• PhobosAnomaly@feddit.uk
    link
    fedilink
    arrow-up
    4
    ·
    13 days ago

    Absolutely spot on, thank you - always handy to know.

    I’m wondering what it does to mitigate the “card not present” fraud though, for online purchases or remote purchases?

    • iii@mander.xyz
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      13 days ago

      In my case, I have to verify online purchases on my bank’s app. Which makes online banking impossible without an android or apple phone.

    • Doxin@pawb.social
      link
      fedilink
      arrow-up
      2
      ·
      13 days ago

      As far as I understand it the pin&chip system involves a challenge/response between the bank and the card. You can’t just “clone” the chip, because the secret data it contains is essentially write-only.

      • PhobosAnomaly@feddit.uk
        link
        fedilink
        arrow-up
        0
        ·
        13 days ago

        Sorry, maybe I wasn’t clear.

        I’m assuming the 16 digit card number, start and expiry dates, and CVV are printed on the reverse - whereas it used to only have the CVV on the reverse and the rest of the details on the front.

        What’s stopping someone with a picture of the rear of the card visiting an online retailer and going wild with a picture of just one side of the card these days - aside from multi-factor authentication at the point of authorising the payment?

        • Doxin@pawb.social
          link
          fedilink
          arrow-up
          2
          ·
          12 days ago

          Oh! In that case: absolutely nothing. Credit cards are terrifyingly insecure. Whether or not the info is on two sides or one. Any webshop you use your credit card at can just arbitrarily charge it from then on if they feel like it.

        • Petter1@lemm.ee
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          12 days ago

          Most card allow you to set that transactions have to be approved either by app or by SMS.