The U.S. payment industry is significantly behind. If the transaction was done online, I can assure you they did not know your PIN but your security code which could be due to a leaked database of details.
Chip + PIN is one of the safest ways to use a card. It requires something you have and something you know. A card used online does not require physical ownership of the card. >From what I know, America still hasn't really utilised many Chip + Pin >machines and still just swipe a card. The attack vectors are huge and until >the big banks are willing to issue chip and pin cards and or supply merchants >with machines collectively, card fraud will remain high. The problem with the U.S. is that fraudelent charges could be claimed by someone when they have in fact made tht charge. In the UK, chip and pin without being a victim of crime usually points to BS. There are extreme cases, but that's the 1% not the 99%. Online card transactions have always been disputed wrongly by customers but there's often a card issuer can do but refund due to the fact they are jointly liable by law. Chip and pin makes it easier for vendors to trust customers and protects them ultimately. Their POS supplier usually will offer insurabce services with the rental and commision fees. Much like PayPal. Why the U.S. has not adopted this globally, I don't know. In fact, NONE of my cards will work offline / bring swiped. They need to talk to the banks systems to work / verify the transaction. This is true for most people in the UK. That's why your train ticket purchase was declined most likely. _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
