Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Businesses The Almighty Buck

MasterCard Has Finally Realized That Signatures Are Obsolete and Stupid (fastcompany.com) 344

An anonymous reader shares a report: For years, credit card companies have relied on an illegible squiggly line as the frontline of defense against credit card fraud. Customers are forced to use a pen (how retro!) to scrawl their signature on bills at restaurants and sign digitally at cash registers -- as if somehow in the age of chips, PINs, biometrics, and online fraud alerts, a line on a page is still a great tool against fraud prevention. Personally, I have been known to sign on the dotted line with a doodle of a piece of tofu and no one has ever stopped me, because signatures mean very little in this digital age. Companies are finally seeing the light. Starting in April 2018, MasterCard cardholders will no longer be required to sign their name when they purchase something using their debit or credit cards. The company has been moving away from requiring signatures for a few years now, with only about 80% of purchases (typically over a certain dollar amount) requiring a signature these days. MasterCard did some digging, though, and per its press release, realized that most of their customers "believe it would be easier to pay and that checkout lines would move faster if they didn't need to sign when making a purchase."
This discussion has been archived. No new comments can be posted.

MasterCard Has Finally Realized That Signatures Are Obsolete and Stupid

Comments Filter:
  • Uh huh... (Score:5, Informative)

    by Anonymous Coward on Friday October 20, 2017 @11:45AM (#55404259)

    Your signature is just an acknowledgement of payment it is not fraud control.

    • Re:Uh huh... (Score:5, Interesting)

      by Darinbob ( 1142669 ) on Friday October 20, 2017 @12:48PM (#55404695)

      It was also used as "proof" if there was a dispute. For the same reason people sign legal documents. A PIN is in no way comparable. It is not intended to be an asbolute authentication, but to prevent or stop casual theft or fraud.

      I had a credit card for several years that had my signature and photo on the front, so that it could be compared to my face and signature. I liked using that one, I rarely had to dig out additional forms of ID with my picture.

      My friend would not sign his card, but instead write "please ask for photo ID". That way a signature was never used as authentication. Not foolproof, as he said sometimes cashiers never even loook at the back of the card to do any form of verification (probably because people have gotten used to treating these things like cash).

      • Re:Uh huh... (Score:5, Insightful)

        by jwhyche ( 6192 ) on Friday October 20, 2017 @01:29PM (#55404989) Homepage

        I've never had a signature on a card be legible for more than a month or two. I can pull out my debit card and the signature will be almost as good as blank.

        • I've been asked to sign the back of cards again because the signature became illegible.

          On the other hand, when I "sign" for purchases using the card, I just draw a horizontal line. Nobody's ever questioned it.

      • Re:Uh huh... (Score:5, Interesting)

        by Anonymous Coward on Friday October 20, 2017 @01:36PM (#55405061)

        Having worked retail... I would argue no one checks it, because the customers keep trying to do their own thing relentlessly.

        We were trained to NOT accept "Please Ask for Photo ID" and every other weird combination they came up with. But customers would insist on that, or insist on not putting anything on the back of their cards, or would even use their spouse's card, or their friend's card, or or or or or or... Meanwhile... You have a line building up behind the precious snowflake with the exception and everyone screaming at you "What's the big deal?"

        So you finally just start waving everyone through.

        Don't get me wrong, I'm sure some people always waved them through. But there's no right answer when you're trying, because it seemed like every single individual had some damn exception they're trying to push on you.

        • by jnork ( 1307843 )

          I'm one of your "precious snowflakes."

          I don't sign the back of my card because if somebody steals my card with the signature, they now not only have my card, but they also have my signature. You may not care. It's not your money. It's my money. I care.

          Also, did your store train you in handwriting analysis? How can you be sure the person who signs the receipt is the same one who signed the card? How good are you, really, at determining that? How much time are you willing to take to analyze the signature to b

      • Back when we still signed things in Canada, like barbarians:

        I went to the police station to have a background check done for a name change. On their counter, they had some notices you could read while you were waiting, and one of them was to not put a signature on your card, but instead put 'ask for ID'. Seemed to make sense, so I did.

        That worked for a while, but one day when I was buying something at Future Shop (which was later taken over by Best Buy), they said that they wouldn't accept anything without

      • It was also used as "proof" if there was a dispute.

