I
Irwell
Anybody know what exactly is the information on the 'magnetic strip'
on a credit card, is it more than just the CC number and Security
Code?
on a credit card, is it more than just the CC number and Security
Code?
G
Gene E. Bloch
As I said in another post, I finally looked at the link you posted, and
immediately came up with this question: why would anyone want one of
those?
At least, I don't think I have any need for it. Some sites know my card
number, and it's easy enough to use PayPal (and I'd guess its
competitors) on many other sites. Otherwise, I just enter my credit
card number manually. Easy enough.
And perhaps programs like KeePass and Roboform are actually *easy* out
of the box, to use for entering credit card numbers (speaking from
ignorance - I don't use them like that).
In your OP, you asked about hacks to enter passwords, and here's my
opinion.
The device seems to new for any hacks to have appeared (and I certainly
am not competent to create one). But where would your passwords be? On
a credit card?
In other words, I have no idea how entering other data could be
accomplished. Swiping a credit card probably requires client software
on the destination end[1]. Where would you accept a password?
OK, I've rained on your parade, so let's find out if someone out there
will tell me why I'm wrong, or even just overly pessimistic.
[1] Brookstone says "And it works on virtually any website that accepts
credit card payments". To me, that seems to mean "any site that has
been willing to install the client software". They also say "Just plug
the USB cable into any available USB port" at various sorts of places.
This doesn't sound like it runs on software installed on the user's
computer.
If you think that is speculation on my part, you're right, of course.
But I will clainm that it is intelligent speculation
G
Gene E. Bloch
Confusing wording. Let me try again
"As I said in another post, I finally looked at the link you posted. At
the time, I immediately asked myself this question: why would anyone
want one of those?"
I didn't post that question in that other post.
C
Char Jackson
Roboform can be neutered so that it acts like KeePass, just sitting
there blind and dumb when you navigate to a certain site, but once
you've seen what Robo can do you never want to go back. <Insert
analogy here.>
Long ago, I used to use rememberable passwords, but those days are
gone. Now I use passwords generated by Roboform which lets me use long
strings of random upper & lowercase letters, numbers, and special
characters, and I can change them frequently without risk of
forgetting what they are. I don't often shill for anything, but
Roboform seems to be without equal so far.
G
Gene E. Bloch
I might look.
Two analogies I can think of, keeping it clean, are: once you've tried
Mozart and once you've tried cholcolate
Does RoboForm run on a cellphone?
(Don't answer, I can look on their site later.)
My passwords are to some extent easy for me to remember, but they
probably wouldn't be for you. At least I hope so, for the obvious
reasons.
But obviously I don't use the same password for everything, so that can
pose a challenge. Which semi-easy password do I use here? Oh,yes, that
one...Or maybe not...
R
Rodney Pont
All it needs to do is shove the number it's scanned into the field the
the cursor is in on the form, just like a keyboard. I presume it tells
the system that it's an input device.
In the days of PS/2 keyboards you would plug the scanner into the PS/2
keyboard port and then plug the keyboard into the PS/2 socket on the
scanner cable, I've got a bar code pen scanner that works in just this
way.
J
J. P. Gilliver (John)
In message <[email protected]>, Gene E. Bloch
the details on the card (and seventy bucks seems a lot to pay to just
save some typing!); to sort this out once and for all, we need an answer
to Irwell's question of what exactly is on the stripe on a card (in
particular, is there anything that _isn't_ also on the card in
human-readable form).
But I've now looked at it (the Brookstone one not the square; the square
looks a clever piece of business and technology, and I actually admire
what they've done, both technically and business wise: it seems to be a
way for any small business to start accepting cards, with minimal
[zero!] outlay and for a percentage. But I digress ...), and the web
page (for the Brookstone one) says "swipe your card right at your PC and
it's instantly on the site, encrypted" and "Never again expose your
credit card number over the Internet." Both of those _do_ suggest it
does _extra_ encryption, which obviously _would_ need matching software
to have been installed at the receiving end, which means saying "it
works on virtually any website that accepts credit card payments" is
just plain dishonest. In fact, one or other of those sets of statements
_has_ to be dishonest - or, at least, require considerable further
clarification.
I suppose there's the remote possibility that it's just saying use of
the https system provides some encryption - but then _implying_ that the
_device_ adds it is disingenuous at least. (I presume we all know at the
very least never to enter credit card details into a non-https: page!)
security involved, security-by-obscurity is widely disparaged.)
Even without it adding any security, I can see one group of people for
whom it _could_ be useful - the blind; however, the ones I know would
balk at the price, and I would hope plain (non-encrypting) swipe readers
are available for less (I haven't looked).
