Community

I agree with some of the comments of the FT site - seems poorly written and obscure to say the least, and old news too.

Its not slear to me how a hi-tech card can do any such thing with a genuine pinpad terminal, but a cloned or faked pinpad terminal would be very powerful indeed.  Not all Merchants are genuine, and so allowing a fake pinpad/pos device to be used can capture all the PIN input and magstripe too.  Then replay those captured transactions later on a real POS and you still have the captured details to go withdraw ATM cash and sell.

I doubt the chip can be compromised though.

Great post.  But when you thrown about terms like 'asymmetric cryptography' assuming we all know what it means, you lose points!  Please at least explain what you mean - one-way encrypted data - otherwise known as a hash.

Add my vote to the scrapping of 3D Secure too.

Seems to me that although Issuing Banks are clearly experts in managing risk, they also don't mind just waiving the problem of fraud under the carpet.  I wonder what percentage of low value CNP fraud goes undetected and therefore paid by the customer? The rest are disputed and the resulting chargeback is borne by the merchant.  No wonder the banks don't do enough to evolve to better solutions.  Even the 3D Secure pain is simply a way to defer the liability from the Issuing Bank to the Consumer.

Case Example - it took me more than 3 weeks to enroll for the Barclays PingIt wallet.  The indentification phase involves a 1penny credit to my linked bank account, which therefore required me to access said account and view the Reference of the transaction.  Except the bank I chose (HSBC) requires a 2-factor token to view my statement and I didn't have it handy - hence the delay.

On eventually resuming this disjointed registration, the transaction had expired and I had to completely re-register with PingIt. At the end this failed and I spent the best part of 45 mins talking to a Barclays support person on the phone to restore the broken process.  However, the bank I chose that time (Natwest, to avoid the 2-factor token hassle) did not assign a Txn Reference for 24hrs and so caused yet more delay.

Now I have it, I have yet to use it and its yet another prepaid wallet I have to topup and dump funds into. Maybe Google Wallet will be better.

HSBC started using a keyfob and onetime password.  I never had the fob when I needed to just check a transaction or balance.  So I dropped HSBC and told them the reason - too inconvenient. Went back to my old bank.

Totally agree it is needed to action anything meaningful.

What about the banks themselves too, especially in the the CC loving USA.  Buy something under $25 at a POS with a swipe of a magstripe and its yours - no signature, no pin, no checks at all.  Its terrifying if you ever think your card could have been skimmed - checking statements and trying to identify obscure transactions months after your US visit.  The banks are prepared to waive the fraud in return for the purchase convenience factor - who needs tap and go NFC or chip and pin with that thinking.   Just let the consumer sweat it out and suffer the post-transaction inconvenience.

For the first time today I heard Cameron (in PMQ) refer to the impact LIBOR rates had on the public borrowing via mortgage rates.  I recall when the economy tanked that the reason for the hike in mortgage rates, from 0.x% above base rate to 2.x% above was due to the increased cost of borrowing the funds from other banks - the LIBOR rate.

So is it the case that LIBOR was 'stepped up' in the interests of the banks themselves? And that in turn cost the mortgagees a pretty penny? i.e. it was not a free market supply and demand situation at all - it was a monopoly of banks colluding to better their lot in hard times.  A case of heads the banks wins, tails the bank wins.

I simply never appreciated the amount of leveraging that went on (lending money they didn't have and therefore borrowed instead, from a lender who in turn didn't have the money either so borrowed it themselves - like a reverse ponzi which the central banks are printing money to replace, now its all been paid out in transaction fees, commisions and bonuses).

I don't understand what a 'checking account' is?  What is 'checking'?  I check my account periodically!  (OK, I know it's really chequing)..

It always confuses when when a US ATM asks me which account to get money from - 'checking' or 'saving'?  I have neither.  I just want an 'account'.

Why confuse it with current, bank, premium, or debit/credit.

I have one account with each entity(bank, building society, paypal, google, wonga etc. I don't want more, as it simply means more and more plastic, charges, statements to 'check' and hassle.  I expect it to offer me some savings interest when I am in credit, and be a credit account when I am 'overdrawn', and feed a wallet, and allow online payments.  It might offer me free travel insurance and other pseudo benefits, according to my type of account or what I pay to maintain it.

I think banks are still silo'd to be able to do this, and others are stepping in.

We 'feed' the banks our money so they can exist and be useful to us (like a cow we can milk).   Should we pay the bank also? No.  The Bank needs our money to function and prosper.  They should look good and produce good stuff for us to feed them rather than the one in the next field.

Now if you work in a bank, you might think of yourselves as 'Lions' not cows. Maybe that's a problem.

Thanks, good reminder, and its true that Ad Serving is a significant contributor to app-cpu use.  I am constantly amazed at how little use/time one really gets out of a smart phone if you actually use it, and after a few months of use when the battery is degraded from new. 

The problem is increasingly not available bandwidth, but power.

I would add - invest in a spare battery, or a portable battery booster.