Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
10639 posts

Uber Geek
+1 received by user: 377

Trusted
Subscriber

  Reply # 713129 6-Nov-2012 20:07 Send private message

Kyanar:
And they didn't immediately cancel your card?  Giving someone else your credit card number to use is a breach of the card's terms and conditions - and definitely voids your zero liability guarantee.  You should really get the card changed, son or no since you've given the bank the perfect out to make you responsible if your card number ever gets swiped.


Only giving the physical card is against the terms and conditions.

If they didnt want the numbers to be given out they wouldnt provide them to you in cleartext embossed on a card.

I have used quickflix and had no phonecall about anything so that may be able to be ruled out.




Richard rich.ms

1916 posts

Uber Geek
+1 received by user: 81

Trusted
Subscriber

  Reply # 713149 6-Nov-2012 20:48 Send private message

I was rung by Kiwibank on Monday about this. It was a quick courtesy call from Kiwibank business banking to tell me that my card information had been passed to a third party by one of the merchants I have used in the past and that they were sending me a new card. They told me it was the card ending in digits XXXX. My new card turned up today. They wouldn't tell me the merchant as it was still "under investigation" but from the text of the letter I get the impression that a merchants credit card on file database had been breached. The nice kiwibank lady told me that there had been no suspicious transactions on my account. She didn't ask for any personal details.

Cheers, Matt.




Nexus 5, Galaxy Note 10.1, ASUS UX31e Ultrabook, Mysky HDi, 2talk

2437 posts

Uber Geek
+1 received by user: 218

Trusted
Subscriber

  Reply # 713325 7-Nov-2012 08:24 Send private message

richms: Only giving the physical card is against the terms and conditions.

If they didnt want the numbers to be given out they wouldnt provide them to you in cleartext embossed on a card.


Incorrect.  The terms for three of the four banks I checked the terms for state that it's absolutely forbidden to give the card number to another person to use, and the fourth said that in the event your card gets stolen they will hold you liable for the entire balance if you have given your card number out.

BTR

396 posts

Ultimate Geek
+1 received by user: 68


  Reply # 713346 7-Nov-2012 08:56 Send private message

I prefer debit cards over credit cards but that depends on the end user and if they actually have the funds for their purchase. All I do is have my card linked to a separate account and transfer money in as I need it, that way if my card is compromised they won't get a cent out of me.

667 posts

Ultimate Geek
+1 received by user: 7

Subscriber

  Reply # 713373 7-Nov-2012 09:37 Send private message

Kyanar:
allan: Yes I've notified my bank the last few times I've been in the USA and good on them for querying an airline booking transaction in the US when I gave my stranded son my credit card # to book a flight home.


And they didn't immediately cancel your card?  Giving someone else your credit card number to use is a breach of the card's terms and conditions - and definitely voids your zero liability guarantee.  You should really get the card changed, son or no since you've given the bank the perfect out to make you responsible if your card number ever gets swiped.

Just to clarify. I did speak to the booking agent to authorize the transaction, so it's not quite as extreme as my initial post made it appear.

Awesome
3841 posts

Uber Geek
+1 received by user: 363

Trusted
Subscriber

  Reply # 713608 7-Nov-2012 16:49 Send private message

When I was in Uni, a guy from BNZ came and spoke to us one day. He said that most cards get hit upwards of 80 times a day with fraudulent transactions, but 99.999% of those are stopped automatically by fraud scoring algorithms. Those that fall into a 'might be dodgy' bucket will then get reviewed by an agent, who will usually put a stop on the card if they suspect something is up, or at least try and get in touch.

I've never had any issues when overseas, and never bothered to tell the bank I was away. Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.

I always use my card to purchase airline tickets (for the free travel insurance), so if they suspected something was up, they would probably just look at my account and see the prior airline, hotel etc booking and be comfortable I was overseas.




Twitter: ajobbins

6821 posts

Uber Geek
+1 received by user: 313


  Reply # 713620 7-Nov-2012 16:59 Send private message

ajobbins: Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.


CC companies though are their own worst enemies, by making it so easy to put through a transaction online without any ID needed. It is the price of convenience.

BDFL
49108 posts

Uber Geek
+1 received by user: 4131

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713633 7-Nov-2012 17:09 Send private message

ajobbins: I've never had any issues when overseas, and never bothered to tell the bank I was away. Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.


Nope. A "carder" uses a clone of a legitimate credit card. Granted, with chip cards this is harder but since in the US these are not being heaviy used there's a lot of space for skimmers, mag writers, carder teams, etc to actually use a physical card in store, buy goods and then sell on eBay.

Read Kingpin: The true story of Max Butler, the master hacker who ran a billion dollar cyber crime network and you will be scared. Max Butler made millions stealing, selling and using stolen credit cards.

Watch the video here.




Awesome
3841 posts

Uber Geek
+1 received by user: 363

Trusted
Subscriber

  Reply # 713634 7-Nov-2012 17:14 Send private message

freitasm: Nope. A "carder" uses a clone of a legitimate credit card. Granted, with chip cards this is harder but since in the US these are not being heaviy used there's a lot of space for skimmers, mag writers, carder teams, etc to actually use a physical card in store, buy goods and then sell on eBay.