I was going to say hat to me, that sounds as if it just saves you typing
the details on the card (and seventy bucks seems a lot to pay to just
save some typing!); to sort this out once and for all, we need an answer
to Irwell's question of what exactly is on the stripe on a card (in
particular, is there anything that _isn't_ also on the card in
human-readable form).
But I've now looked at it (the Brookstone one not the square; the square
looks a clever piece of business and technology, and I actually admire
what they've done, both technically and business wise: it seems to be a
way for any small business to start accepting cards, with minimal
[zero!] outlay and for a percentage. But I digress ...), and the web
page (for the Brookstone one) says "swipe your card right at your PC and
it's instantly on the site, encrypted" and "Never again expose your
credit card number over the Internet." Both of those _do_ suggest it
does _extra_ encryption, which obviously _would_ need matching software
to have been installed at the receiving end, which means saying "it
works on virtually any website that accepts credit card payments" is
just plain dishonest. In fact, one or other of those sets of statements
_has_ to be dishonest - or, at least, require considerable further
clarification.
I suppose there's the remote possibility that it's just saying use of
the https system provides some encryption - but then _implying_ that the
_device_ adds it is disingenuous at least. (I presume we all know at the
very least never to enter credit card details into a non-https: page!)
Likewise! They need to explain more. (If not doing so is part of thethe USB cable into any available USB port" at various sorts of places.
This doesn't sound like it runs on software installed on the user's
computer.
If you think that is speculation on my part, you're right, of course.
But I will clainm that it is intelligent speculation
security involved, security-by-obscurity is widely disparaged.)
Even without it adding any security, I can see one group of people for
whom it _could_ be useful - the blind; however, the ones I know would
balk at the price, and I would hope plain (non-encrypting) swipe readers
are available for less (I haven't looked).
A
Allen Drake
Confusing wording. Let me try again
"As I said in another post, I finally looked at the link you posted. At
the time, I immediately asked myself this question: why would anyone
want one of those?"
I didn't post that question in that other post.
In my opinion it is far better to use a debit card that is not
connected to any other account that uses overdraft protection. Keep a
limited amount in the account moving money to it from other account. I
limit my purchase to $500.00 per day and even I can't make a purchase
more than that without speaking to a human bank official. The worse
that can happen is you are separated from your $500 temporarily as the
bank guarantees it's return which does take some time to process. I
have never had a credit card and would never want one. Why would I
want to spend bank money when I have saved enough of my own from day
one of my 50 years of being in the work force?
Al
D
DanS
Read on.......
That is one of the worst examples I've ever heard.
All one needs to fraudulently use your CC online is the
numbers from the front, the expiration date, name, and 3-digit
number from the back, none of which require access to the
magnetically encoded data.
A pen and paper will suffice, unless you have a rainman-like
memory and don't even need that.
A shady cashier from a store can do the same thing, enter the
CC info on the keyboard.
CC readers have been available to the general public for as
long as I can remember through electronics distributors like
Mouser & Digikey, or Nuts & Volts, Hosfelt or a number other
surplus amd like places.
A
Antares 531
I wonder why the credit card companies haven't pooled their resources
to develop something like a fingerprint reader that would limit the
card's use to only the person whose fingerprint matched. I know these
fingerprint readers have been around for a while but I don't see them
in use in any of the stores.
Another thing along this line is the eye retina surveyor that requires
the person to look into a camera like device that reads the patterns
on the eye retina. This would be hard for anyone to steal then make
use of.
A
Allen Drake
I think their assets are protected by insurance companies and when
they started dictating the rules this might happen. If the banks were
concerned about loss from fraud I imagine they would take steps to
improve on what they already have now.
Al
C
Char Jackson
I've heard an awful lot of financial advice over the past 50+ years,
but so far I don't think I've heard any 'financial experts' say it's
better to use a debit card versus a credit card. Credit cards have
multiple protections and advantages built in that debit cards don't
have.
I've never used a debit card and don't think I ever will.
B
BillW50
I take it you never saw the movie titled Demolition Man. In that movie,
retina scanners were useless in the real bad world. As all you needed
was to steal the victim's eyeball and those retina scanners would let
you right in. :-O
Demolition Man (1993) - Plot Summary
http://www.imdb.com/title/tt0106697/plotsummary
S
Stan Brown
Because it's extremely common for person A to give their card to
person B to use. I think it's foolish, but it's common. Card
companies can't adopt a scheme that would make that impossible,
because they would lose all those purchases.
G
Gene E. Bloch
Some gas stations in my area that use debit cards at the pump have been
scammed, and as you say, the consumer is not protected as well...
I agree with your last statement (that's rather obvious, given the
above remark).
