Debit cards lag credit cards in EMV migration, putting banks at risk

Discussion in 'other security issues & news' started by ronjor, Sep 22, 2015.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,791
    Location:
    Texas
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,791
    Location:
    Texas
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,791
    Location:
    Texas
  4. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    Not surprising given the costs and the differences in liability responsibilities between credit and debit cards.

    Credit Cards: Under federal law (The 1968 Truth In Lending Act), your responsibility for unauthorized credit card charges is limited to $50, and in some cases would be $0.

    Debit Cards: Your responsibility for debit card fraud charges is a bit more under the 1977 Electronic Funds Transfer Act:

    For lost or stolen cards:

    $50 if you report to the bank within 2 business days after you learn about the loss or theft.

    Up to $500 afterwards if you report to the bank more than 2 business days after you learn about the loss or theft, but less than 60 calendar days after your statement is sent to you,.

    Unlimited if you fail to notify the mank of the card's loss or theft more than 60 calendar days after your statement is sent to you.

    Fraudulent use of your debit card numbers with their having been no loss or theft of your card:

    If someone makes unauthorized transactions with your debit card number, but your card is not lost, you are not liable for those transactions if you report them within 60 days of your statement being sent to you."

    See: http://www.consumer.ftc.gov/articles/0213-lost-or-stolen-credit-atm-and-debit-cards

    My bank must have a lousy customer loss policy on its debit card. Many banks have adopted a voluntary zero-loss policy on their debit cards. Under a zero loss policy the customer must still follow the times to report fraud or loss of card as specified in the 1977 Electronic Funds Transfer Act and they are just promises, not law. Guess mine hasn't even done that. Its not issuing the new chip card until the customer's current card expires.
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,791
    Location:
    Texas
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,791
    Location:
    Texas
  7. Rolo42

    Rolo42 Registered Member

    Joined:
    Jan 22, 2012
    Posts:
    569
    Location:
    USA
    The chip/PIN setup was broken when it left the gate.

    Chip also has poor design in that it requires the user to break physical contact with the card, unlike swiping.

    Signature is the only means of nonrepudiation.
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
    'Tis the season for card data theft — more than ever
    http://www.thecalifornian.com/story.../weisman-emv-cards-holiday-shopping/76265450/

     
  9. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,791
    Location:
    Texas
    http://www.infosecurity-magazine.com/news/consumers-confused-by-chip-pin/
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,791
    Location:
    Texas
  11. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,595
    So again, my rant, if (by law) ACH turned off non-EMV processing those locations would be using it in less than 24 hours. Complete no brainer!!
     
Loading...