Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
10126 posts

Uber Geek
+1 received by user: 266

Trusted
Subscriber

  Reply # 713129 6-Nov-2012 20:07 Send private message

Kyanar:
And they didn't immediately cancel your card?  Giving someone else your credit card number to use is a breach of the card's terms and conditions - and definitely voids your zero liability guarantee.  You should really get the card changed, son or no since you've given the bank the perfect out to make you responsible if your card number ever gets swiped.


Only giving the physical card is against the terms and conditions.

If they didnt want the numbers to be given out they wouldnt provide them to you in cleartext embossed on a card.

I have used quickflix and had no phonecall about anything so that may be able to be ruled out.




Richard rich.ms

1822 posts

Uber Geek
+1 received by user: 58

Trusted
Subscriber

  Reply # 713149 6-Nov-2012 20:48 Send private message

I was rung by Kiwibank on Monday about this. It was a quick courtesy call from Kiwibank business banking to tell me that my card information had been passed to a third party by one of the merchants I have used in the past and that they were sending me a new card. They told me it was the card ending in digits XXXX. My new card turned up today. They wouldn't tell me the merchant as it was still "under investigation" but from the text of the letter I get the impression that a merchants credit card on file database had been breached. The nice kiwibank lady told me that there had been no suspicious transactions on my account. She didn't ask for any personal details.

Cheers, Matt.




Nexus 5, Galaxy Note 10.1, ASUS UX31e Ultrabook, Mysky HDi, 2talk

2243 posts

Uber Geek
+1 received by user: 152

Trusted
Subscriber

  Reply # 713325 7-Nov-2012 08:24 Send private message

richms: Only giving the physical card is against the terms and conditions.

If they didnt want the numbers to be given out they wouldnt provide them to you in cleartext embossed on a card.


Incorrect.  The terms for three of the four banks I checked the terms for state that it's absolutely forbidden to give the card number to another person to use, and the fourth said that in the event your card gets stolen they will hold you liable for the entire balance if you have given your card number out.

BTR

339 posts

Ultimate Geek
+1 received by user: 61


  Reply # 713346 7-Nov-2012 08:56 Send private message

I prefer debit cards over credit cards but that depends on the end user and if they actually have the funds for their purchase. All I do is have my card linked to a separate account and transfer money in as I need it, that way if my card is compromised they won't get a cent out of me.

655 posts

Ultimate Geek
+1 received by user: 5

Subscriber

  Reply # 713373 7-Nov-2012 09:37 Send private message

Kyanar:
allan: Yes I've notified my bank the last few times I've been in the USA and good on them for querying an airline booking transaction in the US when I gave my stranded son my credit card # to book a flight home.


And they didn't immediately cancel your card?  Giving someone else your credit card number to use is a breach of the card's terms and conditions - and definitely voids your zero liability guarantee.  You should really get the card changed, son or no since you've given the bank the perfect out to make you responsible if your card number ever gets swiped.

Just to clarify. I did speak to the booking agent to authorize the transaction, so it's not quite as extreme as my initial post made it appear.

Awesome
3701 posts

Uber Geek
+1 received by user: 311

Trusted
Subscriber

  Reply # 713608 7-Nov-2012 16:49 Send private message

When I was in Uni, a guy from BNZ came and spoke to us one day. He said that most cards get hit upwards of 80 times a day with fraudulent transactions, but 99.999% of those are stopped automatically by fraud scoring algorithms. Those that fall into a 'might be dodgy' bucket will then get reviewed by an agent, who will usually put a stop on the card if they suspect something is up, or at least try and get in touch.

I've never had any issues when overseas, and never bothered to tell the bank I was away. Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.

I always use my card to purchase airline tickets (for the free travel insurance), so if they suspected something was up, they would probably just look at my account and see the prior airline, hotel etc booking and be comfortable I was overseas.




Twitter: ajobbins

6092 posts

Uber Geek
+1 received by user: 208


  Reply # 713620 7-Nov-2012 16:59 Send private message

ajobbins: Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.


CC companies though are their own worst enemies, by making it so easy to put through a transaction online without any ID needed. It is the price of convenience.

BDFL
47924 posts

Uber Geek
+1 received by user: 3540

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713633 7-Nov-2012 17:09 Send private message

ajobbins: I've never had any issues when overseas, and never bothered to tell the bank I was away. Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.


Nope. A "carder" uses a clone of a legitimate credit card. Granted, with chip cards this is harder but since in the US these are not being heaviy used there's a lot of space for skimmers, mag writers, carder teams, etc to actually use a physical card in store, buy goods and then sell on eBay.

Read Kingpin: The true story of Max Butler, the master hacker who ran a billion dollar cyber crime network and you will be scared. Max Butler made millions stealing, selling and using stolen credit cards.

Watch the video here.




Awesome
3701 posts

Uber Geek
+1 received by user: 311

Trusted
Subscriber

  Reply # 713634 7-Nov-2012 17:14 Send private message

freitasm: Nope. A "carder" uses a clone of a legitimate credit card. Granted, with chip cards this is harder but since in the US these are not being heaviy used there's a lot of space for skimmers, mag writers, carder teams, etc to actually use a physical card in store, buy goods and then sell on eBay.