        Too bad it isn't even useful for that. I had a strange charge show up on my American Express card a few years ago. I sent in a dispute request. I received back a letter saying that the charge was legit due to the vendor providing a signed receipt as proof. In the letter was a copy of the receipt, and not only was it not my signature... IT WASN'T EVEN MY NAME! Nobody had bothered to due the most basic check of what name was signed to the receipt, let alone whether or not it matched my signature. The si

  • Must be a US thing (Score:5, Insightful)

    by Anonymous Coward on Friday October 20, 2017 @11:47AM (#55404275)

    I have never signed anything when I've paid by card, be it MasterCard or Visa. Heck, I haven't even signed the back of my cards, nobody looks there anyway.

    • by dgatwood ( 11270 ) on Friday October 20, 2017 @11:54AM (#55404311) Homepage Journal

      Yes, it's basically a U.S. thing at this point. The signature requirement is one reason that U.S. travelers have a hard time buying gasoline while traveling in Europe; none of the pumps will take their cards because they're either magstripe/signature-required or chip-without-pin, rather than chip-and-pin as used in most of the rest of the world.

      The irony is that they don't actually look at the signatures, as far as I can tell, which makes it almost useless.

      • by gnick ( 1211984 )

        Using the same MasterCard here in the U.S.:
        * I use a PIN at the grocery store. I often withdraw cash from the self-check.
        * I enter my zip code when buying gas. I have accidentally entered the wrong one without being denied.
        * They just swipe and give it back at drive-thrus.
        * At other registers, it's a mixed bag whether they ask me to sign or not at the register. Typically not.
        Clearly we can conduct business without signatures. I've never been in a situation where a receipt signature mattered.

        • by gnick ( 1211984 )

          Oh, and online.
          * Online I enter the credit card number, expiration date, and the 3-digit code on the back. I sometimes pre-pay for food this way that I go pick up from the restaurant and have never been asked to sign or for my card.

        • You have a credit card in the USA with a PIN? Or is it really a debit card?

          • by gnick ( 1211984 )

            Yes. The "credit card" I was talking about is a chipped debit card that, when I'm prompted "Is this a debit card?", works without a PIN when I say "No." The PIN is always required at the grocery store regardless of whether I'm requesting cash.

      • Foreigners visiting the US have to go inside to pay for gas because our gas pumps required the billing ZIP code when paying by credit card. So be aware and pick the less sketchy looking places to fill up because you're going to be forced to go inside to pay.

        • by Lanforod ( 1344011 ) on Friday October 20, 2017 @12:46PM (#55404679)

          Foreigners visiting the US have to go inside to pay for gas because our gas pumps required the billing ZIP code when paying by credit card. So be aware and pick the less sketchy looking places to fill up because you're going to be forced to go inside to pay.

          For Canadians there is a trick to that: just use the 3 numbers in your Postal Code, plus 00. EG: postal code V1Z 2A3, use zip 12300. I tried that a few months back at dozens of stations, works great. Not sure about other countries though.

        • Not only we need to go inside, but we need to guess how much it's going to cost to fill the tank.

      • I haven't signed my credit card for the last decade (if I lose my card, do I really want to give them my signature too?), and in that time only one person has asked to see my signature.
      • I have the same problem when traveling in the US, I can't pay at at pump anywhere, I know a Conoco station where usually travel where I can pay at the pump so I go there when I am in the neighborhood. It is so annoying.
        A few times it does work to type in a random ZIP code.
        So I researched the problems and had hopes that the problems would be over since a colleague said that he could pay at the pump at all Shell stations on their road trip.
        I believe that once they get around to use the chip on my card, it wil

      • by h4ck7h3p14n37 ( 926070 ) on Friday October 20, 2017 @01:09PM (#55404833) Homepage
        The signatures are there so transactions can be audited after the fact. In theory when you dispute a transaction they can compare the signature on the transaction against your verified signature. Signatures aren't used to stop the fraudulent transaction from occurring in the first place.
      • European gas stations don't accept cash?
      • In Germany you usually still use signature.
        In France PIN. Since a few years my ATM PIN for my credit card works in France (did not work a few years ago)

        In Spain Signature *AND* passport.
        In Denmark I used signature, on the channel Islands signature, too.

