Credit Cards/Chip and Pin/ATM withdrawls

"Jim Ley" wrote

... but no longer.

It's not possible to inform the bank *instantaneously*. By the time you've whipped-out your mobile 'phone, dialled the number, navigated the auto-menu system, waited in the queue for an operator ... then the PIN will be changed, and "that state" will **no longer exist**.

So you can't tell them that you suspect someone else knows your PIN -- in fact, what you know is that someone knows a number which is now *not* your PIN!!

But it seems entirely pointless to risk violating the terms and conditions when it would be easier to just get the bank to provide the PIN number in a form that is usable for you. They're required to do it, and it saves any risk - at the very least you should get the banks agreement of attempting the above.

The rules exist, break them, and you are going to be at risk if you're investigated for fraud - such as when someone else uses your pin...

Jim.

"Jim Ley" wrote

Show me a T&C that says someone else can't know what your PIN *used* to be!

"Jim Ley" wrote

But obviously, it is *NOT* "easier"!

"Jim Ley" wrote

When someone else uses your *new* PIN? After someone knew your *old* PIN?

But that's exactly what would be the case, if you reported that someone knew your PIN and the bank changed it for you - someone still knows your old PIN, but your new PIN is different!

That's irrelevant, as the other person must know what it is at the point in time when they read the banks notification.

In the short term, surely it's just one phonecall to the bank, easier than finding some friend you trust to go with you to an ATM and open a letter...

You were happy to violate the terms and conditions of the bank, that demonstration of disregard for them would not be looked at positively...

Jim.

At 12:46:01 on 30/12/2005, Jim Ley delighted uk.finance by announcing:

He doesn't need a new card unless he has had it lost or stolen.

At 13:17:56 on 30/12/2005, Tim delighted uk.finance by announcing:

The weakest link in the chain; in this case the retailer.

Its only whats in the T&C's thats relevant, not whats *not* in them :-).

AIUI (I may be wrong), until the official "cutover" date, liability is the same as always was for mag stripe & signature. So if the retailer checks the sig properly (i.e. so long as the sig looks to a normal person like the one on the card), the bank bears the liability.

At 17:45:14 on 30/12/2005, Jim Ley delighted uk.finance by announcing:

The bank staff have no access to your PIN unless they intercept it at the printing/delivery stage.

Indeed... yet they are required to make their services available to everyone, it's up to them how they do it, but they have to do it...

Jim.

In which case (according to Jim) the cardholder would then need to inform the bank that "someone" (the bank staff) knew the PIN...

"Jim Ley" wrote

But only if it can be done *reasonably*. How do *you* suggest they could do it?

"Alex Heney" wrote

Didn't it change a while back (was it 1/1/05?) so that the link in the chain which doesn't use the new C+P system became liable?

The 14/2/06 date is when the option of signing for a C+P card will be withdrawn (a different matter entirely).

"Alex" wrote

That's what I thought - so Alex Heney is wrong when saying: "...they will become liable for fraud ... from then on", because they *already* are liable in that situation...?

well I don't know the nature of the problem, if it's a grey/grey contrast issue, high contrast print would be simple enough. There are lots of solutions, including the one described in the thread, I would just think it appropriate to get the banks blessing to minimise any future risk.

Jim.

It is more than possible you are right.

I thought it was the 14/02/06 date, but it may have already happened.

It does seem a little unlikely, given that there are still some very large retailers not using C&P.

At 12:06:41 on 31/12/2005, Tim delighted uk.finance by announcing:

In that particular situation, yes.

It's down to the weakest link; if it's not an EMV card then the issuer is liable. If the acquiring bank doesn't support EMV then they're liable. If the merchant doesn't have an EMV terminal then they're liable.

At 12:05:28 on 31/12/2005, Tim delighted uk.finance by announcing:

PIN bypass, to be more specific. If the terminal doesn't support PIN then signature will still be a valid option (assuming the card supports it of course).

Few days ago I was in WH.Smiths the terminal was rejecting my chip and PIN card it was saying "over limit" However it was clear this message must relate to the till, because I was asked to move to another counter This accepted card ok.

But I am surprised the first till was rejecting card as the transaction was only 81

Another annoying experience I have had is a chip and PIN terminal doing a "timeout" although my bank tells me the terminals do not do a "time out" and the terminal was either faulty or a problem with the telephone line. Basally the keypad was not allowing me enough time to enter PIN.

Now given that an ATM does a "timeout" does anyone know whether chip and PIN key pads doa "time out" Derek

At 20:57:02 on 31/12/2005, Alex Heney delighted uk.finance by announcing:

Their business cases showed that the cost of upgrading at the time outweighed the benefit of the reduction in liability. Therefore, they didn't do it.