Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
The Almighty Buck Businesses Crime Security

Ask Slashdot: How Do You Keep Your Credit Card Secure? 385

It's easy to pontificate about the best security practices -- but the real test is what we do with our own money. Long-time Slashdot reader Keybounce writes: So, like most of you, I recently got a new credit card with a chip in it. I was not worried about that -- I know the chips are harder to copy and counterfeit. But I recently discovered that the card is also a radio card -- swiping it near the screen caused an message to show up on the reader. In this case, it told me to use the chip reader instead, but this means it has an active radio signal, and could be "hacked" -- stolen by someone with the right device.

How can I prevent this? Is there anything I can do that will disable the radio signal and still leave the chip functioning?

At least 200 million RFID credit cards were in circulation by 2012, even though their signals could be easily intercepted, prompting the introduction of RFID-blocking wallets and sleeves. But what's the alternative? A recent article in Quartz argued that America's transition to chip cards has been an utter disaster (since the banks dispensed with PIN numbers altogether and now validate with only an electronic signature). Is the answer to just use a mobile wallet like Apple Pay or Android Pay -- or to always pay with cash?

So leave your own answer in the the comments. How are you keeping your own credit card secure?
This discussion has been archived. No new comments can be posted.

Ask Slashdot: How Do You Keep Your Credit Card Secure?

Comments Filter:
  • Shielding, jamming (Score:5, Interesting)

    by stevel ( 64802 ) * on Sunday July 31, 2016 @06:36PM (#52617915) Homepage

    Currently I use an envelope that claims to be RFID shielding. No idea if it works or not.

    I have backed on Kickstarter an interesting "jamming" solution, Vaultcard [kickstarter.com], which looks promising.

    The current RFID cards - Visa PayWave is one brand - provide the "Track 2" data plus an authentication code from the EMV chip. Quite usable for fraud.

    • by ls671 ( 1122017 ) on Sunday July 31, 2016 @08:22PM (#52618405) Homepage

      I am already using Vaultcard but since I carry the cards close to my genitals, I decided to add a layer of protective gearing constituted of a lead casing. It ended up requiring an additional belt that I wear under my clothes so it is not apparent. It is a little heavy and uncomfortable but in the end I feel safe in all regards and proud to be using the latest technologies.

    • by AHuxley ( 892839 )
      +1 for shielding. Keep an eye on any outgoing account activity. Find a real bank that has services to protect its customers rather than wait for its consumers to report issues.
      Use cash for a lot of smaller transactions.
    • by mjwx ( 966435 ) on Sunday July 31, 2016 @11:44PM (#52619117)

      The current RFID cards - Visa PayWave is one brand - provide the "Track 2" data plus an authentication code from the EMV chip. Quite usable for fraud.

      Forget track 2 data, the card gives out your name, card number and expiry date wirelessly to anything that asks. That's enough for anyone to start making transactions.

      The first thing I do when I get an NFC enabled card is disable the wireless. I do this using a Stanley knife. If you look at your card over a bright light, you can see the induction loop, It then becomes a simple matter of making a small incision into the card to sever the induction loop. No loop, no wireless, card still behaves nicely with Chip and Pin terminals.

      I've tested this with an app on my Android phone (here [google.com] but it hasn't been updated in a while and doesn't work with my Nexus 5x). Its also been tested many times by vendors who don't seem to get that yes, it's disabled now stick it in the machine so I can press savings.

      Personally I wouldn't bother with trying to shield or jam it as malicious devices are most likely to be placed on terminals, ATM's and other places where you'll have your card unshielded. If you don't want your card to be exposed, disable it completely.

    • by AmiMoJo ( 196126 ) on Monday August 01, 2016 @02:41AM (#52619547) Homepage Journal

      Do you really think that the banks would have added a feature that makes fraud as easy as pointing an antenna at people walking past? Where are the crime waves of people draining accounts with concealed card readers? How come it's been in use for over a decade in some parts of the world and they haven't noticed this massive flaw in their security?

      Unless US banks are uniquely incompetent with their card design I think this is just paranoia, whipped up by click-bait articles.

      • by stevel ( 64802 ) * on Monday August 01, 2016 @07:40AM (#52620525) Homepage

        Do you really think that the banks would have added a feature that makes fraud as easy as pointing an antenna at people walking past? Where are the crime waves of people draining accounts with concealed card readers?