        No idea about other countries.

    • by Bengie ( 1121981 )
      Just recently I was grocery shopping when I was told that I now have to enter my pin because I'm using MasterCard. I rather liked this because before I could just swipe for anything under $50 or so. I asked the cashier and they said MasterCard just recently started requiring that all payments must use the pin, but Visa and others have not yet required.
    • They used to look. Even less than 10 years ago it used to be regular to verify signature. Now days it seems to have been changed, and credit cards are treated like cash. Ie, if someone lifts one from your wallet, there's a good chance they can spend up to the limit before you can report and get the card blocked. The rampant fraud also means if there is no signature it's much easier to dispute the charges (which is why cashiers need to be trained to always check it).

  • by Anonymous Coward on Friday October 20, 2017 @11:51AM (#55404297)

    At one time it was easier to demand payment if someone signed a contract, every receipt was signed to acknowledge that you agree to pay. But now the novella sized contract of ultra fine print that you automatically agree to when the credit card company sends it to you is sufficient.

    I really wish we'd go to Chip + PIN. We have the technology, and it's far more secure than the chip-only nonsense that we use in the US.

    • I really wish we'd go to Chip + PIN. We have the technology, and it's far more secure than the chip-only nonsense that we use in the US.

      I don't use debit card and I never take cash out with my credit cards. I don't even know my PIN on my credit cards, so it is a very inconvenience way to do for me. Besides, how would I do the Chip+PIN at a restaurant or any other places where there is no self checkout/card sliding station? Do I need to go to the machine with my server and punch the PIN in myself? Or do you suggest that I give my PIN to my server? If so how would that be more secure than Chip+Signature?

      • A growing number of restaurants do have card readers at each table.

        This can be a big advantage because many waiters seem to think that the final round trip of picking up your card, processing and returning it is their lowest priority task. With a card reader, you can sometimes avoid an extra 10 minutes or more of waiting around after the end of your meal.

  • by grasshoppa ( 657393 ) on Friday October 20, 2017 @11:54AM (#55404305) Homepage

    It's for verification of purchase after the fact, not to prevent fraudulent purchases at the time of transaction.

    Mind you, it's still kinda stupid because if someone is planning on disputing a charge they can just fuck up their signature at time of transaction BUT it's worth the clarification.

    • Re: (Score:3, Informative)

      by Anonymous Coward

      You are signing a legal document that says you agree to the charges...

    • by orlanz ( 882574 )

      That's not what the signature is for either. The article is just another clueless poster who doesn't know how credit cards work. It starts off just plain wrong. The signature is a very simple security measure for the SELLER to verify that you are the owner of said card at time of sale. The seller is supposed check if your signature matches what is on the card. Whether they choose to or not is up to them. The risk of the sale being disputed is on them so it is up to them to check.

      What most medium to la

  • Hopefully this marks the beginning of requiring a pin for a CC transaction. As a question, at costco, the CC card can be processed before everything is scanned. I thought the transaction required the total before a chip charge could be processed. Is this not true?

    • As a question, at costco, the CC card can be processed before everything is scanned. I thought the transaction required the total before a chip charge could be processed. Is this not true?

      Not just Costco - same thing at our local Fred Meyer. I wonder if they're just checking whether you're up against the card's credit limit or not?

      As an aside... I don't know why anyone would run a month-to-month balance on the Costco card, since the interest rate is quite high. I use mine when I shop there because of the cash back, but am sure to pay the whole balance before the due date.

      • by torkus ( 1133985 )

        The swipe just reads the card. You can swipe your card at CVS/Walgreens/etc. ahead of the bill total usually too. Not so when you're using chip but that's another story.

        The machine takes your card info, holds it, then waits for the cashier to hit the complete/send to CC machine buttons - at which point that machine gets the final total, asks for your OK, and then processes the transaction.

    • The CC is scanned for authentication. IThe transaction is not fullly processed at the time. They are finding out if the card is good and what amount of credit is remaining. That is taken into account when the cash register determines the total charge. If everything is in order then you're done (the transaction is settled later electronically). If the total you are purchasing exceeds the credit then it will be rejected and you'll be asked for payment method. This does mean that there's a period of time whe

  • I almost always sign them with a circle, square and triangle. No one in the US ever check.

