Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security IT

Credit Cards Don't Require Signatures. So Why Do We Still Sign? (msn.com) 60

Posted by msmash from the closer-look dept.
An anonymous reader shares a report: The big financial moments in life used to be marked with a flourish of a pen. Buying a house. A car. Breakfast. Not anymore. Visa, Mastercard, Discover and American Express dropped the requirement to sign for charges like restaurant checks in 2018. They don't look at our scribbles to verify identity or stop fraud. Taps, clicks and electronic signatures took over the heavy lifting for many everyday purchases -- and many contracts, loan applications and even Social Security forms. The John Hancock was written off as a relic useful mainly to inflate the value of sports memorabilia. But signatures didn't die.

We continue to be asked to sign with ink on paper or using fingers on touch screens at many restaurants, bars and other businesses. And people keep signing card receipts out of habit -- even when there is no blank space for it -- because it feels weird not to, payment networks and retail groups say. "Traditions have this odd way of sticking around," said Doug Kantor, general counsel of the National Association of Convenience Stores. Signatures had been used to verify identity and agree to financial terms for centuries. Banks kept records of customer signatures to check against, but the sheer number of transactions and advancements in technology eventually made that impractical.

By the 1980s, charges could be processed electronically. Signatures were still used in cases of fraud or stolen cards. Banks could call merchants and ask them to present a signed receipt. Yet given how easy signatures are to forge, they proved limited as a fraud prevention tool. Now there are more sophisticated ways to determine whether cards are stolen or misused, according to Mark Nelsen, global head of consumer payments at Visa.

Credit Cards Don't Require Signatures. So Why Do We Still Sign? More | Reply

Credit Cards Don't Require Signatures. So Why Do We Still Sign?

Comments Filter:
  • I think the only business I regularly have sign for a CC transaction is my car dealer for whatever reason, and it's still an electronic POS system.

    • I think the only business I regularly have sign for a CC transaction is my car dealer for whatever reason, and it's still an electronic POS system.

      You may think that term means "point of sale," but all too often it doesn't.

    • Many stores will refuse your card if it isn't signed or the signature doesn't match what's printed on the card. Low level of security to be sure, but it is a quick check against stolen cards. Especially in the USA where we use chip-but-no-PIN (ie, really stupid). My friend actually paints "Ask for ID" on the front of his :-)

      The signature is for legal reasons, you can dispute charges more easily if you can show that the signature obviously isn't yours. Sure, it doesn't prevent forgeries, but 99.9% of cred

      • Many stores will refuse your card if it isn't signed

        I haven't handed my card to a cashier in years. I insert it directly into the POS terminal. The cashier doesn't see it.

        or the signature doesn't match what's printed on the card.

        I last saw that happen more than twenty years ago.

        Especially in the USA where we use chip-but-no-PIN (ie, really stupid).

        Chip-n-sign is stupid, but credit cards are stupid in general, and many countries have replaced them. They make purchases with their phones using 3FA.

      • I don't even own a card that is signed on the back. I would argue that I don't want my signature stolen if my physical card stolen.

      • "chip-but-no-PIN"

        Apparently you don't shop at Kroger stores. For instance.

  • Where "we" is people with US-based credit cards (Score:5, Informative)

    by whoever57 ( 658626 ) on Wednesday October 16, 2024 @04:46PM (#64870113) Journal

    Other countries moved to chip-and-pin years ago, leaving only US-issued cards that are chip-and-signature.

    • The ironic thing is that in 2015, the US was supposed to move to a chip-and-PIN system, and any merchants that didn't move to it would be financially responsible for chargebacks.

      I don't understand why this hasn't happened yet. Even though we are transitioning to EMV transactions, it would be nice to have chip and PIN as protection in the interim.