        Why yes, I do. It has been demonstrated numerous times, and is easy to reproduce on your own with inexpensive equipment. The specs are public (have you read them? I have.) Even EMV chips send your card information in plaintext - any encryption needs to be added by the terminal. You may not have read much about it as RFID cards are still uncommon in the US, but that is changing. The specs for this and EMV are more than a decade old and were designed for the banks' convenience, not your protection.

        US banks have shown a singular unwillingness to invest in technology that helps their customers. In the US they fall back on "zero liability" terms that mostly shield customers from direct financial losses but then pass on the cost of billions of dollars of fraud to all consumers and merchants.

        • by AmiMoJo ( 196126 )

          So in the US you have vast amounts of walk-by contactless card fraud? How come it doesn't get reported?

  • Tinfoil (Score:3, Informative)

    by dimethylxanthine ( 946092 ) <mr.fruit@ g m a i l . c om> on Sunday July 31, 2016 @06:38PM (#52617923) Homepage
    Tinfoil around the inside of the wallet. And don't forget the hat!
  • Turn it off (Score:4, Interesting)

    by Mikkeles ( 698461 ) on Sunday July 31, 2016 @06:38PM (#52617925)

    We just asked our bank to have it deactivated and they did.

    • Re:Turn it off (Score:4, Informative)

      by stevel ( 64802 ) * on Sunday July 31, 2016 @06:43PM (#52617939) Homepage

      That does very little good. The info that can be obtained with a reader is still usable for making charges to your account.

      • Re:Turn it off (Score:5, Informative)

        by Wrath0fb0b ( 302444 ) on Sunday July 31, 2016 @09:41PM (#52618675)

        Not even remotely true. The information that can be obtained with a reader does not contain the actual keys (!) that would be used to sign a transaction.

        You could actually read about EMV, the specification is public. It's fairly clear you haven't.

        • Re:Turn it off (Score:4, Interesting)

          by mjwx ( 966435 ) on Sunday July 31, 2016 @11:46PM (#52619127)

          Not even remotely true. The information that can be obtained with a reader does not contain the actual keys (!) that would be used to sign a transaction.

          You could actually read about EMV, the specification is public. It's fairly clear you haven't.

          Actually, it contains your card number, name and expiry date.

          Everything you need to start making transactions online.

          I have to wonder why people still think that card cloning is a credible threat these days... Card fraud moved online years ago, far better return on effort.

          • Re:Turn it off (Score:5, Informative)

            by Anonymous Coward on Monday August 01, 2016 @04:32AM (#52619849)

            It doesn't include the CVV2 that will be requested even by very low risk online retailers. You might be thinking, "But this field right here is labelled CVV" and it is, but there are like four CVVs for a modern card, and that's the wrong one. The one you need online is CVV2, which is the one written on the back of the card but not stored on the card itself.

            This happened because cards _used_ to have just one CVV, baked into the magstripe, so you could tell you had a "real" magstripe read, not one based on just reading the digits off the card, but if people got the CVV elsewhere they'd fake that out. So the "fix" was to have a different value for CVV in each place, and check you got the right one. So there's a CVV for EMV chip transactions, a CVV for the magstripe and one written on the card for online.

            • Re: (Score:3, Interesting)

              by stevel ( 64802 ) *

              Pretty much every week I place online orders with merchants that don't ask for CVV2. While it is true that the RFID data doesn't include CVV2 (it has a digital signature code created by the EMV chip), what is sent is MORE than enough to commit wide-scale fraud.

            • CCV2. Isn't that the number you give to EVERY MERCHANT you buy from, along with number, name, and expiration date? How in the world are thieves ever going to get a hold of that VERY SECRET number?

  • by Anonymous Coward on Sunday July 31, 2016 @06:46PM (#52617949)

    I could care less. If I see fraudulent transactions I call AmEx and I get a replacement card next morning. No need for me to go out of my way to keep a card that provides access to someone else's money secure.

    • by mattwarden ( 699984 ) on Sunday July 31, 2016 @06:53PM (#52617999)

      Exactly. Why is this my problem? I am not liable for fraudulent charges.

      • by ShanghaiBill ( 739463 ) on Sunday July 31, 2016 @07:22PM (#52618131)

        I am not liable for fraudulent charges.

