Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
richms
23680 posts

Uber Geek

Trusted
Subscriber

  #713129 6-Nov-2012 20:07
Send private message

Kyanar:
And they didn't immediately cancel your card?  Giving someone else your credit card number to use is a breach of the card's terms and conditions - and definitely voids your zero liability guarantee.  You should really get the card changed, son or no since you've given the bank the perfect out to make you responsible if your card number ever gets swiped.


Only giving the physical card is against the terms and conditions.

If they didnt want the numbers to be given out they wouldnt provide them to you in cleartext embossed on a card.

I have used quickflix and had no phonecall about anything so that may be able to be ruled out.




Richard rich.ms

hairy1
2988 posts

Uber Geek

Trusted
Lifetime subscriber

  #713149 6-Nov-2012 20:48
Send private message

I was rung by Kiwibank on Monday about this. It was a quick courtesy call from Kiwibank business banking to tell me that my card information had been passed to a third party by one of the merchants I have used in the past and that they were sending me a new card. They told me it was the card ending in digits XXXX. My new card turned up today. They wouldn't tell me the merchant as it was still "under investigation" but from the text of the letter I get the impression that a merchants credit card on file database had been breached. The nice kiwibank lady told me that there had been no suspicious transactions on my account. She didn't ask for any personal details.

Cheers, Matt.




My views (except when I am looking out their windows) are not those of my employer.


 
 
 
 


Kyanar
3214 posts

Uber Geek

Trusted
Subscriber

  #713325 7-Nov-2012 08:24
Send private message

richms: Only giving the physical card is against the terms and conditions.

If they didnt want the numbers to be given out they wouldnt provide them to you in cleartext embossed on a card.


Incorrect.  The terms for three of the four banks I checked the terms for state that it's absolutely forbidden to give the card number to another person to use, and the fourth said that in the event your card gets stolen they will hold you liable for the entire balance if you have given your card number out.

BTR

BTR
1522 posts

Uber Geek


  #713346 7-Nov-2012 08:56
Send private message

I prefer debit cards over credit cards but that depends on the end user and if they actually have the funds for their purchase. All I do is have my card linked to a separate account and transfer money in as I need it, that way if my card is compromised they won't get a cent out of me.

allan
1313 posts

Uber Geek

Subscriber

  #713373 7-Nov-2012 09:37
Send private message

Kyanar:
allan: Yes I've notified my bank the last few times I've been in the USA and good on them for querying an airline booking transaction in the US when I gave my stranded son my credit card # to book a flight home.


And they didn't immediately cancel your card?  Giving someone else your credit card number to use is a breach of the card's terms and conditions - and definitely voids your zero liability guarantee.  You should really get the card changed, son or no since you've given the bank the perfect out to make you responsible if your card number ever gets swiped.

Just to clarify. I did speak to the booking agent to authorize the transaction, so it's not quite as extreme as my initial post made it appear.

ajobbins
Awesome
4891 posts

Uber Geek

Trusted
Subscriber

  #713608 7-Nov-2012 16:49
Send private message

When I was in Uni, a guy from BNZ came and spoke to us one day. He said that most cards get hit upwards of 80 times a day with fraudulent transactions, but 99.999% of those are stopped automatically by fraud scoring algorithms. Those that fall into a 'might be dodgy' bucket will then get reviewed by an agent, who will usually put a stop on the card if they suspect something is up, or at least try and get in touch.

I've never had any issues when overseas, and never bothered to tell the bank I was away. Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.

I always use my card to purchase airline tickets (for the free travel insurance), so if they suspected something was up, they would probably just look at my account and see the prior airline, hotel etc booking and be comfortable I was overseas.




Twitter: ajobbins


mattwnz
16852 posts

Uber Geek


  #713620 7-Nov-2012 16:59
Send private message

ajobbins: Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.


CC companies though are their own worst enemies, by making it so easy to put through a transaction online without any ID needed. It is the price of convenience.

 
 
 
 


freitasm
BDFL - Memuneh
68842 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #713633 7-Nov-2012 17:09
Send private message

ajobbins: I've never had any issues when overseas, and never bothered to tell the bank I was away. Most card fraud happens in 'card not present' transactions, eg where the physical card is not present at the point of sale (Eg. Online, over the phone). If you are overseas and using your card in a terminal, especially if you are using an EMV chip card and compliant terminal, you are probably not going to have any issues.


Nope. A "carder" uses a clone of a legitimate credit card. Granted, with chip cards this is harder but since in the US these are not being heaviy used there's a lot of space for skimmers, mag writers, carder teams, etc to actually use a physical card in store, buy goods and then sell on eBay.

