Whenever I pay for a meal at a restaurant, the server wanders into the back with my card for several minutes, which is more than enough time to copy down the card number, plus the Card Security Code, and maybe even make a copy of my signature. I generally don't know those people from Adam.
In the UK at least, everybody has the wireless card machines or you go to the desk and do it. You generally don't lose sight of your card even before the change to chip & PIN.
I'm not opposed to additional security, but it's kind of ridiculous to close the barn door when the fourth wall hasn't even been constructed yet.
I'm just puzzled as to why you'd automatically trust the device to be secure. The security on all the devices that Square supports has been thoroughly broken and absolutely anything could be running on it. It isn't restricted to people with the skill and knowledge needed to do so either. Anybody can do it if they follow some basic tools.
The real card machines are closed systems which have security measures to in theory prevent the leakage of your data and any tampering. I can be fairly certain that the card machine doesn't have any extra software added that may interfere with operation. I know that some of these machines have had proof of concept attacks on them but it is extremely unlikely that these will be widespread in the wild due to the requirement of physical modification.
Dignan argues that you should just get a decent CC company but I'd prefer to not have to deal with the stolen CC ordeal in the first place. It has happened to me once before years ago and it took me quite a bit of work to get it all completely sorted out.
Previous Topic
Index
