That is a terrible analogy.

If I am in an accident, a seatbelt may save my life.

Chip & PIN provides me with no benefit whatsoever.

I'm completely serious. More eating in HK feeds more DCC data points. :D

Many of the small dim sum places are cash only, so DCC isn't usually a factor. I've got three DCC transactions that will post over the course of the next few days, and I'll report back.

There's really two sepearate issues here:

1. Transition from magstripe to chip

2. Transition from signature-based verification to PIN-based verification.

The British/EU banking industry has done a great disservice in combining the two. There is absolutely no need to - here in HK, and in PRC, Taiwan, Japan, Korea and Australia (initially) (1) has been done without moving to (2).

(1) is an improvement for everyone on the whole. It really is like the introduction of seat belts or the Polio vaccine - a technological improvement with little downside for either bank or cardholder. There may be transition problems but once in place it really does cut down fraud.

(2) as as devious as DCC. At least in British-based Bills of Exchanges jurisdictions such as UK, Australia and HK, a bad signature is the bank's problem and not the customer's. What the UK banks have done is to introduce PIN-based authentication with DCC and surreptitiously move the liability for fraud from cardholder http://en.wikipedia.org/wiki/Chip_an...s.27_liability on the basis chip authentication (which is really a separate matter as the Hong Kong experience shows) should reduce fraud.

Although PIN authentication may seem more secure than a signature to Mrs. Jones on the High Street ("no-one checks a signature" is an approving remark I heard from such a Mrs. Jones from New Zealand) this is absolutely wrong from a legal point of view. From Bills of Exchanges law which later evolved to cheque law, a bad signature will release liability from the signer (cardholder) and also imposes liability on the person accepting the signature (the merchant) to satisfy himself the signer is who he says he is.

If your card is said to have been used on a Rolex purchase transaction in Switzerland authenticated by signature you can have your liability released by proving you've never visited Switzerland at the time of transaction (a pretty easy action for us Hongkongers since we can request Immigration Department Hong Kong to release our travel records to our bank).

If the transaction was authenticated by PIN then the banks can deny liability like ATM transactions and you have to prove the bank leaked card info...

The UK belatedly reintroduced fraud liability for banks in 2009 but banks still sometimes act as if it is for the cardholder to prove his PIN has not been compromised http://www.thisismoney.co.uk/money/s...ist-banks.html

Since HK is still chip and signature, how is merchant support for C&P cards? Are the terminals inaccessible to customers in some places? And do cards issued in HK generally have a PIN backup?

How does the transition from magstripe to chip help me (the carholder?). What added benefit does it provide to me?

At best, it's neutral from my point of view. Seat belts and the polio vaccine, on the other hand, can both save my life. I don't see how you can compare the two.

If that UPS agent at the warehouse had refused to take back the unopened box that the card thief ordered online and had shipped to my house (!) I'd probably would have had to pay for return shipping. That would have been a concrete financial loss for me, albeit a small one. Totally possible that compromise was from some website though due to them knowing my address, but if they did get my info from some brick and mortar store then chips could have helped.

Card terminals are not generally produced to cardholder.

C&p cards will be chip read but a slip will be produced for signature. I've not been told about problems for chip and pin cards in HK.

Even if my bank honours every chargeback claim I file, I will save time if I need not file any chargeback claim in the first place.

Also my card will have to be replaced less often - "higher availability"?

Interesting. The merchant acquirers there probably disabled all forms of PIN on the terminals since they probably didn't have HK-only machines built for them. Because the US is technically "chip and choice" acquirers probably aren't going to disable PIN on terminals here. Hopefully terminal positioning improves before October.

Huh?

Someone used one of my cards a few years back to buy some stuff online. I think they were trying to ship stuff to them but the website shipped to me instead. UPS was a bit reluctant to take the box back until I explained what happened.

Actually we do collect PINs for PRC Unionpay cardholders. Although Unionpay is progressively moving to chip (their chip - "PBOC 2.0" not EMV), the majority of the cards I see brought down from the Mainland are swipe cards and the verification convention is to require both a PIN and signature.

But I don't see this being done for Visa or Mastercard cardholders from overseas. Even oreck, who used a RBC card to pay at Rainbow.

A friend of a friend got drunk and bought a porsche off of ebay once. The best part was that he lived in New York and had nowhere to park it. So he found somewhere in New Jersey to park it and went to drive it on weekends.

Not that I'm suggesting that that's what happened to you :)

In your case, you would absolutely not have to pay for return shipping. You can just file a chargeback since the account use was unauthorized. You are under no obligation to ship it back at your expense.

FWIW, magstripe in no way requires that stores hang onto your creit card info after you use it. They just have poor security practices. I'm sure that they will continue to have poor security practices in the future.

True but I rather minimise unauthorised use then making my bank eat the loss. At the very least I still have to pick up the phone or log into internet banking and dispute line items.

In tmiw's case the card was used online so whether the card is chip or swipe would not have mattered. My wife had a similar experience this week http://www.hongkongcard.com/forum/fo...w.php?id=13859 but it appears the bank involved has compromised a whole bunch of card codes.

With regard to chip authenticated transactions, at least in the HK case there is still the cardholder's option to require the HK bank to prove the transaction has been authorised by cardholder. If the cardholder still possesses the card, and the travel records show the cardholder can't have travelled to the merchant, the bank is almost certainly on the hook for accepting a bad transaction. The merchant will have to prove fraud or complicity in fraud, and most will simply pay up than bother.

As with DCC, the default action/burden of proof is a significant factor. Thank goodness HK regulators are quite "reactionary" and are sticking with signatures.

Well with chip cards they can't - even better.

For EMV vs mag, I think EMV is harder to reproduce, and transaction details are less prone to data hacks, right?
It does not help in online transaction cases though for sure.