        Sometimes you are. I was fraudulently charged $19/month for several months by Travelocity. I disputed the charges through Bank of America, and BOA told me that Travelocity was their "marketing partner" so the fraudulent transactions could not be reversed. I cancelled the credit card, closed all my BOA accounts, and switched to Wells Fargo (the only other bank within bicycle distance of my house). I also never again used Travelocity for anything. I periodically go into the local BOA branch and steal their ink pens.

        • I disputed the charges through Bank of America, and BOA told me that Travelocity was their "marketing partner" so the fraudulent transactions could not be reversed.

          What that a debit card or a credit card? Had you given the card number to Travelocity?

          • What that a debit card or a credit card? Had you given the card number to Travelocity?

            It was a credit card. Yes, I had been a previous customer of Travelocity, and they had my CC info. They did NOT have my permission to sign me up to any paid marketing subscription for $19/month (which is what they did).

        • by fred911 ( 83970 )

          BoA (previously Bank of Italy) are Big Assholes well know for their abuses of customers. Never ever do business with them.

    • by dohzer ( 867770 )

      Do they still use the number generation scheme where anyone can predict the next number of your card, thereby making it easy to continue the fraud?

    • Exactly! I see all of these concerns about credit cards. WHO CARES! You'll never be responsible for paying a fraudulent charge. The hardest thing you have to do is read over your bill at the end of the month and most times your card company will notify you of sketchy activity.

      IMHO credit cards are more secure than cash. It's easier to keep track of spending, if you lose your card you get a new one, if somebody steals it you get a new one. Same is not true for cash.

  • I don't (Score:5, Informative)

    by Pulzar ( 81031 ) on Sunday July 31, 2016 @06:49PM (#52617971)

    It's really not my job to go the extra distance to improve their security. The card is the way it is, and if it's good enough for the banks, it's good enough for me.

    I've had the card cloned a couple of time in the last five years, and it was never more than a minor inconvenience. Call the number in the back, tell them that I didn't spend $2000 on a strip club in Mexico, and they send me a new one.

    • by OzPeter ( 195038 )

      I've had the card cloned a couple of time in the last five years, and it was never more than a minor inconvenience. Call the number in the back, tell them that I didn't spend $2000 on a strip club in Mexico, and they send me a new one.

      Or in my case, get an email from Amex basically telling me, "we didn't think you spent $2000 on a strip club in Mexico, so we have blocked that transaction for you. We'll be sending you a new card".

    • Re:I don't (Score:4, Informative)

      by JoeMerchant ( 803320 ) on Sunday July 31, 2016 @06:54PM (#52618005)

      Same here, I secure my card by handing it to waiters in restaurants who disappear with it, using it in retail stores where employee turnover is atrocious, and shopping on the internet. About once every 4 years (on average) we get a charge we didn't make on the bill, we tell the company ASAP and it gets reversed and we get a new card number.

      We were included in the recent Target and Home Depot attacks, nothing happened until about a month ago, then we got a $900 charge from COSTCO - impressive since we don't have a membership.

      • That's the way I secure it, with one addition: I have a local credit union that prints cards on demand. I see a fraudulent charge, wander down on my lunch break, sign a form, they print a new card, shred my old one, and their website even notes things that look like reoccurring charges and nudges me to update my card for those places whenever the number changes. Hard pressed to beat service like that!

    • I great illustration of how risk management is the best security strategy. No risk to you, and there's no need for security. Of course, that only applies to you, not the bank.
    • I've had the card cloned a couple of time in the last five years, and it was never more than a minor inconvenience. Call the number in the back, tell them that I didn't spend $2000 on a strip club in Mexico, and they send me a new one.

      They might not buy it a third time.

  • Hole punch (Score:4, Interesting)

    by NiteMair ( 309303 ) on Sunday July 31, 2016 @06:53PM (#52617995)

    When I last had a card like this, I just took a hole punch and punched out the RFID chip. they're pretty easy to locate (small square divot, usually right near the RFID symbol printed on the back of the card). You can also pry them out easily with a razor blade if you don't want a hole all the way through the card.

    Snipping out the RFID chip shouldn't affect the smart card chip in any way, since they should be totally unrelated mechanisms. I could be wrong though - I haven't seen an RFID included in a modern chip card yet.