    The only time I'd ever had the signature checked against my passport was when I was in Europe and they never saw the non-chipped cards.

    • by DogDude ( 805747 )
      Retailers are supposed to check. Most don't. The retailer I work for certainly does.
    • > I almost always sign them with a circle, square and triangle. N

      I always sign with an X.

      Between the two of use we have the entire PlayStation button symbols. :-)

      > No one in the US ever check.

      Yup, that's my experience as well -- no one cares. Hell 99% of the time they don't even check ID. *facepalm*

      • Re:Never Checked (Score:4, Interesting)

        by cob666 ( 656740 ) on Friday October 20, 2017 @12:30PM (#55404559)

        Hell 99% of the time they don't even check ID. *facepalm*

        That's because most merchant service providers don't require that the merchant look at the customer's ID. While some networks (MasterCard, VISA, Discover, AmEx) allow the merchant to reasonably verify that the customer is the authorized card holder, some also explicitly FORBID a merchant accept a credit card that is not signed, this is why they ask you to sign the card before they can accept it.

        Many years ago, while working retail when you still had to use a 'knuckle buster' when accepting a credit card, our store was audited and we were fined for accepting an unsigned card. Merchant service providers don't seem to do things like this any longer.

    • by jez9999 ( 618189 )

      Because it's impossible to look at a stolen signature and forge it lol.

  • I've seen some terrible 'signatures'. The Nike Swoosh has more information. And signatures that aren't being matched, of course, are of no use in risk management.

    Biometrics will come on, since your more advanced smartphone has a reasonably functional fingerprint scanner in it, and embedding that in terminals will take, oh, maybe about 4 years. Getting EMV terminals out in force took 3 years of concerted effort. Oh, yeah, fingerprint scanning terminals will be a while.

    PINs work well where they are used - y

  • by 140Mandak262Jamuna ( 970587 ) on Friday October 20, 2017 @12:02PM (#55404361) Journal
    So many places have an electronic pad that you sign with a stylus. That low res image less than 72 dpi is the defense against fraud? I have signed in Tamil many times and no one seemed to be bothered.

    No, the signature was needed because that allows the credit card company to charge 2% commission from the merchant. The alternative to signature was to use a pin pad. If you use pin at the point of sale, the money comes directly from your checking account, there is no "risk" and it is no longer an unsecured credit given by the credit card company to the merchant. Point of sale terminals, pin and the ATM networks charge only a maximum of 25 cents per transaction.

    It was a great marketing coup by Mastercard and Visa to create the "debit" cards, make it work in their network, and muddle the lines and demand 2% commission from the merchants. The consumers never cared about the difference. Eventually all the merchants complied and since all of them do it they were able to pass on the cost to us. So we pay 2% more on every purchase.

    Unless a big player like Google or Apple come up with in independent payment network, competing with MC and Visa there is no relief for us. They all come up with ideas and fight with each other instead of Visa/MC. There is a demand for a payment method with low transaction charges for people who dont carry a balance, who have protection of 50$ limit on liability. Till something gains traction, there is nothing to challenge the duopoly.

    • by sconeu ( 64226 )

      Let us not forget when you have to sign with your friggin' finger at times.

      Either way, signing on a pad of some kind with a stylus or a finger doesn't look ANYTHING like my normal sig, so I kind of just sign with a "swoosh" on those.

      • Yeah, I love "signing my name" on an iPad when I'm at the Apple Store. It's basically just a profile of the Rocky Mountains.

    • by DogDude ( 805747 )
      It was a great marketing coup by Mastercard and Visa to create the "debit" cards, make it work in their network, and muddle the lines and demand 2% commission from the merchants. The consumers never cared about the difference. Eventually all the merchants complied and since all of them do it they were able to pass on the cost to us. So we pay 2% more on every purchase.

      I'm not sure what point you're trying to make. Before debit, V/MC got 2-2.5% of all charges. With debit, like you said, they only get ab
  • Your signature on a CC receipt is your agreement to pay the charge.

    Clerks can check the signature on the receipt against the signature on the back of the CC as a form of verification, but that is secondary.

