[colug-432] OT: in pursuit of more secure POS transactions

Rick Hornsby richardjhornsby at gmail.com
Fri Sep 11 14:45:25 EDT 2015

> On Sep 11, 2015, at 13:32, tom <thomas.w.cranston at gmail.com> wrote:
> I just got a card with the chip. My understanding is that the credit 
> card company takes the responsibility if the card # is hacked, stolen, 
> etc if the merchants device reads the chip. If the device does not read 
> the chip, but only reads the swipe, the merchant is responsible for any 
> loss.

I’m not aware of any major changes to the financial loss responsibility, but I haven’t followed the PCI rules too closely.

> I have been seeing TV adds that claim your chip card can be read 
> by criminals with a device in your proximity.

I should have been more specific about what kind of chip I was referring to.  This is not an RFID chip, it is a similar type of chip found on the front of a CAC:


It can only be read by direct electrical contact.  I don’t know what the chip is called specifically though.

You’re right that RFID chips can be read by scanners.  RFID chips in cards are most commonly found in the type of card you wave to unlock a door.  HID is one of the big vendors.  Passports also use RFID chips now.  When I carry my passport around, *that* stays in the type of shielding that blocks proximity reads.

More information about the colug-432 mailing list