    • Re:Hole punch (Score:5, Interesting)

      by stevel ( 64802 ) * on Sunday July 31, 2016 @07:16PM (#52618099) Homepage

      Snipping out the RFID chip shouldn't affect the smart card chip in any way, since they should be totally unrelated mechanisms. I could be wrong though - I haven't seen an RFID included in a modern chip card yet.

      You are mistaken - the RFID chip is connected to the EMV chip - may even be the same chip nowadays. This wasn't always the case, but is now. The RFID data includes an EMV-derived authentication code like the CVV.

      This had all been theoretical for me until Costco replaced my Amex card with a Visa that had PayWave (RFID). I did a LOT of reading then!

      • Re:Hole punch (Score:5, Interesting)

        by lucm ( 889690 ) on Sunday July 31, 2016 @07:29PM (#52618171)

        PayWave is awesome. You just tap the card on the terminal (or near it) to pay, no pin, no signature.

        Of course some people will freak out, just like they freaked out when chips came out ("what the devilry is this!"), but it's hugely convenient. Credit cards companies already have very customer-friendly policies for fraud and scams, this is just making things even easier with no risk for the card holders.

        I've learned from past experience to have 3 credit cards: 2 in my wallet, 1 at home, that way if one gets compromised I have options until I get a new card. That's a minor price to pay for the convenience.

        • by stevel ( 64802 ) *

          PayWave is awesome. You just tap the card on the terminal (or near it) to pay, no pin, no signature.

          That it is - I have used it once so far, at a Walgreens, and it was very speedy. Not too surprising as it's effectively the same as swiping - there's no challenge-response sequence as there is with a chip-based transaction. Indeed, Visa's specs for PayWave require a response in half a second.

          That said, I very much prefer tokenization systems such as Apple Pay and I find that is almost as fast as PayWave. (PayWave is Visa's brand name for RFID transactions - other card issuers use different names, but the un

        • That ease of PayWave sounds like it makes an ideal target for the attacks listed upthread. What's to stop someone with a hand-held RFID reader designed to lift data or even run fraudulent transactions as they pass you in a crowded store or subway or whatnot? You might even get a free grope if you keep your wallet in your back pocket.

          • Money made it easier to trade, but I'm sure back then someone like you complained that it would be easy to steal. Then checks, and bank wires, and credit cards, and ATM. Always the birds of ill omen came out and spewed their "they gonna steal it" mantra.

            With credit cards we've finally reached a point where for the most part the risk is not on the small guy's side of the equation. But instead of rejoicing and embracing the convenience of technological progress and the risk-free high speed transaction mechani

      • by AK Marc ( 707885 )
        My EMV chip is broken, probably from flex of the area of the card with it. The Pay Wave still works fine.
  • I've watched my friends get hacked countless times. In the end everything gets taken care of, but for those few days while everything is cancelled or locked down they're broke. Which makes it hard to buy diapers. But fortunately they've got family in town. (I keep lecturing them about using cards at gas stations...)

    I've been the victim of credit card fraud once. But I've had cards preemptively cancelled multiple times because they were used at companies that got hacked (target, home depot, etc) I've a

    • by jedidiah ( 1196 )

      Well, you simply need to be prepared for disasters. That's all there is to it. Your entire bank can get shut down. You need a plan for when this sort of thing happens. Don't keep your eggs all in one basket and keep some cash around.

  • Why? (Score:5, Insightful)

    by AK Marc ( 707885 ) on Sunday July 31, 2016 @06:55PM (#52618007)
    I don't bother. The number of attacks in the wild is still essentially zero, and I'm indemnified against all loss. It might be inconvenient, but it's not a loss. So it's not worth my time and trouble guarding against.

    I might worry about it if I were to go to the Olympics or something else with lots of international tourists, the best ones to skim, but for regular everyday use, the chance of you being skimmed rounds to zero, and if it does happen, you are blameless.
  • by frovingslosh ( 582462 ) on Sunday July 31, 2016 @07:03PM (#52618037)

    ...swiping it near the screen caused an message to show up on the reader. .... but this means it has an active radio signal

    Maybe you are not presenting your experience with proper English, but if you swiped the card and were then told to use the chip reader, that does not imply that the card has any RFID capability. It simply means that the swipe passed along enough information that the reader learned that there was also a chip. I've seen this on multiple credit cards and have confirmed that the card has no RFID. Maybe you shouldn't have used the word swipe and only mean to say that you were told to use the chip when you got the card near the card reader, but if you actually swiped it then you know nothing about if RFID is present. It does not seem to be as common as many fear mongering commercials for cheap crappy wallets would have you believe.

