 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Wed, 23 Jul 2008 23:53:41 -0400, Sabrina Kilian wrote:
> Jim Henderson wrote:
>> On Wed, 23 Jul 2008 09:37:29 +0200, scott wrote:
>>
>>>> Sure, but in most cases when multiple cards are misused you can trace
>>>> it back to one or more stores if that happens.
>>> Unless the store never puts through the orders on the cards they
>>> steal.
>>
>> That's true, but the store would have to be complicit as well, then -
>> or there'd be serious underages in sales and problems with inventory
>> reconciliation.
>>
>> Jim
>
> Swipe cards on fake reader, and store data on computer. Tell customer
> that the machine is having problems, ask for cash instead. As each card
> approaches it's exp date over the next year, use it for single large
> purchase.
>
> The store wouldn't have to be complicit, the clerk would just have to be
> organized.
I don't know, if a customer didn't have cash with them, they'd not buy
the product, maybe come back later and complain to staff about the
earlier problem. That'd raise flags (once upon a time, I worked retail -
customers complain about the damnedest things).
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Thu, 24 Jul 2008 09:17:59 +0200, scott wrote:
>>> Unless the store never puts through the orders on the cards they
>>> steal.
>>
>> That's true, but the store would have to be complicit as well, then -
>> or there'd be serious underages in sales and problems with inventory
>> reconciliation.
>
> If it's a small 1-man-show store then that shouldn't be a problem.
> Otherwise the "criminal" can just put cash in the register to avoid
> detection.
>
> I always wonder with those chip&pin boxes that everywhere has now (in
> the UK and Germany at least), how do you ever know that the box is
> genuine? Makes me feel like always deliberately typing in a wrong PIN
> number first time, just to see if it correctly states it was wrong :-)
Yeah, that could work, but I do think that if something like that
happened where the clerk swiped the card and then asked for cash, that'd
be a flag in my mind if fraud occurred; unless they delayed before using
the card info for several months.
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Wed, 23 Jul 2008 19:44:48 -0500, Mueen Nawaz wrote:
> Jim Henderson wrote:
>> Ah, I see - I hadn't heard of that before, at least not in this
>> context. Is this what's called the "Visa waiver program"?
>
> No. The original thing was "Special Registration":
> [...]
Interesting, thanks for that info. This is one thing that it's hard (as
a US citizen) to have a perspective on the reality of, since we never are
subjected to that. I can understand why some countries are saying
"what's good for the goose" and implementing similar measures for US
citizens coming into their countries.
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
And lo on Thu, 24 Jul 2008 01:44:48 +0100, Mueen Nawaz <m.n### [at] ieee org>
did spake, saying:
> So it's during the very same fingerprinting session that they've often
> asked for credit card info. Why miss out on an opportunity to monitor
> folks?
And just OOC what legal protection does this non-citizen data have in the
USA?
--
Phil Cook
--
I once tried to be apathetic, but I just couldn't be bothered
http://flipc.blogspot.com
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
> Yeah, that could work, but I do think that if something like that
> happened where the clerk swiped the card and then asked for cash, that'd
> be a flag in my mind if fraud occurred; unless they delayed before using
> the card info for several months.
I meant the criminal puts in cash himself, not asking for it from the
customer. If he's about to go and get $500 from the cash machine or
whatever, I'm sure he can afford to put in $50 to make sure the books add up
;-)
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Thu, 24 Jul 2008 17:18:18 +0200, scott wrote:
>> Yeah, that could work, but I do think that if something like that
>> happened where the clerk swiped the card and then asked for cash,
>> that'd be a flag in my mind if fraud occurred; unless they delayed
>> before using the card info for several months.
>
> I meant the criminal puts in cash himself, not asking for it from the
> customer. If he's about to go and get $500 from the cash machine or
> whatever, I'm sure he can afford to put in $50 to make sure the books
> add up ;-)
Of course, if he were to go straight to the cash machine, he'd actually
have to have the card (I don't think I've seen a cash machine anywhere
that didn't require that) and the PIN (which if the cust is doing a debit
could be captured, but it'd be very hard to say "oh, it didn't work"
convincingly, especially to customer after customer after customer
(depends on how busy the store is).
