26 27 28


Festival of Democracy
Created by gzt, last reply by shk292 on 23-Sep-2014 08:48 (127 replies)
Pages... 7 8 9


GCSB Surveillance Vans?
Created by snowball, last reply by DravidDavid on 23-Sep-2014 12:18 (48 replies)
Pages... 2 3 4


Geekzone giveaway: ADATA SSD SP610 256GB and ADATA PV110 Power Bank
Created by freitasm, last reply by hairy1 on 23-Sep-2014 10:44 (44 replies)
Pages... 2 3


Predict E(l)ection 2014 & win
Created by nakedmolerat, last reply by Technofreak on 23-Sep-2014 09:38 (84 replies)
Pages... 4 5 6


TV for under $1000?
Created by TeaLeaf, last reply by richms on 22-Sep-2014 20:46 (16 replies)
Pages... 2


IOS8 - Network Load
Created by FireEngine, last reply by raytaylor on 20-Sep-2014 16:55 (45 replies)
Pages... 2 3


Looking for online productivity software recommendations
Created by fpsware, last reply by fpsware on 23-Sep-2014 11:38 (14 replies)


Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.