Read Kingpin: The true story of Max Butler, the master hacker who ran a billion dollar cyber crime network and you will be scared. Max Butler made millions stealing, selling and using stolen credit cards.

Watch the video here.




 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


ajobbins
Awesome
4891 posts

Uber Geek

Trusted
Subscriber

  #713634 7-Nov-2012 17:14
Send private message

freitasm: Nope. A "carder" uses a clone of a legitimate credit card. Granted, with chip cards this is harder but since in the US these are not being heaviy used there's a lot of space for skimmers, mag writers, carder teams, etc to actually use a physical card in store, buy goods and then sell on eBay.


I'm going off what the BNZ guy said. Assume he was talking in volumes of transactions, with most being failed.

It's a lot easier to use the LUHN algorithm to generate hundreds or thousands of card numbers, and then just take a stab at the expiry date. With most cards only being issued for 2-3 years at a time, you have a pretty good hit rate on a couple of hundred cards.

CVV codes are pretty much universally required now, so that helps hugely too.




Twitter: ajobbins


freitasm
BDFL - Memuneh
68842 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #713636 7-Nov-2012 17:19
Send private message

Read the book, by a Wired editor. The CVV codes were part of the mag stripe, so easily skimmed. New ones have different numbers but still easy to connect to the pizza joint and download transactions as they happen.

Max used a (at the time) VNC vulnerability (basically the server tells the client what protocols are available but a client can issue a connection request with any security - including "0" meaning no security - and the server accepted without checking against policies) to log into restaurants and download credit card transactions as they happened. That's because most of the POS checkout app were actually storing ALL the credit card information, including the mag stripe information.

Obviously things changed a lot since then, but not all retail store updated their systems, VNC servers, etc, etc.

A couple of years ago I was interested to find out why Dick Smith would use my credit card on EFTPOS terminals and then enter my credit card number in their POS - I mean, it's paid, accepted, they don't have to store my credit card for anything, so why do they?

Also skimmers are very active in New Zealand.




 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


ajobbins
Awesome
4891 posts

Uber Geek

Trusted
Subscriber

  #713649 7-Nov-2012 17:29
Send private message

freitasm: A couple of years ago I was interested to find out why Dick Smith would use my credit card on EFTPOS terminals and then enter my credit card number in their POS - I mean, it's paid, accepted, they don't have to store my credit card for anything, so why do they?


Did you ever find out? I remember they used to write the last four digits on a copy of the receipt that went in the till.




Twitter: ajobbins


freitasm
BDFL - Memuneh
68842 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #713693 7-Nov-2012 18:17
Send private message

No, never found out.




 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


Kyanar
3214 posts

Uber Geek

Trusted
Subscriber

  #713829 7-Nov-2012 21:17
Send private message

EB Games used to do the same thing. I've not seen them do it in some time though, and I've never seen DSE do it (not saying they didn't, just that I've not seen it).

What I'm wondering is with those carders cloning cards, is how BNZ's new dynamically rewriting cards actually stop that - they claim that every time a BNZ card is inserted in a BNZ ATM, the ATM will actually rewrite the track 2 data, making any cloned copies useless. I've actually seen what track 2 data looks like though, and I can't imagine how this tech would actually work since the track still needs to have the card number, name on card, expiry and CVV.

Detruire
1296 posts

Uber Geek


  #713858 7-Nov-2012 22:12
Send private message

I just tried to make a purchase with my debit card and got a "do not honor" error. Logged into my Kiwibank account to see if my account's empty and there's a message stating:
"Hi, we've sent you a new Visa Debit Card. From 20 November 2012 your old card will no longer work. Please cut up your old card immediately and activate your new one. If you haven't received your card yet, please call us on 0800 11 33 55."

I haven't been called, emailed, or (as far as I am aware) mailed any details about this, so I'm not sure if it's the same thing or not... but my card wasn't due to expire >Q2 next year.




rm *


da5id
552 posts

Ultimate Geek
Inactive user


  #713863 7-Nov-2012 22:17
Send private message

This happened to me about 2 months ago.
Got a call from my bank at 8.30am to tell me someone had been buying Skype credits on my credit card and had sucked it dry.

Luckily I didn't have that much money on it.
The bank managed to stop it going through or something.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic





News »

Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32


NordVPN starts deploying colocated servers
Posted 7-Oct-2020 09:00


Google introduces Nest Wifi routers in New Zealand
Posted 7-Oct-2020 05:00


Orcon to bundle Google Nest Wifi router with new accounts
Posted 7-Oct-2020 05:00


Epay and Centrapay partner to create digital gift cards
Posted 2-Oct-2020 17:34


Inseego launches 5G MiFi M2000 mobile hotspot
Posted 2-Oct-2020 14:53









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.