    • by sjames ( 1099 )

      Clerks can check the signature on the receipt against the signature on the back of the CC as a form of verification, but that is secondary.

      Only in the sense that your auto mechanic can give you a complete physical when you apply for life insurance.

  • Hopefully they will inform the USPS, as having "Check ID" or something similar on the back of the card is NOT accepted by the idiots at the Post Office.

    It doesn't really happen until the US Postal Service supports it, as they seem to be the litmus test as the lowest common denominator with respect to technology. /sarcasm

    • Re: (Score:3, Interesting)

      by AvitarX ( 172628 )

      Well, technically no merchant is allowed to check ID, or accept a card with check ID written.

      The USPS is simply not violating the contract they signed when getting a merchant account.

      • Re:USPS? (Score:5, Interesting)

        by sremick ( 91371 ) on Friday October 20, 2017 @12:30PM (#55404557)

        Perhaps technically, but in the countless years I've done it on all my cards, I've never had a problem anywhere. Including the USPS.

        Would be nice to see the USA crawl its way a bit out of the stone ages of credit card processing compared with the rest of the world. We shop in Canada a ton and their chip systems validate cards in 1-2 seconds, their portable wireless devices at restaurants are high-tech and slick, and PINs offer far more security than a signature. At this point, needing to use a signature is a shopping/dining speedbump akin to writing a physical check... justifiably seen as archaic and idiotic given modern knowledge and technologies. I find myself apologizing to the Canadians for it more than they apologize in general.

        Took us forever to get chips while the rest of the world left us in the dust, and we're still stuck using stupid signatures. We had plenty of shame and were the laughing stock of the world well before Trump became the pinnacle of national embarrassment, but still.

        • by sl149q ( 1537343 )

          1-2 seconds?

          I use Apple Pay and get my ding to say it is authorized in about a quarter of a second or less. I usually decline the receipt so I'm walking to the door in 1-2 seconds.

          Costco Canada does tap at the till and for their gas stations also do tap. That changes the time to get started pumping from minutes to seconds. I have arrived after somebody was already at the pump and started filling, got to about 10-15 liters before the other person started pumping.

  • by tlhIngan ( 30335 ) <slashdot&worf,net> on Friday October 20, 2017 @12:04PM (#55404379)

    Signing your signature on the line or your card was never about security.

    It was about contracts.

    Signing the back of your card means you agree with the Cardholder Agreement between you and your issuer. Merchants need to check the signature of the card because if it isn't signed, or signed incorrectly, it means the bearer (i.e., who holds the credit card) does NOT agree to the terms of the agreement and thus any transaction made can be null and void.

    The cardholder agreement is that little piece of contract stating if you use the card, you agree to pay it off, interest rate, late payments, fraud, etc and all the other terms of the credit card. A merchant who does not verify your card can get screwed if you refuse to pay since you refused to agree with the agreement.

    The slip that you sign is the same deal - it basically says you the bearer agree to pay the amount shown on the slip per your card holder agreement. If you do not agree, you do not sign the slip (this is especially true if the slip is incorrect - do NOT sign it). When doing a dispute, the credit card company looks at the slip and sees if it was signed. In the old days where they had the carbon paper slips and the slider machines that go ka-thunk as you used them, tearing the slip up has the same effect.

    That's it. That's all the signatures meant.

    And if you had "See ID" or something written on your card, the merchant is actually supposed to cut up the card - it is not a valid card (no on agreed to its use so its presentation means it must be destroyed as it's use is fraudulent).

    With Chip+PIN, entering your PIN is basically agreeing to the charges, and since the PIN and everything is held securely inside the crypto processor on the smart card, it verifies you as the valid user.

    And yes, this is why "Card Not Present" transactions are far more risky - you the merchant are basically relying on the good will of the customer to uphold their end of the agreement despite not actually having a signed agreement to do so.

  • Of course a signature isn't a fraud *prevention* mechanism...it never was, unless the early days of credit cards saw vendors having databases of customer signatures against which to compare. The signature is there for fraud *investigation*. If you argue that your identity's been stolen, the firm investigates, pulls up the purchase slip with a signature that doesn't match yours, BINGO...they know you're not bullshitting.
    • by naughtynaughty ( 1154069 ) on Friday October 20, 2017 @12:53PM (#55404731)

      Of course a signature isn't a fraud *prevention* mechanism...it never was, unless the early days of credit cards saw vendors having databases of customer signatures against which to compare. The signature is there for fraud *investigation*. If you argue that your identity's been stolen, the firm investigates, pulls up the purchase slip with a signature that doesn't match yours, BINGO...they know you're not bullshitting.