      For CNP transactions like mail order stuff, a while back, there was a test of credit cards that had a long lasting battery, and would show a six digit code on an e

    • Was about to ask where in the world are signatures still used for credit cards.
      I haven't signed a card receipt for a long, loooong time (maybe in the early 2000's ? I really don't recall).
      Today, everywhere is either insert card and tap your pin, or just pay with cards (or phones) with NFC.
      I myself don't use NFC for payment, I don't think it's secure, especially in uncivilized countries like mine. Heard some horror stories from friends who lost their card, only to find out thousands missing from their acc

    • Credit cards issued in Australia don't even have a signature strip anymore.

  • I hate signing, it's stupid and meaningless. I don't sign the back of the card, and i'm much happier using a pin for authentication of transactions.
    On the few occasions i've been asked to sign i just do something totally random and never once has it been a problem.

    • It's never been a problem because you have authorized the purchase from that vendor. It becomes a problem when someone steals your card, signs with the same random squiggle, and now you have to prove that it wasn't you.
      • Except its the other way around (at least in most countries) they have to prove that it was you.

      • You can dispute almost any charge. The snag is if you do this multiple times then you get flagged as suspicious and they may stop doing it. Thus, disput the charges then cancel the card and ask for a new one because it may have been stolen (or just the number was stolen, as so many online purchases don't need any information except what is printed on the card!).

        Credit card companies, at least in America, are based on the low security model, where they will budget for a certain amount of fraud loss as long

        • Credit card companies, at least in America, are based on the low security model, where they will budget for a certain amount of fraud loss as long as it is less money than would be needed to implement good security.

          The problem for MC/Visa is that a more secure and sensible system would eliminate the cards and put them out of business.

          Credit cards are stupid. Last year, they cost Americans $260 billion ($225 billion in merchant fees and $35 billion in fraud).

          An average family of four loses $3,000 per year.

          The only reason people use credit cards is because it's just how it's done.

      • No, I don't. Because I don't bank with an asshole company that tries to duck each and every liability they have for not properly implementing EMV chip+pin.

        The few times my wife and I have had to deal with fraud transactions, it has been:

        1. call bank customer service line
        2. tell them there is fraud
        3. tell them which charges are fraudulent
        4. attest on the phone that they are not charges made by any authorized cardholder while they are recording
        5. meanwhile the existing pre-authorized recurring charges still

    • Re: (Score:2)

      by taustin ( 171655 )

      Technically, the card's not valid if you don't sign the back. It probably says so on the card.

      • Technically, the card's not valid if you don't sign the back. It probably says so on the card.

        This requirement ruins the whole validity of a card signature as proof-it's you: all the thief has to do is copy the signature from the back of the card.

        • Re: (Score:2)

          by Calydor ( 739835 )

          Which is harder to do for the average crook than simply putting HIS OWN signature on the back of your unsigned card, then writing HIS OWN signature on whatever slip he's asked to do so on.

      • In my entire adult life, I've been asked about a blank signature panel a total of one time, and the merchant handed me a pen and asked me to sign it before they would run the transaction. Biggest shock ever: the signature on the card absolutely matched the signature on the receipt, as they had about 15 seconds of time pass between both being signed.

        The signature panel is absolutely useless and nobody looks at it. How would they even look at it with an EMV card where I put the card in the slot, and then pu

  • In America that makes it a legal agreement (Score:4, Insightful)

    by rsilvergun ( 571051 ) on Wednesday October 16, 2024 @04:48PM (#64870123)
    that's why. Not sure about the rest of the world, but in the US your signature makes it a legally binding agreement.

    In the US you can dispute any charge on your card. If you win the dispute you get your money back. I had to do this after returning a crappy cell phone years ago and not getting the 1st months fees back after going back to my old carrier.

    For small amounts the business just eats it. But try doing that with something on a business card for $10k, $20k or $30k and up. The business will sue you and present the signed receipt in court. Assuming it gets that far, since they'll present it to the credit card company first.

    • Re: (Score:2)

      by Bahbus ( 1180627 )

      Sure, but your signature has never needed to be your own name. It just needed to be "yours" and replicable.

