9:04 pm
December 1, 2016
5:40 pm
February 17, 2013
fabafter50 said
I wouldn't be in any hurry to get this card based on my experience.
I was approved for the card and used it in the U.S. in August.
On August 22nd received both a call and an email notifying me of 4 likely fraudulent purchases on my card (from U.K., Russia)
I immediately called back and confirmed that the 4 purchases totally over $800 were NOT mine, and the card had been in my possession at all times. I was assured a dispute would be issued and the charges would be cleared from my account before my next statement. I checked my account online on Sept. 6th and the charges were still showing so I called customer service and reiterated what had happened. I was assured it just takes a bit for the charges to disappear but would definitely not be on my next statement. I got the statement on the 17th and they were still there. After an hour and a half of phone calls to three different areas, dispute dept., fraud department and customer service, it was determined that the charge dispute was never initiated. Someone dropped the ball bigtime.
I had to file the dispute myself almost a month after they called me to tell me about the fraud and ensure me they were looking after it. After talking to the three departments it was clear to me that the left hand doesn't know what the right hand is doing. I'm still waiting for these charges to be removed, and have to wait 15 days for them to send a letter that I have to return before they will. Snail mail. Seriously????
I have no confidence in this credit card company and will be cancelling it as soon as this disaster is sorted out.
I just got a Brim card which serves my purpose perfectly.
I think it would be pretty hard to blame the CC Co for your card getting compromised. The onus is on the merchant to make sure that terminals are not tampered with, and no one is immune. Skimming technology has come to the point of inserting a paper thin piece of plastic that is barely detectable unless you examine it very closely. That is where tap has the advantage. I am not aware of any POS tech that can read tap at the terminal, although it can be intercepted by an RFID reader just by walking by someone trying to steal your info. Nothing is 100% safe and consumers must also do their due diligence (I now have a RFID proof wallet).
I noticed a pending charge from Europe a few years back, and notified Tang M/C immediately. Still had to jump thru their hoops and it took weeks to get it reversed. Can't say I blame them... would want to make sure it was legitimate before I issued refunds for thousands of dollars. DO blame them for letting a single charge go thru from the other side of the world when I hadn't advised them of any travel plans.
Do hope they upgrade to tap sooner than later though. Lot of room for improved features, but not regretting using HT card at all. It has saved me a lot in ForEx fees, which is the ONLY reason I have it.
5:43 pm
December 1, 2016
7:54 pm
October 21, 2013
11:05 pm
February 17, 2013
4:28 am
October 11, 2015
4:44 am
December 17, 2016
Ah yeah, the ubiquitous RFID sleeve/wallet solution looking for a problem - it's not a CRA telephone scam but it runs a close second -
1. They’re going to steal my data with long-range RFID readers
We understand why you might be concerned over your personal data security, but with contactless payments you don’t need to worry about any long-range data extraction techniques. It’s impossible to use long-range RFID readers in this way, as a contactless card can’t be wirelessly connected, let alone tampered with, from any distance greater than 4 centimeters away. So, you can rule that one out.
2. Contactless skimming with close range readers
In this myth, a cunning Artful Dodger has acquired an NFC reader, which they use to clone contactless cards in someone’s pocket or bag in crowded public spaces. It’s impossible to clone a contactless card in this way – only a POS terminal, provided by a partnering bank, can communicate with the card in a meaningful EMV way, meaning completing a payment transaction. In the unlikely event a fraudster was using a genuine POS, they’d be caught out and show up on the processing network. No need to worry about pickpockets!
3. Losses are larger with stolen contactless cards
Contactless transactions don’t need a PIN code for low payment amounts, so there’s a misperception that a lost or stolen contactless card might result in greater financial losses. In fact, losses would probably be very low indeed, as after a certain number of transactions, you need to reset the card with chip and PIN. In addition, providing you report a card as stolen or missing, your issuing bank will reimburse you for any money lost. And, remember, the PIN will still protect the cardholder for large transactions.
There’s no need to worry about contactless payments – they’re perfectly safe. And as you never have to let go of your card during the transaction or let it out of your sight, your card can’t be quickly cloned by an unscrupulous merchant.
