Business & Investing
Sponsored by

Credit card chip fraud?

6,470 Views | 41 Replies | Last: 4 yr ago by YouBet
nomad2007
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
9:58a, 8/19/19
AG
I recently had to cancel and get new credit cards for my wife and I because a purchase from a random landscaping service went through.

The bank said that the purchase was made 'card present by scanning the chip'. Both our cards are and always were in our possession, and the purchase was made at a city and place neither of us have ever visited.

How is that even possible? Are people scanning and mimicking the chips?
Reply Quote
Southpaw 07
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
10:06a, 8/19/19
AG
I work in an adjacent industry that deals with the same chip cards. While more difficult than replicating a magnetic strip, the scanning and duplication of chipped cards is very doable.
Reply Quote
2
nomad2007
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Southpaw 07 10:44a, 8/19/19
AG
Southpaw 07 said:
I work in an adjacent industry that deals with the same chip cards. While more difficult than replicating a magnetic strip, the scanning and duplication of chipped cards is very doable.
damn, that's scary. The fraud department guy was fighting me on taking off the charge saying "The card had to have been present. There's no other way." Eventually he acquiesced, but kept saying we must be mistaken that we have both cards in our possession....while we're both sitting there holding our cards in our hands.
Reply Quote
1
Long Live Sully
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to nomad2007 11:59a, 8/19/19
AG
I wanted to send proof to my bank once that I still had the card in my possession so I took a picture of the card and asked for an email address to send to the rep on the phone.

"Sorry sir we don't have email."

OK, how about I send it as a text?

"We don't have any way to receive that."

Then I guess you have to believe me sport.
Reply Quote
18
SJEAg
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to nomad2007 12:12p, 8/19/19
AG
It's alarming that they didn't believe you.

Or that someone in the fraud dept says its impossible. Unless you're one in a million would think they've seen everything before and would be prepared to deal with it.

I'd drop them once the matter was closed.
Reply Quote
3
nomad2007
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to SJEAg 1:05p, 8/19/19
AG
SJEAg said:
It's alarming that they didn't believe you.

Or that someone in the fraud dept says its impossible. Unless you're one in a million would think they've seen everything before and would be prepared to deal with it.

I'd drop them once the matter was closed.
He didn't believe me initially, but eventually acquiesced. What got him to shut up was that somehow the card was scanned in a completely different city ONE MINUTE prior to it being scanned at the pediatric urgent care place we took our son that day.

I have all my personal and business accounts with them, so it would be an annoying switch, but i'm considering it.
Reply Quote
2
fourth deck
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Long Live Sully 2:09p, 8/19/19
AG
Cow Hop Ag said:
He didn't believe me initially, but eventually acquiesced. What got him to shut up was that somehow the card was scanned in a completely different city ONE MINUTE prior to it being scanned at the pediatric urgent care place we took our son that day.

I have all my personal and business accounts with them, so it would be an annoying switch, but i'm considering it.
Putting you on the defensive about fraud?

I'd dump that clown bank


Edit: replied to wrong poster
Reply Quote
5
2 edits
cjsag94
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
12:36p, 8/20/19
AG
Good luck finding a bank that doesn't take this stance. At this time, every time I hear about this, they are all taking the position a chip card is iron clad proof your specific card was present.

I've read turning the card around (not inserting chip) until you get an error message directing you to swipe is a way around a chip card. Curious if the POS system register that as chip card being present.
Reply Quote
1
cjsag94
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
12:38p, 8/20/19
AG
Also... OP probably isn't dealing with the bank, rather the credit card processing company. Really good luck finding a different experience/company on that front.
Reply Quote
Ragoo
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Long Live Sully 1:12p, 8/20/19
AG
What bank?
Reply Quote
Long Live Sully
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Ragoo 2:13p, 8/20/19
AG
Ragoo said:
What bank?
Chase
Reply Quote
double aught
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Long Live Sully 3:55p, 8/20/19
AG
Cow Hop Ag said:
I wanted to send proof to my bank once that I still had the card in my possession so I took a picture of the card and asked for an email address to send to the rep on the phone.

"Sorry sir we don't have email."

OK, how about I send it as a text?

"We don't have any way to receive that."

Then I guess you have to believe me sport.
Was the card holding today's newspaper in the picture?
Reply Quote
10
Long Live Sully
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to double aught 4:15p, 8/20/19
AG
double aught said:
Cow Hop Ag said:
I wanted to send proof to my bank once that I still had the card in my possession so I took a picture of the card and asked for an email address to send to the rep on the phone.

"Sorry sir we don't have email."

OK, how about I send it as a text?

"We don't have any way to receive that."

