Originally Posted by
garyschmitt
If you believe that, then you have no reason to advocate for a pricier payment system because your premise in this case prevents you from having a cost-saving investment in another payment system.
What the. If there's an investment I can make that can reduce my cost, why will I not evaluate it? Of course it will have to pay for itself before I actually buy it, or otherwise I might as well just eat the cost.
I have no idea what the cost of introducing EMV in the US is compared to the annual losses to fraud, but given the US is one of the last adopters of EMV, the probable result is a profit.
Also this change has to happen nationally - but I don't see this being so difficult if Visa and Mastercard organise banks to do this.
Originally Posted by
garyschmitt
Indeed. If you want to advocate something that is less vulnerable to fraud, cash-only would do that because risk of counterfeit bills is much less. Cost is lower, but market share is negatively influenced by the lack of payment acceptance. It's common in Europe for small retailers to take the cash-only route to reduce cost.
That may very well happen if the US doesn't go to EMV soon.
I don't see acceptance of cash as an issue being inferior to cards except for unmanned kiosks. But I understand the US has no such kiosks anyway - they're in Europe.
[QUOTE=garyschmitt;17513533]Indeed, but now you're talking something different than jeffjaguar, who proposed following a waitress to the terminal to witness the swiping action. What you describe is not merely portability, but rather a combination of changes that would likely enhance security (if implemented correctly).
Originally Posted by
garyschmitt
Although what you propose still leaves room for debate because it replaces old vulnerabilities with new ones, and we're speculating that the new ones are lesser. Moreover, the skimming vulnerability is only countered if the insertion only penetrates the device enough to read the chip (if it were to take the full length of the card, the magstripe could still be skimmed while the chip is accessed). And such an attempt at an old exploit would generally work because consumers don't think that critically enough to notice.
I'm assuming merchant staff can easily skim a card if they want to. But having done so, there's not a lot of places they can use it.
We've taxis over here who take Visa (very few). The first batch of terminals weren't reliable. Some cabbies try to make my EMV chip + magstripe Visa card (Visas only, or cash) work by magstripe when the EMV chip processing failed. The terminal tells them every time to use the chip instead, because mine is an EMV card.
Originally Posted by
garyschmitt
Even more secure yet would be to use a wired terminal to process a pure EMV card (that is, with no magstripe on the card). And it would impose no critical thinking or street wisdom on the consumer.
Wired + magstripe is not secure either - I can bug the POS terminal's phone line and/or insert a well-disguised, compact skimmer on the card terminal.
EMV even over unsecured wireless is better cos each time the terminal generates a fresh request and the chip is needed to send the right response to the request back to the issuer for authorising payment.