      Why so many people persist in claiming that the signature isn't used for fraud prevention is odd.

      It's simple enough to pull up the Mastercard/Visa merchant rules and see that they explicitly use signatures as a means of verifying the person making the charge is the authorized cardholder and it has nothing to do with a future "fraud investigation".

      That a signature can also be a piece of evidence in determining, after the fact, that the purchase was made fraudulently doesn't mean the signature isn't/wasn't a fraud prevention mechanism.

      From Mastercard https://www.mastercard.us/cont... [mastercard.us]

      "Performing a Signature Comparison
      When a signature is obtained as the CVM for a Mastercard POS Transaction completed with a
      Card (but not when an Access Device is presented), the Merchant must compare the signature
      on the Transaction receipt with the signature on the Card to determine whether they appear
      to be the same.
      If the Merchant believes that the signature on the Card does not match the signature on the
      Transaction receipt, the Merchant must contact the Acquirer for instructions. "

      Why is that there? Fraud prevention

  • As more and more stores accept chip, I pay with my chip + PIN, and often, the cashier asks me to sign a receipt too, why? Also I can pay with Android Pay and the cashier still ask for a signature, it's annoying...
    But I can go at Target and they don't ask anything if less than $40, go figure.

  • by PopeRatzo ( 965947 ) on Friday October 20, 2017 @12:12PM (#55404427) Journal

    Next, we need to get schools to stop requiring signatures on absentee notes when kids cut school. I'm pretty sure that during junior high I wrote my mom's signature more often than she did.

  • I heard this on the Internet so I can't say for sure if it's true, but on the other hand, the logic is sound. Can anyone verify one way or another?

    What I heard is that this is partly for use in cases of fraud. It's not so much about proving a positive as it is disproving a negative. (Or something like that.) If some random guy steals my credit card and tries to use it and gets challenged, he can always say "whoops, I found it in the parking lot, put it in my pocket, and accidentally used it instead of mine.

  • by painandgreed ( 692585 ) on Friday October 20, 2017 @12:14PM (#55404445)

    My father worked in credit card all his career. From most of the stories he'd tell, as much as not, the signature came up when somebody tried to decline charges. Once they find out the CC company have the signature and it looks like their signature, they admit they bought the item but were now having buyers remorse. Next comes signatures by other family who they loaned their card to with the intent of letting them buy stuff. Once faced with knowledge there is evidence that they or their agent used the card with their agreement, they stop trying to deny charges and just pay up.

    • by Kjella ( 173770 ) on Friday October 20, 2017 @02:19PM (#55405379) Homepage

      It's all about getting the money. Funniest story a former colleague told me, son had borrowed dad's credit card to go drink... and he started out sober and signed in his dad's name, but as the night passed he got so drunk he started signing with his own name. Son returned the card, dad disputed the mysterious charges without knowing any of this. They called back, told him he'd better have a chat with his son. Dad confronted son, son denied it and apparently dad was still not convinced because he went like "But he said he didn't do it!" and my colleague was like *facepalm*.

      They sent him copies of the slips, son finally admitted it and dad was like "But I didn't sign for this, can't I still dispute it?" and my colleague went like "Sure... no problem after all you didn't spend it. But we have more or less a written confession here plus this conversation on tape and then we'd have to report it to the police for theft of the card, fraud of the money and document fraud. Up to you." and dad went like "Uhm... I'll get back to you." The dispute was dropped, case closed at least from the credit company's side...

