Fraud attempt

No. Do you know anything about using a credit card online or over the phone?

Try looking it up in Wikipedia, man.

Or, if you can't manage that:

Computer says "yes" quite often - there is no way to verify the PIN, there is no way to verify the signature. The only verification is that the card is valid - which just means that the number and expiry dates are good.

Now, you are aware that the ID system holds your current address?

So you have stated a problem I have stated how the ID system deals with that.

...

next?

Ummm - no, actually, you haven't. You've said that the ID card would hold my address. How is that going to stop a fraudster using the card in a card holder not present transaction?

If a fraudster is using a card over the phone - at what point are they going to be asked to enter their ID card so that the address can be checked?

There is no answer - if the card holder is not present, then having a system which requires an additional card makes no difference, regardless of what information is held on the card.

The card could have every possible detail about me, my lifestyle, my shopping, everything - but it is not going to stop fraud where the card holder does not have to physically present the card.

The typical MO of the frauster is to change address, the ID card has to have your latest address.

You are missing the point. You have popped up here claiming the government ID cards scheme will prevent credit card fraud. I contend that not only will it not do that, it will divert scarce Police resources away from the real crimes and issues and into chasing up people like me who will do their best to obfuscate the system.

There are many things banks and credit card companies could do if thy were serious about stopping it - Barclays were trialling a card with "rolling" number, so knowing the card number and expiry date won't help a thief - I don't know the outcome, but that's one example, there are others. The simple reason banks aren't more secure is that they don't want to spend the money - they'd rather refund the victims than address the issues.

I have also already said that I support the beefing up of passport, birth certificate and driving licence application procedures.

The government ID scheme offers me nothing but expense, inconveinence and an increased risk of data loss.

As for the address question - how many million addresses will be in the database? Every one of us will be responsible for letting the civil servants know when we move. The only similar operations are the DVLA and HMRC, neither of which have covered themselves in glory with regard to speed or accuracy, and there are millions of vehicles on the roads not registered to anyone - there is a theoretical fine for not telling the DVLA when we move - but is anyone ever prosecuted? And yet, miraculously, all this data will be reliable and up to date under the new system? Not a hope.

Maybe I'm missing something in your argument.

Fraudster uses my stolen / cloned / borrowed credit card (or just the details written down) in a CNP transaction. They aren't interested in stealing myID, just getting some money or goods to sell on. They order something over the phone or fax or internet, and the transaction goes through. (A few years back, I had someone charge a Canadian Pay TV subscription to my credit card, despite my not visiting Canada since 1986).

I also have an ID card which has my address, fingerprints and DNA stored on it (I don't care what information is on there - so assume that the ID card holds all information about me from birth to the current time, excluding my current location).

How does me having an ID card stop the fraudster?

I have had a few beers now and I would like to discuss the points in the whole post you posted tomorrow on clientCo time

I have always proposed a fingerprint database linked in with the passport system, feck it's about 10 extra columns on an existing database and then we make passport numbers linked with hand prints compulsory to access basic government and banking services. Passports are not compulsory as such.

You claim to be a Peoplesoft bloke, that is not much more than what you ask of your users.

I have never claimed the ID system introduction as presented was a good idea, I do claim that an ID system is totally necessary.

OK I'll bite. They put devices inside the front of ATMs that read your card. i.e. not extras bolted on the ATM, that's old school, they remove part of the ATM, where they find a nice gap, and install their devices. They don't need much space, these things are small. These devices then video/audio and/or an overlay keypad for your key presses. They get their data back via a blue tooth connection, and get their power from a long life battery or by connecting up to the device to check no one has pulled the entry slot off the front of the ATM to install a cloning device FFS!

It is miniature, designed for purpose, seriously expensive kit, but like I say, these guys buy in bulk.

Not only can they clone swipe cards they can copy Chip n Pin too.

Really good money to be made, so it is very profitable for them.

Not much of an extension to do the same for finger print readers or iris scanners.

Remember these chummies are far better resourced than the bank security departments set against them, so anti fraud attempts are nothing but rather trivial passing annoyances: only providing a little passing amusement for chummy-techie doing the workaround, who generally has already considered it as a next step and has the solution waiting .

HTH