      • Sure, but your signature has never needed to be your own name. It just needed to be "yours" and replicable.

        Close, but no. It does not need to be replicable.

        The mark only needs to have been made by you.

        The mark itself does not, and has never, contained proof of if you are bound by it. Instead, in a dispute the Court simply has to decide if it thinks you made the mark or not.

        • Re: (Score:2)

          by Bahbus ( 1180627 )

          Close, but no. It does not need to be replicable.

          Not anymore. But, for various different purposes or places, it used to be needed.

    • Re: (Score:2)

      by davecb ( 6526 )
      As you said, it is a protection for the sellers. it's also one for the buyers. In Britain, for some years, banks claimed that if you used a PIN, then any charges on your account were from you or a family member. That means they didn't have to refund your money if someone created a fraudulent transaction. Chip and signature allowed a card-holder to demonstrate that it wasn't them, and the banks had to cough up. See Reliability of Chip & PIN evidence in banking disputes, https://www.lightbluetouchpape [lightbluetouchpaper.org]
      • Yeah I could see that in Britain. In the United States we have laws that specifically shift the liability to the credit card companies. We don't have a lot of good protections for consumers here but we do have that

    • Err no, not remotely. You don't need a signature to make a legally binding agreement in most of the world including the USA. There's no legal basis for requiring a signature.

      Signatures are for acceptance of written terms, i.e. when you buy a house (not with a credit card, but actually with a written contract). All purchase contracts done on credit card are implied contracts that require no signature from any party. The only time you need to sign something is if there are additional terms beyond an implied p

    • A legal agreement needs An Offer, Acceptance, Consideration, Capacity, and Legality of Purpose. A signature is a form of written acceptance - which is harder to dispute, but verbal agreement or conduct (accepting and using a good or service) is just as binding. A handshake is also just as binding as a signature.

  • This is, I guess, an USA thing. Never in my adult life (and we are talking pre-2000 level here) was I asked for a signature for any debit- or credit-card purchase, online or offline.

  • I never signed it because it never made sense. The ink just fades and smudges off anyway. I barely ever even remove the label. I can't recall there ever being a complaint. If there's a problem I can sign it right there in front of them. But what did we really accomplish?

    • The ink just fades and smudges off anyway.

      I put a piece of clear Scotch Magic tape over my signature on the card; keeps it pristine. Never any problems with readers either.

  • The whole signing thing is some weird US or possibly North America thing because they are basically a third world country when it comes to this.

    • Please don't lump Canada and Mexico in with the US when it comes to anything financial. :) They're a third world unto themselves when it comes to banking. Canada moved to chip+pin back in the 90s, and enabled NFC (tap) transactions in the early 2000s. (Not sure about Mexico, but considering how backward the US is, pretty much anything is more forward-looking.)

      I mean, Americans think Apple invented tap-to-pay, which tells you a lot about how far behind they are in payment tech.

    • It is because we were far ahead of you and therefore had much more time to ingrain this method into our culture and accumulate old technology. This is a common theme where first movers often lag once the technology has become easier to implement and new features have been added. You aren't special, you were late to the party. Next should we educate you on what "third world country" means?

  • Meaningless rituals die slowly (Score:3)

    by gweihir ( 88907 ) on Wednesday October 16, 2024 @04:49PM (#64870137)

    Not different for security rituals. See, for example, all the idiots that still require you to change your passwords regularly, despite it not being recommended. This stupidity will likely go on for another 10 years or longer.

    • Not different for security rituals. See, for example, all the idiots that still require you to change your passwords regularly, despite it not being recommended. This stupidity will likely go on for another 10 years or longer.

      Our insurance requires us to force password changes regularly. They're finally catching up to a decade and a half ago on security issues. Maybe they'll reach the 2020s about the time AI replaces us all.

  • Put whatever you want in the signature block. No one even notices.

