this post was submitted on 03 Dec 2024
288 points (97.7% liked)

Comic Strips

12981 readers
1598 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 2 years ago
MODERATORS
 

Three days before Thanksgiving, someone was trying to steal peoples food stamps.

you are viewing a single comment's thread
view the rest of the comments
[–] ArbitraryValue@sh.itjust.works 66 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

This became a big problem in New York a few years ago. Thieves would put skimmers on top of the card readers at supermarket checkouts and then drain the food stamp accounts of people who went through those checkouts. The state initially refused to compensate victims despite the fact that this wasn't even a scam that someone could chosen to avoid. The only safety measure was to try and disassemble the card reader to see if there was a skimmer that would come off.

Eventually politicians changed the policy and compensated people after there were so many cases of theft that major newspapers were writing about it. I don't know if theft is still frequent but less talked-about because victims get compensated, or if the authorities managed to put an end to it.

I'm not surprised that criminals would do such a thing, given that they do so much worse.

[–] yetAnotherUser@discuss.tchncs.de 39 points 3 weeks ago (2 children)

What shitty system even allows this to happen? It's not like the microchip in credit cards that allows for secure transactions is particularly expensive.

Small addendum because I looked it up:

Apparently checks aren't the only ancient aspect of the US banking system. Chip cards have apparently only come around in the past few years, prior they used the insecure magnetic strip cards that can literally just be copied.

[–] CrazyLikeGollum@lemmy.world 24 points 3 weeks ago (2 children)

Also, the chips aren't that much better than the stripe. It's harder to clone the chip and much harder to do en masse, but far from impossible. On top of that, the measure that is supposed to prevent cloning from being viable is almost never actually required, that being the PIN.

It's called "Chip and PIN" for a reason. It's a 2FA system where one of the factors just isn't required and the other can be readily compromised. It's baffling how we have a functioning system for digital payments when seemingly no one is willing to properly implement and then use a secure standard.

[–] NotSteve_@lemmy.ca 15 points 3 weeks ago (1 children)

I travelled to the US from Canada recently and was super confused when I didn't need to enter my PIN. Was also really confused about giving away my credit card to bartenders

[–] abbadon420@lemm.ee 7 points 3 weeks ago (1 children)

At least credit cards are... on credit. You can usually just stop a transaction if someone makes unauthorised use of your credit card. If this also happens with debit cards, your in more trouble. Than the money is just gone.

[–] davidgro@lemmy.world 2 points 3 weeks ago

Fortunately in the US debit does generally require the PIN and always has even before chips.

[–] dan@upvote.au 1 points 3 weeks ago (1 children)

Tap to pay is much safer though.

[–] CrazyLikeGollum@lemmy.world 1 points 3 weeks ago

Not if you're using your card. The card can still be cloned with a few seconds of physical access. Also, with a card, there's no PIN verification with tap to pay and no signature requirements. Because of that most countries have transaction size limits for tap to pay. Usually in the $50-$100 USD range. The US, notably has no such limits. So, if someone steals your card they can use it up to your balance/credit limit, or up to the transaction limit your bank sets, typically about $10,000 USD.

Tap to pay using a phone, apple watch, or similar device is more secure because they have actual 2FA and generate unique payment information for each transaction on top of the already existing encryption of the transaction data. Additionally, cloning the underlying payment info would require being able to access the secure enclave on the phone.

[–] Irelephant@lemm.ee 3 points 3 weeks ago (1 children)

On some revolut (finance app, popular in ireland) cards the magenetic strip is disabled by default.

[–] dan@upvote.au 1 points 3 weeks ago* (last edited 3 weeks ago)

Mastercard started removing the magnetic strip from new cards this year in some European countries, and want to completely remove it worldwide by 2029.

In the US, I've actually got one card that doesn't have a magnetic strip: a debit card for Target stores (gives 5% discount for every purchase which is why I have it).