Then I guess you have to believe me sport.
Was the card holding today's newspaper in the picture?
Nope. that is what I send to the porn extortionists.
Reply Quote
1
Jethro95
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
9:01a, 8/21/19
AG
One more reason why the US should have adopted Chip & PIN not Chip & Signature. Maybe someday we'll get there.
Reply Quote
5
cjsag94
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
10:31a, 8/21/19
AG
Chip is supposed to deal with this.. but what blows me away is you can get everything you need from eBay. Any person with a point of sale job simply scans you card in here first.

https://rover.ebay.com/rover/0/0/0?mpre=https%3A%2F%2Fwww.ebay.com%2Fulk%2Fitm%2F122262849057
Reply Quote
1 edit
Zemira
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Jethro95 2:46a, 8/27/19
AG
Jethro95 said:
One more reason why the US should have adopted Chip & PIN not Chip & Signature. Maybe someday we'll get there.
I still don't get why the US didn't decide on the Chip and Pin standard.
Reply Quote
1
Jaydoug
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
8:49a, 8/27/19
AG
Same thing happened to my daughters card. It was a Home Depot over 100 miles away and it said chip was present. I protested because my daughter was with me the entire day.

They never reversed the $85 charge. Said chip was present therefore she was present.
Reply Quote
double aught
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Jaydoug 8:58a, 8/27/19
AG
Wow. That would be my last interaction with that company.
Reply Quote
6
nomad2007
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Jaydoug 10:58a, 8/27/19
AG
Jaydoug said:
Same thing happened to my daughters card. It was a Home Depot over 100 miles away and it said chip was present. I protested because my daughter was with me the entire day.

They never reversed the $85 charge. Said chip was present therefore she was present.
They get so defensive, but usually reverse the charge eventually. Can't believe they'd be willing to lose a customer over $85 bucks.

If Chase hadn't reversed the charge I got hit with, I'd have moved all my accounts to a different bank...including both business accounts. And they'd have lost all that over a couple hundred bucks.
Reply Quote
Harry Stone
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
11:54a, 8/27/19
AG
I had a problem with CC fraud this year as well. Someone had been using my card to buy from a company called Bombfell, which is some type of men's clothing subscription company out of NY. I had to dispute this as they racked up about $1500 in charges in a matter of days. I contacted the clothing company, pissed off, and they gave me all the information of the criminal, including shipping address, email address, etc. They were really good about it. So I called Chase to offer them all the details and they didn't want any of the information and that they would handle this through their fraud department. They reversed the charges, but I had all the information to give to them on a silver platter and they wouldn't take it. It's as if they have a 'fraud budget' and just accept the losses and move on and probably figure it's more expensive to go through a legal process than just reimbursing a customer and moving on.
Reply Quote
2
akaggie05
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Harry Stone 6:50a, 8/28/19
AG
I had a similar situation recently involving identity theft and fraudulent cell phone accounts and iPhones being purchased in my name. The scammers, who apparently had all of my info (including a photo ID with my name and their picture, SSN, etc) hit up every major wireless carrier and opened new accounts. This includes T-Mobile, where I have my current legitimate account. They were brazen enough to add two new iphones to my existing account, so of course I get the invoice / confirmation in my account portal. Have timestamps down to the minute and the exact store where this all happened.

Provided info to police and got a generic form postcard back which basically says "any further investigation is unlikely to result in prosecution, case suspended."

I get that the cops can't spend resources on every case like this when there's people getting shot, etc, but it really does feel like there is next to no risk/repercussions for criminals who use stolen identities... hence leading to an explosion of the problem.
Reply Quote
3
JJxvi
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
7:58a, 8/28/19
AG
The entire purpose of "identity fraud" is to imply that people who are stealing from the bank are stealing from you and its your problem
Reply Quote
2
akaggie05
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
8:17a, 8/28/19
AG
Yeah, I get that ultimately I'm not liable for what these clowns do. Still didn't save me from having to spend probably 10-15 hours total on the phone with all of these companies, filling out police reports, and reviewing / locking down info with the credit agencies. It was certainly an exercise in keeping my cool, especially since every company I called first took the stance that it had to have been me opening the accounts... " Well we have YOUR id on file, YOU provided your SSN, etc."

I didn't provide jack, you clowns. AT&T was the worst of the pack, by far. Kept referring to their "investigation" and "they would let me know the results in a few weeks."
Reply Quote
1
FarmerJohn
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Zemira 10:07a, 8/28/19
AG
Zemira said:
Jethro95 said:
One more reason why the US should have adopted Chip & PIN not Chip & Signature. Maybe someday we'll get there.
I still don't get why the US didn't decide on the Chip and Pin standard.
Well, the short answer is these credit card companies didn't want it. Pass a law saying that the credit card company is liable for any disputed charge unless they receive a court ruling stating otherwise. That is unless the charge was made using the chip and pin standard. We'd have chip and pin by the end of the year.
Reply Quote
1
permabull
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Harry Stone 10:54a, 8/28/19
AG
Reply Quote
1
1 edit
Phat32
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
2:53p, 9/1/19
AG
EMV chips are still 100% secure and cannot be duplicated.

These are magstripe only transactions that your bank is authorizing because they refuse to support EMV 100%.

Basically there is a secure solution to this problem that Europe, Canada, etc have used for years. US issuers don't use it. SMH.
Reply Quote
agdaddy04
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to cjsag94 10:22p, 9/1/19
AG
cjsag94 said:
Good luck finding a bank that doesn't take this stance. At this time, every time I hear about this, they are all taking the position a chip card is iron clad proof your specific card was present.

