1. Home
  2. UK Finance Discussions
  3. Goldfish problem

Goldfish problem

A couple of weeks ago my Goldfish card was blocked due to "unusual spending patterns" - i.e. my wife and I shopping where we usually shop, plus arranging a top-up for a new mobile phone.

A phone call got this removed, but now I have the problem that my PIN is refused by chip-and-pin machines. After the second refusal, I am now getting "enter pin (final attempt)". Now I know I have entered the PIN correctly. Also Goldfish claimed that they had "no record of any incorrect PIN entries". Today in a pub the card was declined (not referred) when inserted in the chip-and-pin machine (without asking me to enter the PIN), although later in Tesco it was accepted when swiped, and I was asked for a signature.

When they block the card, do they also invalidate the PIN? Goldfish say not, but I find this hard to believe, given the problems I am having. I'm also confused that they told me to insert the card in any LTSB cashpoint, select card services, and press "unlock PIN". That implies that the PIN has been locked.

Any advice gratefully received. IHTS that I had horrendous problems setting up a direct debit to pay my Goldfish bill in full each month, but that was in the days when the card was operated by HFC bank.

Brian

Reply to
BrianW
Loading thread data ...

Your pin for shopping might be blocked but your cashpoint functionality not affected.Go to a machine and unlock the pin and it should work. Eric

Reply to
Eric Jones

They won't have, incorrect PIN entries at C&P terminals aren't reported back home.

Perhaps your PIN is blocked and your pub's C&P machines decline cards which have a blocked PIN (some retailers refuse to accept cards if you don't know the PIN so they probably don't accept cards with blocked PINs). Your PIN been blocked would explain why you were asked to sign at Tesco. If your PIN is blocked it should show up on the cashier's display but obviously wouldn't need to tell you, just ask you to sign instead.

No, its not possible. The PIN information is stored on your card, Goldfish would have no way of doing this, apart from at cashpoints.

Probably has been, by you. Try doing as they say and you'll probably have more joy.

Reply to
Marx Peterson

Without a hint of irony, "Marx Peterson" astounded uk.finance on 03 Jan 2005 by announcing:

All machines should decline blocked cards - that's one of the main points of EMV.

No. They should decline the transaction immediately (assuming they're actually reading the chip now).

Wrong. They can send a script down to the card during any transaction as long as it goes online.

Reply to
Alex

All machines don't though, at my last job if the customer didn't know their PIN there would be an option to use signature. If the PIN was blocked it would show on my screen and automatically print a reciept to be signed. If an EMV still allows signature for customers who don't know their PIN, why wouldn't it allow this if the PIN is blocked?

Goldfish

transaction as

Source please.

Reply to
Marx Peterson

Without a hint of irony, "Marx Peterson" astounded uk.finance on 06 Jan 2005 by announcing:

If they don't, they should not have received certification by the acquiring bank.

PIN bypass is a specific situation recommended by PMO guidelines. PIN/Card blocked is a specific decline situation under EMV/Acquirer specifications.

Trust me. Or read the EMV specs. It's entirely up to you.

Reply to
Alex

reciept to

specifications.

"6.3.4.3 PIN Entry Bypass

... an attented terminal with an operational PIN pad may have the capability to bypass PIN entry before or after several unsuccessful PIN tries."

Isn't that contrary to what you said?

Reply to
Marx Peterson

Without a hint of irony, "Marx Peterson" astounded uk.finance on 07 Jan 2005 by announcing:

No. That applies as long as the transaction could proceed normally. In the case of a blocked application and/or PIN, it cannot. If you add "provided that the PIN try limit is not exceeded" to the above statement, you'd have it covered.

Reply to
Alex

astounded

blocked?

I could have added that, but it wouldn't have been from the EMV specs.

How about...

"6.3.4.1 Offline CVM

When the applicable CVM is an offline PIN, ... [the terminal should] retrieve the PIN Try Counter ...

If the value of the PIN Try Counter is zero, indicating no remaining PIN tries, the terminal should not allow offline PIN entry. The terminal ... shall continue cardholder verification processing ..."

(Meaning that the customer uses signature instead)

and...

"6.3.4.2 Online CVM

When the applicable CVM is an online PIN ... [the] terminal shall allow a PIN to be entered for online verification even if the card's PIN Try Limit is exceeded."

If theres anything in the EMV guidelines that says you can't use a card where the PIN is blocked I can't find it.

Reply to
Marx Peterson

Without a hint of irony, "Marx Peterson" astounded uk.finance on 08 Jan 2005 by announcing:

Continuing processing does not necessarily mean that the next CVM is accepted. I am pretty sure that if offline PIN entry is not successful and is not bypassed, the transaction is declined.

I'll have to check when I'm back in work but think about it logically. All a card thief has to do is enter the wrong PIN several times at a shop. He's then free to carry on using signature for all his future shopping needs. The EMV spec may or may not state it explicitly (I'm not sure) but if not, it's almost certainly in the relevant VISA/Mastercard or acquirer specs.

Online PIN is not used in the UK except for ATMs and in this case it is the only real way to allow a cardholder to reset/change their PIN once its blocked.

Reply to
Alex

should]

remaining

successful and

logically. All

shopping

Preventing "blocked" cards from being used wouldn't be a deterrant as a card thief could simply say "I've forgot my PIN" and get around it that way. When the system is fully rolled out and bypassing PINs aren't allowed then it would make logical sense for blocked cards to not work in the same way as cards won't work without the correct PIN.

It doesn't make much sense that someone who has forgotten their PIN can use their card but someone who has forgotten their PIN but had a few attempts at it can't.

Reply to
Marx Peterson

Without a hint of irony, Alex astounded uk.finance on

08 Jan 2005 by announcing:

Right; now back in work :-p

There are three types of block - card, application and PIN. In the first case, the card is completely useless (from an EMV point of view); every command will result in a 'card blocked' response. This would be used when a card is stolen, for example. Application blocked is when the bank decides you're no longer a good customer; defaulting account etc. It can normally only be unblocked by a dedicated terminal.

PIN block is the one we're interested in, however. The transaction will proceed as normal up to the point at which CVM is required. At this point, and as in the spec above, the card will proceed to the next supported CVM but inform the terminal that PIN was unsuccessful. The TACs (Terminal Action Codes, provided by the acquirer & held on the terminal) will then be used in conjunction with the IACs (Issuer Action Codes, held on the card) and the TVR (Terminal Verification Results) to decide how to process the transaction.

The main point to consider is that it is highly unlikely that the transaction will be authorised offline.

More likely is that the transaction will proceed online for authorisation. At this stage, if the card has been reported lost/stolen the transaction can be declined and the card blocked. If the cardholder has informed the bank that they forgot their PIN and have requested a new PIN, the transaction may be authorised (and perhaps the PIN unblocked). If the cardholder hasn't contacted their bank then anything could happen. It's all down to the bank.

Basically, it means that the customer may use signature instead (depends on card and terminal) but that the transaction may still be declined because the PIN was blocked or some other reason (depends on the card, terminal and issuer).

Reply to
Alex

BeanSmart website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.