  • Chip and pin was introduced soon after I was old enough to have a debit card, and even that is obsolete, I rarely enter my pin since most places are tap to pay now.

    • Tap to pay annoys the hell out of me, its no longer 2FA, but everywhere else on matter how low risk seems to be ramming 2FA down my throat, but access to my bank account hell no we would not want to slow down my spending by a few seconds.

  • >"Yet given how easy signatures are to forge,"

    Anyone can forge a signature. What is being implied in that statement is that signatures have little value because forgery exists. And that is not true. Not if you are talking about a wet signature. Might also not be true if it is a digitized one, as long as the pad can sense pressure and has a high-enough resolution. A signature expert in court can differentiate genuine from forged pretty reliability.

    Has little to do with if it should be used or not wit

  • In most of the world we don't sign our credit cards, but you can be damn certain that we would sign a purchase contract on a house, and nothing Visa or Mastercard do will change that.

  • If it's tap-and-go then there's less opportunity to present a tip box to fill in.

    Around here, places that don't regularly involve tips tend to not require a signature. But where tips are anticipated, then a signature is almost always "required". Its Oh So Convenient that you've got the pen and are about to write just next to the tip box.

    The card I use most often doesn't even have a signature sample. Most card machines will print "Signature not required" but tip-anticipated places will often still ask for

    • All the tap-to-pay terminals around here present a tip option first where you can choose a pre-set %, enter a custom %, enter a custom $ amount, or skip. It displays the new total, you click OK, and then tap the terminal to authorise the payment.

      Signatures aren't required for anything payment related in Canada. Signatures are required for paper contracts.

  • The fact we had signatures on credit cards for so long is a "feature". Europe was using chip and pin for years before we even considered it. And then when we did we just did the chip and no pin. The reason? Because it is harder to do chip and pin so the companies didn't want to do it. Since our government just lets companies do what they want and puts very few requirements on them, even when it comes to things like credit card, they do the thing that is easiest and cheapest for them. Sure, it is not as secure, but that is something for the merchants and customers to deal with, not them. Credit card gets stolen? Chip and pin stops people from using it. Instead we still have rampant theft because no one cares about the signature so when a credit card is stolen they have until someone notices and shuts it off to use it.

  • I was trying to make a standard contactless payment at a manned till at a local supermarket one day. The cashier spotted no signature and said I was not allowed to make a payment because card is not signed. Wouldn't budge even I explained the whole purpose of a signature and how moot the point was given it was a contactless payment about to be made. Threatened to call security on me so I just left. Wasn't worth a fight. Still, a very peculiar situation.

    • Re: (Score:3)

      by Bahbus ( 1180627 )

      so I just left. Wasn't worth a fight.

      So, you let the moron have a default win reinforcing her own stupidity. Should have let her call security. Let her share how much of an absolute idiot she is and that she is refusing a legal transaction for no (legal or valid) reason.

    • I would definitely just pull out my phone or watch at that point and tap it on the machine. If they want me to sign a wristwatch, I wish them luck.

  • For legal documents. And you have to registered your stamp with the government to make it legal.

  • ...credit card processors charge merchants different fees for cards physically processed by them vs cards used online or on the phone. A signature is supposed to be proof that the card was physically presented. It's poor proof

  • I haven't been asked for my ID in years. No one looks anymore at the signature block...

  • Similar to SMS based 2FA. They use it because they've always done it that way, security be damned.

  • I write it differently every time. You cannot predict what I will do, I am a living one time pad generator.

  • The only times anyone signs a money transfer in the UK, is when the power has failed and someone's dug out a carbon-copy bank card swipe machine from the deepest recesses of the supermarket manager's office, or when writing a cheque for a children's after-school club.

    The word "receipt" must mean something different in En:US because I have no idea why anyone would sign one, and I'm over 50 years old.

Slashdot Top Deals

I am NOMAD!

Close