5:33 am
October 21, 2013
6:11 am
December 17, 2016
Loonie said
It would be nice if we had some solid reason to believe this blog poster.
REALLY ... heard of any outbreak of card carriers being ripped off by scoundrels waving around RFID/NFC devices - the classic place for them would be on crowded public transport YET the silence of such occurrences is deafening.
6:42 am
December 1, 2016
Top It Up said
REALLY ... heard of any outbreak of card carriers being ripped off by scoundrels waving around RFID/NFC devices - the classic place for them would be on crowded public transport YET the silence of such occurrences is deafening.
Although I work in IT and not a cyber security expert by any means, but I do believe it’s possible close NFC readers can acquire your data. It is my understanding, that even if they were successful at getting your confidential data they can’t do anything with this data, which is why the chances of this happening is so unlikely. An individual would have to be extremely motivated to want to spend countless hours (weeks and at times months) to duplicate the data on a dummy card because of the large algorithmic requirements that the card goes through each and every time it needs to authenticate it to be activated, that is, used.
Getting people’s encrypted data is possible, it’s the decrypting part that’s the challenge, but I agree that it is far more likely to happen at rigged POS terminals or ATMs but even then it has to be authenticated when being placed on a dummy card - in laymen’s terms, you can’t just “copy and paste” the data - it won’t work.
Here’s an example of riggered ATMs
Again, not 100% sure, but it is my understanding.
6:46 am
October 11, 2015
2:17 pm
October 22, 2015
Rick said
I think it would be pretty hard to blame the CC Co for your card getting compromised. The onus is on the merchant to make sure that terminals are not tampered with, and no one is immune. Skimming technology has come to the point of inserting a paper thin piece of plastic that is barely detectable unless you examine it very closely. That is where tap has the advantage. I am not aware of any POS tech that can read tap at the terminal, although it can be intercepted by an RFID reader just by walking by someone trying to steal your info. Nothing is 100% safe and consumers must also do their due diligence (I now have a RFID proof wallet).
I noticed a pending charge from Europe a few years back, and notified Tang M/C immediately. Still had to jump thru their hoops and it took weeks to get it reversed. Can't say I blame them... would want to make sure it was legitimate before I issued refunds for thousands of dollars. DO blame them for letting a single charge go thru from the other side of the world when I hadn't advised them of any travel plans.
Do hope they upgrade to tap sooner than later though. Lot of room for improved features, but not regretting using HT card at all. It has saved me a lot in ForEx fees, which is the ONLY reason I have it.
I didn't blame the credit card company for the compromise in the slightest. It's happened on other cards as well.
I do blame them for the way they handled it, or in this case handled nothing.
Any other card I've had that is aware of fraudulent charges either by notifying me, as Home Trust did, or by me notifying them, has wiped them off the card immediately and then investigated it. I still have over $800 of fraudulent charges sitting on my account for 6 WEEKS!!! Most disorganized credit card company I've ever dealt with. All departments, fraud, disputes and customer service are completely separate entities and none know what the other has done, or in my case, not done. That is the issue.
6:21 am
December 17, 2016
moneyhelp said
Here’s an example of riggered ATMs ...
TRUTHFULLY ... that scene shot in DT Vienna looks contrived as hell but irrespective of that, there ain't NO protective wallet or sleeve that will save you from a skimmer or a shimmer at an ATM or POS terminal JUST good old common sense about your surroundings.
--------------------------------------------------
On a side note, you should NEVER use independent ATMs, like Euronet shown in this video, or anywhere for that matter - ALWAYS use bank-affiliated ATMs when travelling for the fairest exchange rates and safest experience.
7:54 am
February 17, 2013
fabafter50 said
I didn't blame the credit card company for the compromise in the slightest. It's happened on other cards as well.
I do blame them for the way they handled it, or in this case handled nothing.
Any other card I've had that is aware of fraudulent charges either by notifying me, as Home Trust did, or by me notifying them, has wiped them off the card immediately and then investigated it. I still have over $800 of fraudulent charges sitting on my account for 6 WEEKS!!! Most disorganized credit card company I've ever dealt with. All departments, fraud, disputes and customer service are completely separate entities and none know what the other has done, or in my case, not done. That is the issue.