    As to what to do if your card really does have RFID, I suggest doing the same thing that I do with my card without RFID, keep a close eye on your charges and alert the issuing bank if there are any discrepancies. Beyond that, don't worry. It is the problem of the idiots who put RFID chips in the cards if their cards get sniffed, and it is the problem of the issuing bank if they accept bogus charges on your card. Your only issue is to not be completely stupid and pay the credit card bill without checking it for accuracy (and there are certainly some people who do).

  • by glomph ( 2644 ) on Sunday July 31, 2016 @07:06PM (#52618055) Homepage Journal

    The 16-digit system is ridiculous. If you're going to use your card online, or in restaurants, etc. your card number is quasi-public.

    Two of my cards have an option which sends email and/or SMS and/or app-notifications upon every transaction, accepted or denied.

    I caught a bogus attempted charge last month - this saved a lot of exposure & aggravation. It also informed me last week when my personal activity caused my card to be suspended ( several international charges, different countries in the same hour). CapitalOne, Discover, & Chase offer this, and I assume some other competitors do so as well.

    • by guruevi ( 827432 )

      The problem with chips (EMV or RFID) is that the banks are pretending they're "secure" so any charge done by EMV/RFID is actually yours unless you can prove otherwise. Sure, the merchant will still eat the charges but it's a heck of a lot harder to dispute than a swipe.

      • by AK Marc ( 707885 )
        None of my banks do that. Is that your experience? Or just your irrational fear you are trying to pass as fact?
      • by ADRA ( 37398 )

        This won't happen. Cards get stolen all the time. The only time I see problems with a CC vendor is when
        1. They have the card
        2. They used a PIN (we have pins here)

        Since these two pieces are essentially never together illegitimately, there's never problem. A hacked pin pad can get you #2, but you still have your physical card. Stealing can get you #1, but the pin isn't on the card (challenged against online). Pretty much the only way it happens without specific permission is if your card is stolen after using

    • by lucm ( 889690 )

      Mint.com does that across all your banking options (cc, debit, checking, etc), they also email you when you pay an unusual bank fee. All free.

      It's an amazing service. I love getting that weekly "can you guess on what you've spent the most money this week?", it makes me realize when I go on spending benders.

    • Two of my cards have an option which sends email and/or SMS and/or app-notifications upon every transaction, accepted or denied.

      You said it first. I do the same thing.

  • I have a chip and RFID enabled card, and of course the first thing I did when I got it was to test what could be pulled from the card with tools available.
    Interestingly enough, the thing you can pull from both the chip and the wireless are general details of the last 10 transactions placed on the card. This in and of itself is only a small part of what you would need to get access to funds - I think you would need keys and application access (in RFID parlance) to access that part - but having the last 10 th

  • Check your bill every month, if you see anything weird, let your credit card company know that it wasn't you. Numbers can be stolen by waiters, or over the internet......in numerous ways. So it's not really worth worrying about.
    • by AK Marc ( 707885 )
      Outside the US, the practice of handing out your card to a stranger (waiter) isn't common. That seems to be a US-centric issue, Traveling through Europe, and you'd go to the bar to pay for your meal. Swipe/insert the card yourself. Never letting anyone else touch it. If you insist they come to your table to settle the bill, they'll come out with a wireless PIN pad and you can pay at your table.
  • Criminals have committed fraud with credit cards for a long time. They will continue to do so, no matter what technologies we use to protect our cards. And we will continue to use credit cards despite this, because they're convenient.

    Check your statement every month, and report fraudulent charges. I have never had a problem getting fraudulent charges reversed. Also, credit-card companies have an interest in avoiding fraudulent charges, so many employ analytic algorithms to detect suspicious charges, and con

  • by minstrelmike ( 1602771 ) on Sunday July 31, 2016 @07:21PM (#52618127)
    I let Citibank manage it.
    It ain't perfect but they have about as much interest in it that I do, on a statistacial basis. In a very personal perspecitve, it may seem like they don't give a shit. But thinkg about it. It ain't worth spending 1% of your money to stop thieves from stealing 0.5% of your money, just like it ain't worth crawling under a car for a dime or quarter or dollar you dropped in the parking lot (depending on circumstances).

