Why no online chip payments?

For just about anything you want to get off your chest about credit cards.
22 posts
Battery111
Centurion Member
Centurion Member
 
Posts: 284
Joined: Wed Apr 09, 2014 9:40 pm
Location: Lawton, ok

Why no online chip payments?

Postby Battery111 » Sat Nov 22, 2014 8:07 am

As a government employee we use smart cards for almost everything dealing with a network. As a result I have smart card readers for all of my computers and even mobile devices. Made me wonder. With all of the chip cards being fielded now it seems odd that online retailers aren't accepting payment that way to cut down on fraud. I would think the issuers would give a processing discount for cards processed this way as well. What am I missing?
Citi AAdvantage Executive World Elite MasterCard
AMEX Platinum
AMEX Everyday Preferred
USAA AMEX
Discover IT
Chase Freedom
Chase Sapphire Preferred
NFCU nRewards Visa


Cre
Platinum Member
Platinum Member
 
Posts: 93
Joined: Thu Nov 06, 2014 11:53 am
Location: United States

Postby Cre » Sat Nov 22, 2014 12:42 pm

Pardon my ignorance, but what exactly do all the smart card readers on all of your computers do?
Current Cards:
AmEx Platinum Charge: NPSL, $450 AF
AmEx Reserve Credit: $30K limit, $450 AF
Chase Slate Visa Credit: $32K limit, No AF
Future Strategy:
Near Term: Need a good MasterCard for places that won't accept AmEx or Visa
Long Term: Will downsize out of one or both current AmEx cards to reduce AFs

User avatar
Terry
Centurion Member
Centurion Member
 
Posts: 119
Joined: Fri Sep 28, 2012 9:22 pm
Location: Texas

Postby Terry » Sat Nov 22, 2014 1:31 pm

Battery111 wrote:As a government employee we use smart cards for almost everything dealing with a network. As a result I have smart card readers for all of my computers and even mobile devices. Made me wonder. With all of the chip cards being fielded now it seems odd that online retailers aren't accepting payment that way to cut down on fraud. I would think the issuers would give a processing discount for cards processed this way as well. What am I missing?


Arround the year 2000, I opened a new card account with American Express called "Blue from American Express". That card came with a chip and an EMV reader that I attached to the computer. Online transactions were approved from Amex only if the physical card was attached to the computer used to place the order. That practice was around for only a few years then discontinued. Hopefully one day, card issuers will revive this secure online process to protect both the consumer and the issuer.
AMEX Green Card - NPSL [Member Since 1995] ;)
AMEX Everyday Card ($25,000) 6/14 Backdated to 1995 - For 20% Extra Points Benefit
Chase Freedom Visa Signature ($17,000) - For 5% rotating categories
Citi ThankYou Preferred Visa Signature ($16,000) - 2% dining
Discover IT Humane Society Design ($16,500) - For 5% rotating categories
Firestone ($2,600) - For 0% financing
Home Depot ($10,000) - For 0% financing
JCPenney Credit Card ($7,000) - For special discounts
Sam's Club MasterCard - ($20,000) - 5% off gas at any fuel pump
Wells Fargo Personal Line of Credit - ($15,000)

FICO's - 767 EX, 778 EQ, 790 TU [02/2015]

Battery111
Centurion Member
Centurion Member
 
Posts: 284
Joined: Wed Apr 09, 2014 9:40 pm
Location: Lawton, ok

Postby Battery111 » Sat Nov 22, 2014 1:41 pm

Cre wrote:Pardon my ignorance, but what exactly do all the smart card readers on all of your computers do?


Our ID cards are smart cards. Your ID card must be physically inserted into the reader and that along with a PIN is what allows you to log on. We don't use usernames and passwords at all for computer login. Additionally most of the government websites either require the card to be able to log into it, or at the very least allow it as an option to log in. One notable system that requires smart card authentication is the Defense Travel System, which is what we use to book all official travel. Aside from the initial set up which can be a bit of a pain sometimes, it's actually quite convenient. No need to remember absurdly long and complex passwords and the two factor authentication provides more security.
Citi AAdvantage Executive World Elite MasterCard
AMEX Platinum
AMEX Everyday Preferred
USAA AMEX
Discover IT
Chase Freedom
Chase Sapphire Preferred
NFCU nRewards Visa

Battery111
Centurion Member
Centurion Member
 
Posts: 284
Joined: Wed Apr 09, 2014 9:40 pm
Location: Lawton, ok

Postby Battery111 » Sat Nov 22, 2014 1:45 pm

Terry wrote:Arround the year 2000, I opened a new card account with American Express called "Blue from American Express". That card came with a chip and an EMV reader that I attached to the computer. Online transactions were approved from Amex only if the physical card was attached to the computer used to place the order. That practice was around for only a few years then discontinued. Hopefully one day, card issuers will revive this secure online process to protect both the consumer and the issuer.



I thought I had remembered a time when this was advertised. Not sure why it fell out of favor, at least as an option. The technology is reasonably mature now so it seems silly not to utilize it, especially since implementation costs would me minimal. Card readers are cheap, and I would imagine they would be provided primarily by the issuing banks as you're talking about. Would have the potential to radically reduce online credit card fraud at reputable sites.
Citi AAdvantage Executive World Elite MasterCard
AMEX Platinum
AMEX Everyday Preferred
USAA AMEX
Discover IT
Chase Freedom
Chase Sapphire Preferred
NFCU nRewards Visa

golf.ninja
Green Member
Green Member
 
Posts: 13
Joined: Wed Nov 12, 2014 3:38 pm
Location: Maryland

Postby golf.ninja » Sat Nov 22, 2014 2:10 pm

Battery111 wrote:As a government employee we use smart cards for almost everything dealing with a network. As a result I have smart card readers for all of my computers and even mobile devices. Made me wonder. With all of the chip cards being fielded now it seems odd that online retailers aren't accepting payment that way to cut down on fraud. I would think the issuers would give a processing discount for cards processed this way as well. What am I missing?