See your point Fab. I guess you can't expect Cadillac service from a used car dealership.They are a smaller player and, no doubt, they have their shortcomings. One being their alerts. Tang and RBC will text me while I am still standing at the till, HT notifies me when they actually post the transaction 3 or 4 days later. What's the point? But notifying Tang of a fraudulent charge did nothing to prevent it from going through either.
If the charge has been on for more than a statement period, I presume you haven't paid it and/or any interest? That would be a deal breaker.
11:15 am
December 4, 2016
Loonie said
I'm curious where you got your RFID wallet, Rick. The few things I've seen have been heavy/cumbersome. Did you find something that doesn’t weigh you down?
Probably this:
at least 36 card slots
While searching I also saw this one:
https://www.amazon.ca/JORYEE-Business-Holder-Credit-Black-Carbon/dp/B07BJGBTDZ
Looks kind of neat.
If you're worried you could get a pack of sleeves and use the wallet you have:
This one is also a large wallet:
I get most of my wallets from Ali Express though. Super cheap. Like 4x cheaper.
I do not care about readers.
I put a hole punch in my most used CC and put it on my key chain. I put the punch near the middle, where nothing is and the plastic can hold on a key chain ring.
I leave enough space that I can leave it on my Key chain and insert in a card reader. I can swipe easy to. Works good.
Some draw backs are that it is exposed to readers. Nothing bad so far though. It does get worn faster. The plastic can take punishment though.
11:20 pm
February 17, 2013
Speak of the devil... small charge today (declined) from a jewelry store in Brasil. Someone testing (I assume) to see if it works before running up some more significant charges. Wondering, how it was compromised? Only used it at the same places I have ever used it, (MAJOR retailers) since I got it and linked as a payment method with PayPal and a couple others since February. Maybe HT does have security issues. Will contact them tomorrow and keep a close eye on all my CC accounts.
Going off grid is looking more and more appealing.
4:08 am
December 17, 2016
4:13 am
October 21, 2013
Thanks, User230. I've got lots of ideas now, and eventually I will get around to following up. It can't hurt.
Rick, I wonder if HT's inability to let you set your own pass code might be indicative of an issue for them. Seems antiquated. With most banks or CCs or whatever, one of the first things you'd do if there were a problem would be to change your pass code, but they won't let you - as I understand it. I don't have one of their cards, but, if I did, I think I'd be dropping it like a hot potato at this point. Who needs the hassle?
We haven't had any problems (yet!) with our Rogers card, but it's not our main card and we don't use it a lot.
5:24 am
December 17, 2016
9:15 am
May 27, 2016
Rick said
Speak of the devil... small charge today (declined) from a jewelry store in Brasil. Someone testing (I assume) to see if it works before running up some more significant charges. Wondering, how it was compromised?
When you use your card to pay for something, the validation information is stored within the vendor's payment records. So once you use your card to buy a hammer at Home Depot in Blattsville, Manitoba or buy a pair of pants at Walmart in Bonchance, Quebec, your card data is now out there in borderless cyberspace. So if the Home Depot accounting records get hacked, a whole slew of valid card info (including yours) goes out into the wild where it gets posted/sold to whoever has a mind to buy it. This is exactly how my MBNA card data was leaked out twice over a 3 year stretch. One time was without any consequence to me, but the second time was on a Boxing Day and the lowlifes managed to get almost $3 grand charged to it before it was killed.
So maybe a month or three or more goes by and nothing happens. Then, as you noticed, a typical MO is to ping the card for a small purchase first to see if it's still valid before piling on until the anti-fraud algorithms kick in and shut down the card. Some of those algos are better and faster than others, but in your case a small purchase on a Canadian card out of the blue in Brazil (especially without a travel advisory already on file) would appear sufficiently suspicious for it to be rejected straight up. I say kudos to the card issuer for that.
My point being, don't blame the card issuers, their systems are generally quite secure. OTOH, the retailers you patronize who have your payment info are usually pretty soft targets in comparison, and that's where the mass data thefts are occurring.
Please write your comments in the forum.