    Problem with perspective is that the folks stealing from citibank aren't stealing 0.5 % from each customer, which would be "allowed" or ignored at least, they are stealing everything (identity theft and all bank accounts) from 118 specific people--who are really pissed off for excellent reasons.
  • by Proudrooster ( 580120 ) on Sunday July 31, 2016 @07:25PM (#52618151) Homepage

    Here is how to stay out of trouble.

    1. DO NOT USE YOUR ATM CARD ANYWHERE, EXCEPT AT THE BANK THAT ISSUED IT IN THE LOBBY.
    2. Feel free to use your credit card anywhere, AS LONG AS YOU CHECK THE MONTHLY STATEMENT AND DISPUTE ANY CHARGES.
    3. Anywhere especially seedy, PAY CASH or use a Green Dot Card from Walmart money card loaded with the exact amount.
    4. Only use checks for re-occuring variable bills like phone, gas, electric so an error can no clean out your bank account. Some phone cable and phone companies occasionally have problems with sending customers erroneous $1000 monthly bills.
    5. Do not use online banking. Make sure you have it turned off.
    6. Make sure you have an ATM only card that can not be used as a debit card. This means it only works at ATM machines.
    7. Setup all fixed cost bills, mortgage, car, insurance, student loan for auto pay so you don't need to use online banking or write a check.
    8. Do not let money pile up in your PayPal account. Paypal is not a real financial institution and can play games with your money and you have very little protection.
    9. Bank with a real bank, an 800 lb. gorilla like Chase that has 24-hour fraud people.
    10. Keep a copy or scan of all documents/cards in your wallet. If you wallet gets stolen you can quickly cancel everything, instead of trying to figure out what was in your wallet.
    11. Pay your credit card off EVERY MONTH, no exceptions. 20% interest is for suckers. If you can't control yourself, set you limit for what you are able to pay. NEVER carry credit card debt. NEVER.

    The safest forms of payment are:
    1. CASH / Walmart Green Dot Money Card
    2. Credit Card
    3. Check
    4. ATM Card

    Why do I make these recommendations?

    1. Cash can't be hacked.
    2. VISA provides you with protections to dispute charges. That means if you get hit with a charge, you can dispute it and during the dispute period you aren't out any money, unlike bank fraud. If a vendor is getting a lot of chargebacks from VISA, they will figure out they have a hole in their system and fix it or go out of business.
    3. Your ATM card connects directly to real money. If you have Autopay setup and someone hacks your ATM/Debit card, you could be in a world of hurt because your account might get emptied out and there would not be any funds available to pay your bills. This is a bad, expensive situation.
    4. Your checks have a magnetic toner on the bottom with your bank routing number and bank account number. With these numbers, someone could possibly access your account. Only use checks for variable payments like phone, gas, electric.
    5. If you need to buy something that you don't want associated with you directly, get a Walmart Green Dot Card. This is great in case you are in need of a burner phone or other untraceable payment. By law you are supposed to register these cards but Green Dot will still allow you to use it but will deny you a personalized card. Many illegal/undocumented immigrants use these cards. These cards can be sketchy and prone to fraud, so buy it, load it, and spend it as soon as possible.

    If you have any questions, let me know and I will check this thread again. Be smart. Guard your privacy, credit score, and your hard earned money.

    • by Dan East ( 318230 ) on Sunday July 31, 2016 @08:07PM (#52618341) Journal

      Sheesh. Apparently you omitted the part where you hire an armed security force and an assistant who carries your cash in a briefcase handcuffed to his wrist.

      No way I would live that way. Keep most of your money in an account separate from the one you pay stuff out of day to day. That should do it.

      • by jedidiah ( 1196 )

        Much of this isn't terribly bothersome and some of it actually ends up being more convenient. Some of it's a little paranoid but not much. Mostly just be mindful of the risks of using each type payment.

        You can sum up most of it with "Credit card risk is very limited and anything tied to your bank account is terribly dangerous".

    • Re: (Score:3, Insightful)

      by apoc.famine ( 621563 )

      Yeah, you're a paranoid fuckwit. Bank with a non-abusive company and don't be a dumbass.