G
Gene E. Bloch
What you say is quite credible to me, and what I say is also (and J. P.
Gilliver seems to agree with me).
So I think it is currently a bit ambivalent.
I'm not sure how to find a definitive answer...
A
Allen Drake
Please explain why not.
Can you provide an example of your claim?
Scammed how? I have spoken to my bank representative who informed me
I have nothing to worry about. They were more than willing to back up
any purchase made illegally.
I have stated clearly what would happen with use of a debit card with
only fear and rumors to the contrary.
You learned this how?
Can you provide an example of your claim?
Scammed how? I have spoken to my bank representative who informed me
I have nothing to worry about. They were more than willing to back up
any purchase made illegally.
I have stated clearly what would happen with use of a debit card with
only fear and rumors to the contrary.
S
Stan Brown
Protections for credit-card users are a matter of Federal law.
Protections in *law* for debit cards are indeed weaker (or they were
the last time I checked). However, as a marketing think the Visa and
Mastercard organizations have extended to consumers the same
protections for debit cards that the law requires for credit cards.
While they *could* change that, it's unlikely.
But there's one problem you can't get around: if your debit card is
used fraudulently or a mistake is made, that money is gone from your
account until the dispute resolution procedure kicks in. In the
meantime, checks you may have written, or automatic payments you've
set up, may bounce because there's not enough money in your account.
That ripple effect is a lot less likely with credit cards, unless you
habitually max out your credit cards.
Protections in *law* for debit cards are indeed weaker (or they were
the last time I checked). However, as a marketing think the Visa and
Mastercard organizations have extended to consumers the same
protections for debit cards that the law requires for credit cards.
While they *could* change that, it's unlikely.
But there's one problem you can't get around: if your debit card is
used fraudulently or a mistake is made, that money is gone from your
account until the dispute resolution procedure kicks in. In the
meantime, checks you may have written, or automatic payments you've
set up, may bounce because there's not enough money in your account.
That ripple effect is a lot less likely with credit cards, unless you
habitually max out your credit cards.
C
Char Jackson
This is just off the top of my head. I'm sure others can extend this
list with some thought.
Credit card advantages:
- Ability to dispute charges and request chargebacks
- Double warranty period
- Usage establishes credit history
- Usually limited to $50 liability
- Cash or points rewards
- Consumer protection provided by law
- Not a direct link to your bank account!
You can basically flip each of those around and they become
disadvantages for using a debit card. As Stan pointed out, some debit
cards give you some of the consumer protections required of credit
cards, but not all do. (My credit union ATM card is a debit card and
doesn't carry a big name logo like MC or Visa, so I'm doubtful that it
has any or many of the same protections and advantages of any credit
card.)
If you google "credit card vs debit card" you get a bunch of sites
that, distilled down, tell you that each has its pros and cons, but
the bottom line is that credit cards have far more advantages and far
fewer disadvantages than their debit card cousins.
<http://www.google.com/search?q=credit card vs debit card>
One interesting example: (but it comes from a credit card site)
<http://www.creditcards.com/credit-card-news/10-places-not-to-use-debit-card-1271.php>
If you don't skim any of the other links, try this one for a fairly
comprehensive comparison of the two types of cards and their take on
which is safer or better in each situation. Credit cards clearly come
out ahead, as expected.
<http://www.wisebread.com/credit-cards-vs-debit-cards-a-comprehensive-comparison>
The more you read, the more you'll want to stop using a debit card.
A
Allen Drake
I don't ever write checks any more. They are the weak link and as far
as I know many won't even accept checks any more. I don't even carry
case. Every purchase I make is always a debit card. I check my
accounts on line every day. The purchases I make are reflected
instantly, unlike a check. As I indicated I keep no more in my debit
account then I can afford to tie up if some how a fraudulent
transaction is made. It's better then carrying cash in your wallet. If
you lose it you are out your money. Unlike your debit card. I simply
can't find a weak link in this process. If you lose your credit card
you are responsible for every transaction until you report it lost. If
you have a line of credit for thousands you are out that money if you
don't realize it is missing and report it to your bank. I know someone
that thought she would get away with running up her bill and didn't
report it "stolen" for a week after she used it and spent all she
had. To her surprise she was not as smart as she thought she was.
Again, I don't use "overdraft protection" because I never write a
check. My bank called me recently to try to sell me a plan that cost
$14.00 a month. Something about identity theft protection. They told
me I had their "service" free for a month and asked my if I checked my
credit rating lately. She could not understand the idea of not having
credit cards and couldn't get it though her head that I was not about
to pay for a useless plan.
It seems as hard to get the average American to understand the
uselessness of a credit card either if you don't ever plan to spend
more then you have or live from paycheck to paycheck.