I think its just a matter of time - albeit it may be a LONG time given how long its taken us to just to start using EMV cards. But for the most part, I'm guessing it's more complicated on the back end when compared to you using a PIV card to authenticate to your work. I've little clue how payment processing works, so I can only guess why simply extending the POS terminal to your house (using software of course) would make it complicated. Perhaps that fact that simply opening that line of communication is a risk.

And I'm sure the initial cost will be higher for the merchants since they may actually be adding resources to facilitate the transaction. So having that being discounted would be unlikely.

I know Visa had their visa verified program and I recall certain cards offering one time tokens for online purchases. But never really saw them take hold...

Battery111
Centurion Member
Centurion Member
 
Posts: 284
Joined: Wed Apr 09, 2014 9:40 pm
Location: Lawton, ok

Postby Battery111 » Sat Nov 22, 2014 2:55 pm

But at the same time I could see ongoing merchant costs go down. Because it would essentially make every charge online a card present transaction, I would think this would reduce their fees to process due to lower likelihood of fraud. However, you make a good point. No idea what would be required to implement. Also have a hard time seeing Amazon switch to only allowing EMV payment, so it certainly wouldn't end fraud. However, I would feel better every time I shop online (which is frequently) that an unscrupulous individual somewhere in the chain wouldn't be able to go hog wild with my data. Just because I'm not liable for the fraud doesn't mean it's not a headache to deal with.
Citi AAdvantage Executive World Elite MasterCard
AMEX Platinum
AMEX Everyday Preferred
USAA AMEX
Discover IT
Chase Freedom
Chase Sapphire Preferred
NFCU nRewards Visa

yfan
Centurion Member
Centurion Member
 
Posts: 378
Joined: Wed Jul 09, 2014 5:55 pm
Location: San Jose CA

Postby yfan » Sat Nov 22, 2014 2:57 pm

Because it wouldn't help anything. The only way someone can make an online purchase with your card is for someone to have your card number, expiration date, and either the 3 digit code on the back and/or your billing zip code - which can be as hard or harder than obtaining the physical card. If someone has your physical card, they can of course run it through any machine - attached to anything, chip or not.

Battery111
Centurion Member
Centurion Member
 
Posts: 284
Joined: Wed Apr 09, 2014 9:40 pm
Location: Lawton, ok

Postby Battery111 » Sat Nov 22, 2014 4:55 pm

Yet if someone has my ID card they can't log on as me on a government network because they don't have my pin and it's not indicated anywhere on the card. Of course this would assume a chip and pin configuration. Nonetheless, if I give a waitress my credit card she could jot down all of the applicable info, save the billing zip. In a small town like the one I live in an educated guess could be made for that. Even if not on a lot of my cards they're not that strict on that piece. Assuming the billing zip is out of the equation, I'm likely to notice if they don't give me my card back, and the nature of pki tokens precludes back room cloning. So if they jot down all my info rather easy to shop online unless a physical card needs to be present. It's not foolproof by any means, but to say there's no merit to the additional security seems foolish.
Citi AAdvantage Executive World Elite MasterCard
AMEX Platinum
AMEX Everyday Preferred
USAA AMEX
Discover IT
Chase Freedom
Chase Sapphire Preferred
NFCU nRewards Visa

whit
Centurion Member
Centurion Member
 
Posts: 508
Joined: Tue Aug 13, 2013 10:04 pm
Location: ca

Postby whit » Sat Nov 22, 2014 5:50 pm

Battery111 wrote:Yet if someone has my ID card they can't log on as me on a government network because they don't have my pin and it's not indicated anywhere on the card. Of course this would assume a chip and pin configuration. Nonetheless, if I give a waitress my credit card she could jot down all of the applicable info, save the billing zip. In a small town like the one I live in an educated guess could be made for that. Even if not on a lot of my cards they're not that strict on that piece. Assuming the billing zip is out of the equation, I'm likely to notice if they don't give me my card back, and the nature of pki tokens precludes back room cloning. So if they jot down all my info rather easy to shop online unless a physical card needs to be present. It's not foolproof by any means, but to say there's no merit to the additional security seems foolish.



That's interesting, just a few months ago I was talking with a government employee and we kinda laughed and lamented over how security on systems can get so tight these days, like 10 different passwords, one for each different program you log on and they require you to change it ever x weeks, x months, and of course on different time lines..so you can never get away with using the same password for all unless you reset the others ahead of time and even than that means making the password changes a lot faster and kinda defeats the purpose

I didn't see him with his id but maybe it has a chip in it too

I know the military US does have IDs with gold chip, I didn't realize you can buy with the chips and it's just more than an ID--my ID has a chip too (I'm U.S. citizen but borne elsewhere)

This integration may happen sooner than later but not as soon as you'll like. In other countries, there's a pass that they can travel with and use it to also purchase food and stuff (as a payment system) without a mag stripe or chip or pin

There's also apps that pay and order at the restaurant..like gopago if anyone knows of it before Amazon brought it



Return to “General Credit Card Talk”

Who is online

Users browsing this forum: Peterhib and 0 guests