I'm going off what the BNZ guy said. Assume he was talking in volumes of transactions, with most being failed.

It's a lot easier to use the LUHN algorithm to generate hundreds or thousands of card numbers, and then just take a stab at the expiry date. With most cards only being issued for 2-3 years at a time, you have a pretty good hit rate on a couple of hundred cards.

CVV codes are pretty much universally required now, so that helps hugely too.




Twitter: ajobbins

BDFL
49108 posts

Uber Geek
+1 received by user: 4131

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713636 7-Nov-2012 17:19 Send private message

Read the book, by a Wired editor. The CVV codes were part of the mag stripe, so easily skimmed. New ones have different numbers but still easy to connect to the pizza joint and download transactions as they happen.

Max used a (at the time) VNC vulnerability (basically the server tells the client what protocols are available but a client can issue a connection request with any security - including "0" meaning no security - and the server accepted without checking against policies) to log into restaurants and download credit card transactions as they happened. That's because most of the POS checkout app were actually storing ALL the credit card information, including the mag stripe information.

Obviously things changed a lot since then, but not all retail store updated their systems, VNC servers, etc, etc.

A couple of years ago I was interested to find out why Dick Smith would use my credit card on EFTPOS terminals and then enter my credit card number in their POS - I mean, it's paid, accepted, they don't have to store my credit card for anything, so why do they?

Also skimmers are very active in New Zealand.




Awesome
3841 posts

Uber Geek
+1 received by user: 363

Trusted
Subscriber

  Reply # 713649 7-Nov-2012 17:29 Send private message

freitasm: A couple of years ago I was interested to find out why Dick Smith would use my credit card on EFTPOS terminals and then enter my credit card number in their POS - I mean, it's paid, accepted, they don't have to store my credit card for anything, so why do they?


Did you ever find out? I remember they used to write the last four digits on a copy of the receipt that went in the till.




Twitter: ajobbins

BDFL
49108 posts

Uber Geek
+1 received by user: 4131

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713693 7-Nov-2012 18:17 Send private message

No, never found out.




2437 posts

Uber Geek
+1 received by user: 218

Trusted
Subscriber

  Reply # 713829 7-Nov-2012 21:17 Send private message

EB Games used to do the same thing. I've not seen them do it in some time though, and I've never seen DSE do it (not saying they didn't, just that I've not seen it).

What I'm wondering is with those carders cloning cards, is how BNZ's new dynamically rewriting cards actually stop that - they claim that every time a BNZ card is inserted in a BNZ ATM, the ATM will actually rewrite the track 2 data, making any cloned copies useless. I've actually seen what track 2 data looks like though, and I can't imagine how this tech would actually work since the track still needs to have the card number, name on card, expiry and CVV.

935 posts

Ultimate Geek
+1 received by user: 4


  Reply # 713858 7-Nov-2012 22:12 Send private message

I just tried to make a purchase with my debit card and got a "do not honor" error. Logged into my Kiwibank account to see if my account's empty and there's a message stating:
"Hi, we've sent you a new Visa Debit Card. From 20 November 2012 your old card will no longer work. Please cut up your old card immediately and activate your new one. If you haven't received your card yet, please call us on 0800 11 33 55."

I haven't been called, emailed, or (as far as I am aware) mailed any details about this, so I'm not sure if it's the same thing or not... but my card wasn't due to expire >Q2 next year.




rm *

383 posts

Ultimate Geek
+1 received by user: 33


  Reply # 713863 7-Nov-2012 22:17 Send private message

This happened to me about 2 months ago.
Got a call from my bank at 8.30am to tell me someone had been buying Skype credits on my credit card and had sucked it dry.

Luckily I didn't have that much money on it.
The bank managed to stop it going through or something.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

MH 17 "shot down" all dead
Created by joker97, last reply by turnin on 22-Jul-2014 16:56 (196 replies)
Pages... 12 13 14


PB Computers experiences
Created by KiwiNZ, last reply by paulmilbank on 23-Jul-2014 11:32 (20 replies)
Pages... 2


Huge Fuss, didn't even make it a year.
Created by networkn, last reply by Glassboy on 22-Jul-2014 19:50 (121 replies)
Pages... 7 8 9


Skinny's new aggressive ad campaign
Created by Yabanize, last reply by Yabanize on 22-Jul-2014 23:35 (52 replies)
Pages... 2 3 4


Insulation - good deals?
Created by Fred99, last reply by Handle9 on 19-Jul-2014 18:08 (15 replies)

Telecom and temporarily moving
Created by Tel69, last reply by NonprayingMantis on 19-Jul-2014 21:34 (12 replies)

Cunliffe on Holiday
Created by networkn, last reply by trig42 on 23-Jul-2014 09:02 (34 replies)
Pages... 2 3


Those were the days......Xtra Jetstream plans 10 yrs ago
Created by clinty, last reply by tdgeek on 23-Jul-2014 11:43 (31 replies)
Pages... 2 3



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.