Reply to: Better on-line credit card security system coming soon

Nationwide sent me some card-reader type of unit. Which when I'm making a online purchase - or using their website - I have to use to respond to questions - Kinda like a RSA Securid

Ah, but I think with this new card the codes are generated by the card without necessitating a reader, or it being being connected to a remote site (aside via the retailer in the normal way). This does mean that the cards will get cracked sooner or later though. I imagine that websites will generate a transaction code, but technical details aren't given on the page I looked at. If not, it would work even simpler, just type in a pin and the machine will generate a code that you type in instead of the CCV number on the back of the card.

Get card reader and card
Enter transaction on PC.
Insert card in reader, when ready:
Press whichever button the web site tells you to.
Press OK
Enter PIN
Press OK
If PIN fails, start to sweat and repeat REALLY slowly and carefully, snapping at anyone who speaks in the vicinity and puts you off
Enter amount
Press OK
Copy code from reader to PC
OK on web site.

That's one done; repeat etc.

It probably really doesn't take long but it sure seems to.

Hmm, it seems that (earlier) derivatives of this scheme are in more widespread use than I realised. Why does keying a pin code on a credit card and entering a generated security code take so much extra time?

If they're like the Nationwide one, they're a pain in the A$$

Used to take me 20 minutes to do my monthly bills, now it's the best part of an evening...

I'm sure they're driving it this way to make you use Direct Debits

Anyway, if they've dreamed this system up, then you can bet that the theives will be dreaming up a way to nobble it tonight!

Yeah - I've got 2 of 'em - Barclays and Natwest..

Yep, it;s just like the Barclays one. It's a fecking pain in the ass though.... Jesus all I want to do is view my balance and transactions and I have to ass about with this thing... drives me bonkers. In fact it's a minor miracle I haven't lost it yet

Please note, what is being discussing above does not relate to the new system to be trailed next year, as linked to in the original post.

If someone shoulder surf's me entering my pin number into one of those cards, and they steal my card, would they be able to make internet transactions with my details? Heh.... I haven't bought into it yet, but I guess I'll have to be extra vigilent when I use my card in public places.

The idea is that you only put a little money on it. It's an electronic purse/wallet - with the same security as a purse/wallet. As soon as you put money on it, it's deducted from your account. The merchant is guaranteed payment. If it's nicked, you lose whatever was put on it. But nothing else. What you gain is not having a pocket filled with change, and faster transactions.

But as I said - no-one I know uses it!

That looks quite similar to the units issued by Barclays, it's a bit of a variation on the old SecureID dial in authentication technology.

For that matter the credit card with display and keypad looks quite similar too.

A step backwards for me and most people who spen time in several countries: it only works on cards from that country. My Swiss and French cards didn't work in the Rabobank canteen in Holland. My French card worked for parking in Paris but my Swiss one didn't. Etc.

Well I can't see any added value in it above being a normal PIN card without any security. The only thing is it's the only way to pay in the canteen and the station car park, so I'm forced to use it.

I have that built into my EC card. You can load a balance onto it, and then, any place where you can use an EC card, you can just insert into the card reader, and then go (no pin, no signing). Supposed to be for small transactions. I never use it, and don't know anyone who does. Cash for small/medium transaction, card for all others.

Yep. This system supersedes that 3 digit code on the back of our present credit cards, mainly to counter card-not-present fraud.