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Phil Cook wrote:
> And just OOC what legal protection does this non-citizen data have in
> the USA?
No idea. Perhaps the same amount of protection citizen data has. None?
Never thought about it. If they have any information of mine, I just
assume they'll use and abuse it, laws be damned.
--
Feet Smell? Nose Run? Hey, you're upside down!
/\ /\ /\ /
/ \/ \ u e e n / \/ a w a z
>>>>>>mue### [at] nawazorg<<<<<<
anl
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Jim Henderson wrote:
>> Swipe cards on fake reader, and store data on computer. Tell customer
>> that the machine is having problems, ask for cash instead. As each card
>> approaches it's exp date over the next year, use it for single large
>> purchase.
>>
>> The store wouldn't have to be complicit, the clerk would just have to be
>> organized.
>
> I don't know, if a customer didn't have cash with them, they'd not buy
> the product, maybe come back later and complain to staff about the
> earlier problem. That'd raise flags (once upon a time, I worked retail -
> customers complain about the damnedest things).
>
> Jim
Do it to the first customer every morning when you work at aisle X.
Check that the machine is always the same, switch routines when the boss
changes the machine. If all the clerks are in on it, have them do the
same. Make it a technical problem, not a human problem. By the time the
machines are replaced, you have the data and move on.
The other choice is one card, completely at random, and never copying
another again. Wait 6 months to a year (or more) to actually use it.
Sure, the customer gets a little annoyed and maybe watches their
statements for the next month or two. In a year, they will be watching
something else that annoyed them if they are that type. But, the price
is that any detailed analysis would show that all the victims had made a
purchase at 'S MART' in the last how ever many months.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
And lo on Fri, 25 Jul 2008 00:57:59 +0100, Mueen Nawaz <m.n### [at] ieeeorg>
did spake, saying:
> Phil Cook wrote:
>> And just OOC what legal protection does this non-citizen data have in
>> the USA?
>
> No idea. Perhaps the same amount of protection citizen data has. None?
> Never thought about it. If they have any information of mine, I just
> assume they'll use and abuse it, laws be damned.
Skimming through on this subject it appears that PDR data is held securely
and is accessible only to people with any form of tenuous link to the
government whatsoever.
--
Phil Cook
--
I once tried to be apathetic, but I just couldn't be bothered
http://flipc.blogspot.com
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Fri, 25 Jul 2008 06:29:41 -0400, Sabrina Kilian wrote:
> Jim Henderson wrote:
>>> Swipe cards on fake reader, and store data on computer. Tell customer
>>> that the machine is having problems, ask for cash instead. As each
>>> card approaches it's exp date over the next year, use it for single
>>> large purchase.
>>>
>>> The store wouldn't have to be complicit, the clerk would just have to
>>> be organized.
>>
>> I don't know, if a customer didn't have cash with them, they'd not buy
>> the product, maybe come back later and complain to staff about the
>> earlier problem. That'd raise flags (once upon a time, I worked retail
>> - customers complain about the damnedest things).
>>
>> Jim
>
> Do it to the first customer every morning when you work at aisle X.
> Check that the machine is always the same, switch routines when the boss
> changes the machine. If all the clerks are in on it, have them do the
> same. Make it a technical problem, not a human problem. By the time the
> machines are replaced, you have the data and move on.
>
> The other choice is one card, completely at random, and never copying
> another again. Wait 6 months to a year (or more) to actually use it.
>
> Sure, the customer gets a little annoyed and maybe watches their
> statements for the next month or two. In a year, they will be watching
> something else that annoyed them if they are that type. But, the price
> is that any detailed analysis would show that all the victims had made a
> purchase at 'S MART' in the last how ever many months.
Yeah, there's always ways to make it more difficult to track down....
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
|
|