      If you're using a bank, you're using an institution that is probably trying to fuck you. Don't do that. Pick a local credit union instead. Better service, better rates, less ass-fucking. My wife and I both push a monthly amount to a joint account which is tied to our bills and debit cards. I noticed fraud on that account recently. Went to the credit union at lunch, told them that I didn't know what card it was o

  • I got 3 attack dogs to guard it. I keep my wallet in my right back pocket and one of the attack dogs in each of the remaining 3 pockets.

    Seriously, you must have a really problem-free life if this is what you spend your time on. If you're really, sincerely worried about your RFID credit card getting hacked, I'd suggest a talking to a psychiatrist. There are medications to help you so you don't always have to worry about everything all the time.

  • Serious question from an European viewpoint: If I have bookings on my statement that I do not recognize, I request the original receipt. If that does not show up, my card is not billed. If it does show up bit does not have a signature or a fake one, my card is not billed unless the merchant can actually prove it was me making the purchase. In case of fraud, he obviously cannot. As long as I do not cancel bookings fraudulently, my card or credit-rating is not in any danger. I did have my card replaced a few

    • by jedidiah ( 1196 )

      If you see a charge you don't recognize, you tell the bank immediately and it gets sorted. Your total risk is limited. It doesn't impact your credit rating.

      If the CC company is good enough, they will overnight you a replacement card.

      Although as others have said... if your card issuer is really diligent they will recognize a strange pattern themselves and tell you first.

      • by gweihir ( 88907 )

        Thanks for the info, that is what I would expect. So what is the problem here? People that do not read or do not understand their credit card statement?

  • I keep my CC right next to my penis. No one has gone near that in years. :-) [ My wife died in 2006 ... :-( ]
  • not responsible for fraudulent charges. review your monthly statement; contest unknown activity.

  • The USâ(TM)s transition to chip cards has been an utter disaster. Theyâ(TM)re confusing to use, painstakingly slow, less secure than the alternatives, and arenâ(TM)t even the best solution for consumers.

    How are they confusing? You insert the card and enter your pin. How are they slow? You wait 5 seconds or so and then you're done. How are they insecure? While only ten thousand pin combinations is not much for a computer to crack, more than a few invalid attempts locks out a card from

    • by jedidiah ( 1196 )

      > You wait 5 seconds or so and then you're done.

      5 seconds is an eternity for a computing device.

      I find it certainly conspicuous. Although it doesn't quite raise to the level of annoying.

    • Half the companies decided that PINs are too hard, so they went with signature instead. So instead of swiping and then signing, you insert, wait, wait, it beeps. You push a button. You sign. It asks if you want cash back. You say fuck off. You pull the card out, it beeps saying that you ruined the transaction and that you need to do all that shit again.

      You see, we largely didn't implement chip-and-pin. We replaced the quick swipe and sign with an insert of the chip card, and then layered a bunch of

  • thankfully other countries haven't taken the brain dead approach the US has taken. most have pin not electronic sign. But regardless I keep a couple of different credit cards just in case, the only time I have had my card cloned and used is the US but even then it is just a call and the charges are reversed and new card issued. The solution is US banks need to stop being retards and ditch sign and go to pin.
  • I keep my credit card secure by posting the number online and linking to it as the article in my Slashdot submissions, thereby ensuring no one will ever read it.

  • I live without a credit card. I do have a debit card though. I keep it secure by keeping it on me. If you can get it from me, then I guess you earned it.

    • I live without a credit card. I do have a debit card though.

      So you choose to use a card that provides less legal protections to you?

  • This. Tested and works. http://www.signal-vault.com/ [signal-vault.com]

  • by vortex2.71 ( 802986 ) on Sunday July 31, 2016 @10:47PM (#52618937)

    I recently found out that my card was leaking radio waves in the visible spectrum! This is really nefarious because the radio waves do not actually originate from the card itself. When a store, hacker, or other third party sends radio waves in the visible spectrum towards my credit card, the card returns the signal back to a wide range of locations with the user's name, the credit card number, and even the cvv code on the back!

    The worst part is that there are even visible spectrum enhancers on the market, which turn the radio signal, which is usually only decipherable at 2-3 ft, into a signal that can be deciphered from 30-100 ft. I can't even believe that these things are legal, or that the card returns these radio waves in the visible spectrum!

    The world is going to hell in a handbag!

"I got everybody to pay up front...then I blew up their planet." "Now why didn't I think of that?" -- Post Bros. Comics

Working...