Danger of using credit cards on the net

workaccount

Hi,
Any reputable company should have safety measures in place to avoid people from breaking into the computer systems and stealing confidential information but what about the employees?

Is it not true that many of these carders have waiters in restaurants etc. scanning customer cards to duplicate?

For example I bought something from a UK retailer yesterday and gave them my details over the phone which he wrote down. I gave him my name, number, address, expiry date and csv code. What's to stop him from using my card on the net? And even if he isn't malicious where will the order he wrote on an order book go - in the bin unshredded?

Is the only safe way to do transactions online with paypal? (and of course even paypal employees can access your details)

Nody

workaccount wrote: »

Is the only safe way to do transactions online with paypal? (and of course even paypal employees can access your details)

No what is needed is one time CCs where you can create a temporary CC number and limit the amount and number of transaction that can be charged to it. I still can't believe how Irish banks don't offer something like that as a standard service.

workaccount

Nody wrote: »

No what is needed is one time CCs where you can create a temporary CC number and limit the amount and number of transaction that can be charged to it. I still can't believe how Irish banks don't offer something like that as a standard service.

Do they offer that in other countries?

seamus

When making a purchase online, the onus is on the retailer to ensure that the persons supplying the card details is who they say they are and are in possession of the card.

Establishing identity is the reason why many places will now only ship to the billing address - most credit card companies will reject online sales which do not supply the correct address.

Being in possession of the card is the purpose of the CCV number. This number can't be calculated from the card number and isn't contained in the magnetic strip, so can't be cloned.

When making a purchase in a shop, the onus is on the retailer to ensure that the person entering the card uses a PIN. If the shop doesn't use chip and PIN, then they have a duty to ensure that the person presenting the card is the same person named on the card who has signed on the back.

If an online or high-street shop fails in any of their requirements, then the credit card company will take their money back and the retailer takes the hit.

There are only a select number of instances where a consumer will actually end up out of pocket, and it's easy enough to avoid these. Although, dealing with fraudulent charges on your card is a hassle.

So in your case of the guy who wrote down your details, any purchase should be traceable back to you. If it's not, then the retailer loses out. Under Irish data protection laws, he would be required to shred that piece of paper, but I don't know what the law is in the UK.

biko

www.3vcash.com is kinda close

Zascar

Every company has one if not many DBA's (Database Administrators) who usually have total access to every piece of information in their systems. When they are bored they often look up directors saleries etc - easy. They could easily take credit card details - or much much worse, and they have the ability to hide their tracks afterwards if necessary.

I work for a large software company and one of the products we sell is security software to stop all this happening and provide audit trails etc. We as a company pitch it to loads of large vendors etc - practically none of them buy it. The reason being, because they do not have to. Why spend 50 on something when it is not 100% necessary or mandatory. The credit card companies are trying to push back and get the retailers to be more secure (PCI Regulations), but they are doing a very bad job of it. They are willing to take the risk. It's rare but it does happen - (TK Maxx is a good example - they lost millions).

If you are really that scared about the possibility of being scammed online, then don't purchase online. You might also want to stop using Internet Banking cause there is a security risk there too. 99.999% of people do both successfully all the time - those odds are good enough for me

jor el

workaccount wrote: »

Is the only safe way to do transactions online with paypal? (and of course even paypal employees can access your details)

I would actually say the Paypal is one of the least-safe methods of online payments. If someone gets a hold of your Paypal password, then it's very easy for them to set up a new address in your account, and go on a spending binge on eBay. They don't need to know the full credit card number, expiry date or CVV2 number. Paypal have all that stored, and the only thing securing it is YOUR password. A lot of people use silly, easily guessable passwords, hence, not very secure at all.

As said, in most cases you'll be protected against fraud anyway. All that results is thew hassle of filing the report, and not being able to use your card for a while. Unless you have your PIN written down somewhere, and the perp gets a hold of that, you'll be fine.

People often give out about online shops that won't send to alternate addresses, or go asking for a fax of your passport or other ID before accepting your order. They often fail to realise that this is to protect you from having your card used by someone other than you, and also to protect them against the cost of filling a fraudulent order.

Nody

workaccount wrote: »

Do they offer that in other countries?

I've had it in my Swedish bank for the last five or so years as a standard downloadable app or through their online banking application (the downloaded application require you activate it through your online bank).

rubadub

Nody wrote: »

No what is needed is one time CCs where you can create a temporary CC number and limit the amount and number of transaction that can be charged to it. I still can't believe how Irish banks don't offer something like that as a standard service.

A lad I know was telling my his brother did this, AFAIK he was with AIB. Will ask him again, not sure if he was charged for it.

jor el

rubadub wrote: »

A lad I know was telling my his brother did this, AFAIK he was with AIB. Will ask him again, not sure if he was charged for it.

I remember hearing something about this before, but I think they've since scrapped the scheme.

311

Would it be possible to lock a credit card online?

So if you don't want to use your credit card ,you log onto your account and hold any new/previously unauthorised purchases.

samhail

I do trust using PayPal online. I agree that if you loose your password then there is a chance that you might get caught out. but PayPal does have protections for that. and your credit card company has procedures if PayPal wont help you out (chargebacks).
PayPal will only allow a credit card on one PayPal account at any time. so by having it on your account... you are also stopping anyone that may have gotten access to your cc details to put it on a different account and spending.

I do use 3v all the time when im purchasing online. Ive put a certain amount on it, and thats all im willing to spend. also helps with limiting spending too

the Post office in the UK & in Belfast have a type of travel credit card. looks very interesting. its like the 3v, but you need to add money in the post office. there is a facilty to add it over the phone. are able to get it with an irish passport as ID too.
I looked into it when i was going to spain (was working in belfast at the time) but didnt get it.