I’ve seen news reports of checks going through when the person had written, “I will not sign this” in place of their signatures. I assume that clerks half-assing checking the signature on the back could let that slip through, too. Therefore, I “XXXXXXXXXX” out the signature area. If any clerk glances at it, it’s immediately clear that there’s no signature there.
I do sometimes get asked for my card even when swiping it myself. I don’t keep track, but probably less than a half dozen times a year.
The big problem with computer hacking is fraudulant card-not-present transactions, that is, internet transactions.
And the problem the chip does address would exist even if there was no computer hacking.
The problem with swipe cards is that you can’t verify the card. It’s a technical issue, and it’s got nothing to do with verifying the identity of the card user.
Internet transactions do make up the vast majority of credit card transactions (especially in Europe where paying by credit card isn’t as common as it is in the U.S.). Chip and PIN and just plain ol’ Chip and Signature cards offer no protection for on line transactions.
However, again the main issue (at least in the U.S.) isn’t a crook paying with a stolen or fake credit card. It’s someone hacking into the merchant’s computers and stealing credit card numbers en masse. Even then, the main cost isn’t the fraud. That’s usually caught pretty quickly. Stolen credit card numbers don’t age well. The big cost is closing accounts and reissuing the stolen cards. Remember Target is paying almost eight times more to Visa to settle the cost of reissuing credit cards than for the actual fraud.
Fortunately, there are several solutions to this particular problem:
[ul]
[li] Use an independent credit card processor like PayPal: The bankcard networks are starting to push merchants to use these types of networks, and even offering discounts for those who do. A company like PayPal knows how to secure its information while even large non-financial companies may not. A security breach at Target is embarrassing. A security breach at PayPal is a corporate death sentence. PayPal has a lot of incentive to keep hackers out.[/li][li] Apple Pay to the Rescue!: There are two aspects of Apple Pay. The first is the NFC mechanism where people like me wave their phones or watch and think they look real cool because they are paying by phone or watch unlike the rest of you dark age peasants who still have to pull their credit card out of their wallets as if it’s 1985. There is also a part of Apple Pay where you can pay over the Internet. Apple Pay uses a secure element inside the phone to store credit card numbers. This information cannot be read by the standard OS libraries. Instead, a temporary one time credit card number is generated for the transaction. This happens when a technodickhead waves his Apple Watch at the reader, but it can also happen when a user uses their Apple device with the secure element to pay a merchant over the Internet. Right now, this only works for the iPhones 6 or better and the latest iPad Air. It also only works if the webpage or app has been setup to use Apple Pay. It is expected that Apple will expand the use of Apple Pay to their other devices. And, once Android Pay (the successor to Google Wallet) comes on line, Android devices and maybe even Chromebooks will be able to use Android Pay over the Internet.[/li][/ul]
Does it really matter if the credit card is signed or not – even if the official policy is that they’re supposed to be signed? I have a feeling that the official policy was put in place many years ago, and no one bothered (or had the guts) to change it.
If someone says there’s a purchase on their account they didn’t make, 99 40/100% of the time, the credit card issuer simply removes it from the bill as the cost of doing business. The most they’ll do is send over the receipt with the signature, and then ask the customer if they’re sure. They don’t bother looking at the signature on the card. They don’t even charge back the merchant.
It might be a bit different if the purchase was a Lamborghini, but if someone has a Lamborghini in their driveway, and then claims they didn’t make that particular credit card purchase, MasterCard is not going to compare the signature on the receipt to the card to determine whether the charge was fraudulent or not.
The vast majority of credit card charges take place on line where there’s no signature and no chip verification. Being pendant about the signature wouldn’t make sense no matter what the official policy is.
Besides, on my credit cards, that’s where the CID code is (the three or four number code that Internet purchases are suppose to add). If I signed my card, I’d cover up the CID and I wouldn’t be able to read it.