I'm going off what the BNZ guy said. Assume he was talking in volumes of transactions, with most being failed.

It's a lot easier to use the LUHN algorithm to generate hundreds or thousands of card numbers, and then just take a stab at the expiry date. With most cards only being issued for 2-3 years at a time, you have a pretty good hit rate on a couple of hundred cards.

CVV codes are pretty much universally required now, so that helps hugely too.




Twitter: ajobbins

BDFL
47924 posts

Uber Geek
+1 received by user: 3540

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713636 7-Nov-2012 17:19 Send private message

Read the book, by a Wired editor. The CVV codes were part of the mag stripe, so easily skimmed. New ones have different numbers but still easy to connect to the pizza joint and download transactions as they happen.

Max used a (at the time) VNC vulnerability (basically the server tells the client what protocols are available but a client can issue a connection request with any security - including "0" meaning no security - and the server accepted without checking against policies) to log into restaurants and download credit card transactions as they happened. That's because most of the POS checkout app were actually storing ALL the credit card information, including the mag stripe information.

Obviously things changed a lot since then, but not all retail store updated their systems, VNC servers, etc, etc.

A couple of years ago I was interested to find out why Dick Smith would use my credit card on EFTPOS terminals and then enter my credit card number in their POS - I mean, it's paid, accepted, they don't have to store my credit card for anything, so why do they?

Also skimmers are very active in New Zealand.




Awesome
3701 posts

Uber Geek
+1 received by user: 311

Trusted
Subscriber

  Reply # 713649 7-Nov-2012 17:29 Send private message

freitasm: A couple of years ago I was interested to find out why Dick Smith would use my credit card on EFTPOS terminals and then enter my credit card number in their POS - I mean, it's paid, accepted, they don't have to store my credit card for anything, so why do they?


Did you ever find out? I remember they used to write the last four digits on a copy of the receipt that went in the till.




Twitter: ajobbins

BDFL
47924 posts

Uber Geek
+1 received by user: 3540

Administrator
Trusted
Geekzone
Subscriber

  Reply # 713693 7-Nov-2012 18:17 Send private message

No, never found out.




2243 posts

Uber Geek
+1 received by user: 152

Trusted
Subscriber

  Reply # 713829 7-Nov-2012 21:17 Send private message

EB Games used to do the same thing. I've not seen them do it in some time though, and I've never seen DSE do it (not saying they didn't, just that I've not seen it).

What I'm wondering is with those carders cloning cards, is how BNZ's new dynamically rewriting cards actually stop that - they claim that every time a BNZ card is inserted in a BNZ ATM, the ATM will actually rewrite the track 2 data, making any cloned copies useless. I've actually seen what track 2 data looks like though, and I can't imagine how this tech would actually work since the track still needs to have the card number, name on card, expiry and CVV.

928 posts

Ultimate Geek
+1 received by user: 2


  Reply # 713858 7-Nov-2012 22:12 Send private message

I just tried to make a purchase with my debit card and got a "do not honor" error. Logged into my Kiwibank account to see if my account's empty and there's a message stating:
"Hi, we've sent you a new Visa Debit Card. From 20 November 2012 your old card will no longer work. Please cut up your old card immediately and activate your new one. If you haven't received your card yet, please call us on 0800 11 33 55."

I haven't been called, emailed, or (as far as I am aware) mailed any details about this, so I'm not sure if it's the same thing or not... but my card wasn't due to expire >Q2 next year.




rm *

382 posts

Ultimate Geek
+1 received by user: 33


  Reply # 713863 7-Nov-2012 22:17 Send private message

This happened to me about 2 months ago.
Got a call from my bank at 8.30am to tell me someone had been buying Skype credits on my credit card and had sucked it dry.

Luckily I didn't have that much money on it.
The bank managed to stop it going through or something.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic








Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when new jobs are posted to our jobs board:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Forms of government for New Zealand
Created by charsleysa, last reply by Kyanar on 18-Apr-2014 20:55 (98 replies)
Pages... 5 6 7


MH370 - Call for Search & Rescue Help
Created by DS248, last reply by Sideface on 17-Apr-2014 17:28 (735 replies)
Pages... 47 48 49


galaxy s4 now on 4.4.2
Created by nzrock, last reply by Cameron1991 on 19-Apr-2014 01:35 (51 replies)
Pages... 2 3 4


why does the tax payer have to pay for the prince and princess' 6 star holiday?
Created by joker97, last reply by Geektastic on 17-Apr-2014 15:49 (67 replies)
Pages... 3 4 5


Snap suffering Trans-Tasman congestion 18/04?
Created by Lias, last reply by NonprayingMantis on 19-Apr-2014 00:05 (26 replies)
Pages... 2


Help ! Home business connection and VDSL dead. yikes.
Created by Scotsman, last reply by Scotsman on 17-Apr-2014 21:10 (26 replies)
Pages... 2


Free connection to Ultra Fibre not true
Created by kapitikarl, last reply by cbrpilot on 15-Apr-2014 13:24 (27 replies)
Pages... 2


TVNZ on Demand Jailbreak Detection
Created by TranceManNZ, last reply by hio77 on 18-Apr-2014 20:25 (12 replies)


Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.