I've read turning the card around (not inserting chip) until you get an error message directing you to swipe is a way around a chip card. Curious if the POS system register that as chip card being present.

You must not deal with AMEX then. They have excellent customer service. Never had an issue with them believing me on any fraud claims. You also get to speak with a person quicker than other customer service numbers I've called.
Reply Quote
2
cjsag94
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
8:19p, 9/2/19
AG
I've dealt with AmEx... Although not on a chip fraud case. I'd be surprised if they were any different in this matter. Right now the industry is taking the stance that if a chip was used, you were there. That's all I was saying.
Reply Quote
agdaddy04
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
8:45p, 9/2/19
AG
I can tell you from first hand experience that they removed the charges immediately.
Reply Quote
fourth deck
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to akaggie05 11:40a, 9/3/19
AG
akaggie05 said:
I had a similar situation recently involving identity theft and fraudulent cell phone accounts and iPhones being purchased in my name. The scammers, who apparently had all of my info (including a photo ID with my name and their picture, SSN, etc) hit up every major wireless carrier and opened new accounts. This includes T-Mobile, where I have my current legitimate account. They were brazen enough to add two new iphones to my existing account, so of course I get the invoice / confirmation in my account portal. Have timestamps down to the minute and the exact store where this all happened.

Provided info to police and got a generic form postcard back which basically says "any further investigation is unlikely to result in prosecution, case suspended."

I get that the cops can't spend resources on every case like this when there's people getting shot, etc, but it really does feel like there is next to no risk/repercussions for criminals who use stolen identities... hence leading to an explosion of the problem.
This is another reason for freezing credit accounts not only with the big 3. The NCTUE is what cell carriers would use to run background checks, and a freeze would prevent someone from opening an account in your name.

https://krebsonsecurity.com/2018/09/credit-freezes-are-free-let-the-ice-age-begin/
Reply Quote
1
dc509
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to agdaddy04 12:33a, 9/5/19
AG
agdaddy04 said:
I can tell you from first hand experience that they removed the charges immediately.


This was my experience as well. The time that I was ripped off they jumped to it.
Reply Quote
1
exp
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
12:24p, 9/5/19
AG
I concur with freezing your credit and have done so for years now, though I'd actually recommend using Locks instead of Freezes. It's more user friendly...can lock/unlock in an instant from my credit bureau phone apps. Unfreezing takes a little more time. Both are functionally identical in blocking new account creation.
Reply Quote
1
P.H. Dexippus
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to akaggie05 2:14p, 9/8/19
AG
Exact thing happened to me. Multiple iPads purchased across multiple providers, among other retailers. Get a credit freeze/lock.
https://texags.com/forums/38/topics/2798438/replies/47877056#47877056
"[When I was a kid,] I wanted to be a pirate. Thank God no one took me seriously and scheduled me for eye removal and peg leg surgery."- Bill Maher
Reply Quote
Southpaw 07
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Phat32 9:08p, 9/8/19
AG
yukmonkey said:
EMV chips are still 100% secure and cannot be duplicated.

These are magstripe only transactions that your bank is authorizing because they refuse to support EMV 100%.

Basically there is a secure solution to this problem that Europe, Canada, etc have used for years. US issuers don't use it. SMH.


What's your source on EMV being 100% secure and unable to be duplicated?

I work for an ISO that processes millions of transactions each month. While mag stripe fraud rates are higher, we definitely see EMV fraud also. Our internal security guys say that EMV is much harder to skim and duplicate but the tech does exist and fraudulent transactions are approved off of duplicated cards.
Reply Quote
Phat32
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to Southpaw 07 10:18p, 9/8/19
AG
Southpaw 07 said:
yukmonkey said:
EMV chips are still 100% secure and cannot be duplicated.

These are magstripe only transactions that your bank is authorizing because they refuse to support EMV 100%.

Basically there is a secure solution to this problem that Europe, Canada, etc have used for years. US issuers don't use it. SMH.


What's your source on EMV being 100% secure and unable to be duplicated?

I work for an ISO that processes millions of transactions each month. While mag stripe fraud rates are higher, we definitely see EMV fraud also. Our internal security guys say that EMV is much harder to skim and duplicate but the tech does exist and fraudulent transactions are approved off of duplicated cards.
VISA's security team.

Any EMV "fraud" is not based on a duplicated chip card but rather the magstripe data used against an issuer with weak authentication or at a terminal that is not EMV-enabled.

So in kitchen english, they're not "skimming" or duplicating the chip. They are pulling the data off as if it's a normal card and duplicating it that way. You then have to use it in a transaction that does not require a chip (online purchases is a good example).

VISA is trying to "tokenize" their transactions to kill this digital form of fraud that avoid their physical EMV chips - meaning each transaction is authorized individually and without the ability for duplication. Should take a while to implement but will be impossible to forge.
Reply Quote
1 edit
Page 1 of 2
 
×
subscribe Verify your student status
See Subscription Benefits
Trial only available to users who have never subscribed or participated in a previous trial.