    • Huh, that explains a dispute I had over a fraudulent change I had with my CC company years ago. After telling them, no, a grocery store charge half the country away from where I had paid for lunch an hour earlier was not me, they sent me a copy of the signed receipt, saying essentially, "No, it totally was, here's your signature". When I responded that the weird squiggle on the receipt looked nothing like my signature, they let it go and reversed the charge. From your comment I infer that is just a step t
  • At this point in time, the whole 'signature' or 'no signature' issue is irrelevant, since electronic payment systems, from the card readers themselves all the way through to the server farms processing the data, are about as secure as a collander is capable of holding water and so far as I'm concerned you're insane if you use anything other than CASH everywhere you possibly can, limiting your risk of accounts being compromised and identity being stolen to a minimum. Instead of worrying about some little det
    • What is the risk of my credit card account being "compromised"?

      I can assure you that it is less than the risk of your cash being compromised.

      What identity does someone steal with my credit card? They have my name. Lots of people have my name.

      Trying to secure things 100% is a fools game.

  • From what I understand, the signature that some places require when making purchases with a credit card isn't used for authentication, but is used as a legal agreement to promise that you'll actually honor the payment, and not try to cancel/dispute the charge later on.
  • You're just misunderstanding it.... It's not "stolen card prevention" --- it is a form of transaction Non-Repudiation.

    If you actually signed it; you can't very well turn around and claim the charge was unauthorized, so there's that deterrent.

    It would be more useful if they actually authenticated that the signature was your handwriting, AND verify that the customer signs it
    while being watched to ensure they don't just trace over a copy.

    • by sjames ( 1099 )

      I can use the magic phrase "That's not my signature". If you want to prove it is, it will cost you at least $10,000 for an expert.

  • by Solandri ( 704621 ) on Friday October 20, 2017 @12:37PM (#55404605)
    By requiring a signature, they make the merchant liable for fraud. In case of a fraudulent transaction, they can claim the merchant didn't verify the signature matched the signature on the card, and thus it's the merchant's fault. They do a chargeback. The merchant is out the money and the item(s), and thus the merchant has paid for the fraud. Online sales work the same way - the website asks for your billing address and phone number not because they want to sell it to marketers (though they probably do that too), but because that's the only way credit card companies have set it up so merchants can "confirm" you're authorized to use the card. If the merchant fails to confirm all these facts and the transaction is fraudulent, the credit card company can just do a chargeback and make the merchant pay for the fraud.

    Once you move to a real secure card system like Chip and PIN, the merchant is out of the picture. If the transaction went through when it wasn't supposed to, then it's the credit card company's fault and they have to pay for the fraud. If the transaction went through because the cardholder shared their PIN with someone else, then it's the card holder's fault and they have to pay for the fraud. The merchant is no longer liable. And the credit card companies have to make a choice between pissing off their customer (cardholder) or paying for the fraud themselves.. By keeping the merchant liable for as long as possible, they've been able to avoid this hard choice simply by shifting blame and the cost of fraud onto the merchant.
  • Chip and PIN is standard in UK and Ireland and has been for a few years now.

  • I'm sure it is mostly to give the average joe customer a warm and fuzzy feeling that something is being done to validate who he is, its value in calming nerves far outweighs its value in preventing fraud
  • It's amusing that the author goes to the trouble of doodling a piece of tofu. I realized my signature was worthless the first time I encountered an electronic signature pad. I tried to sign my name and it didn't look anything like my actual signature.

    Since then I have scribbled my signature. The cashiers in the stores know I'm just faking it - they don't care. I only even make a half-hearted attempt because it takes so long to read the chip in my credit card.

    The only time I even bother to try to writ

  • by wardrich86 ( 4092007 ) on Friday October 20, 2017 @01:02PM (#55404779)
    I'm pretty sure the rest of the world has been using Chip & Pin for at least a decade now... about time the ol' US caught up!
  • Signatures are useless as currently used. Smart move for MasterCard to get rid of them.

    Dumb move to get rid of them. They should be retained and exclusively used for "high value purchases". So anytime you have a sing;e item valued over say $500 or $1,000. Require the signature, and require it to be verified. This would do wonders.

  • I've been drawing smiley faces, emojis, "no one checks this" and other stuff on the signature pad for years. Did you know that most of them have a line drawing limit? You can't start at one side and fill in the entire thing black. They must be storing the vector version :)

    I decided many years ago that since no one ever looks at the signature and they prove nothing unless you had me personally on camera when it was signed, that I refused to bother signing them. It's a bad feature and unworthy of the time,

The truth of a proposition has nothing to do with its credibility. And vice versa.

Working...