CREDIT CARD TECHNOLOGY - COTA NSW

							                                                                                                July 2012




CREDIT CARD TECHNOLOGY
The concept of paying by credit has been around for over one hundred years.
According to Encyclopedia Britannica, "the use of credit cards originated in the United States during the
1920s, when individual firms, such as oil companies and hotel chains, began issuing them to customers."
However, references to credit cards have been made as far back as 1890 in Europe. Early credit cards
involved sales directly between the merchant offering the credit and credit card, and that merchant's
customer. Around 1938, companies started to accept each other's cards. Today, credit cards allow you to
make purchases with countless third parties.
www.inventors.about.com/od/cstartinventions/a/credit_cards.htm

In Australia, after much research and planning, a lengthy market analysis and the solution of many
problems unique to Australia, the major banks were finally ready to launch their credit card. The Australian
banking environment was heavily regulated at the time, so many talks with the Reserve Bank of Australia
and the Federal Treasury were necessary before the Reserve Bank gave approval in 1972.
www.bankcard.com.au/history.htm
Up until now, we have been using credit cards with our information stored in a magnetic stripe across the
back of the card. All we need to do is pass the card through a scanner that can read our information and
then match it to a personal identification number (PIN) or give our signature for proof of identity and
security reasons.

How does it work? The magnetic stripe is made up of iron-based particles in a plastic-like film.
Information can be recorded because the tiny particles can be magnetised to either north or south pole
direction. The back of the card is very similar to a piece of cassette tape. In fact, a reporter from an
American site conjectured that “A crafty criminal could conceivably use a cassette-tape recorder to make a
copy of the sensitive financial data encoded on a standard credit card’s magnetic stripe.”
www.securitynewsdaily.com/magnetic-stripe-credit-cards-on-way-out-0695/
More and more we are seeing reports on the news about credit card skimming operations. Magnetic stripe
readers can easily be purchased over the internet; one site even suggests you could make one yourself for
under $40. With that in mind security has to improve. Enter the contactless ‘Tap and go’ PayWave or
PayPass cards. These microchip imbedded cards are replacing the old magnetic stripe cards.

How are microchip embedded cards safer?
The microchip can store encrypted confidential information. Encrypting, coding, and/or ciphers have been
used for many years. Simple ciphers include the substitution of letters for numbers, or the rotation of
letters in the alphabet. Credit card encryption works in much the same way; technology uses a complex
code to temporarily translate your credit card number into something entirely different and inaccessible to
would-be criminals. Today's technology employs complicated algorithms to assign ciphers intended to
protect the owner of the credit card. Another complex algorithm is then needed as a key to decode the
information, so that vendors can charge the account for purchases. www.ehow.com/info_7765005_credit-card-
encryption.html#ixzz1RHch9jxH
‘Tap and go’ cards have been programmed to allow only limited ‘contactless’ purchases of under $100
(McDonalds food outlets placed a limit of $35), after which a PIN number or signature must be supplied. A
‘contactless’ transaction can only be completed if it is within range of another device that is uniquely
paired to this technology. Presently the terminals for scanning chip cards are available only at selected
food outlets,
ie: 7-Eleven, Red Rooster, Boost Juice, McDonalds, Sumo Salad, and some Foodworks and IGA stores, as
well as the supermarket giants Coles and Woolworths.
Cards need to pass within 10 cms (4inches in old measure) of a terminal, each transaction has a unique
one-time security code attached to it, which makes counterfeit production of any details much more
difficult. Also the card never leaves your hand, which prevents anyone else from seeing the account
number and name on the card. www.popularmechanics.com/technology/how-to/4206464
www.creditcardfinder.com.au/anz-chip-card-increasing-securit.html

What are the Security risks?
While credit card chips are immune to skimming at present, if criminals find a way of reading and decoding
the information in the future, metal lined sleeves, wallets or purses will stop this function. Until that time,
you could try placing a folded piece of aluminium foil into your purse or wallet as added protection.
www.money.howstuffworks.com/personal-finance/debt-management/blink3.htm
As with any credit card the main security risk, is if your card is stolen. With a ‘Tap and go’ transaction,
theoretically if your card never leaves your hand it will be harder for someone else to take, or to be put
down on a counter or misplaced, etc.
Also, if a scan is accidentally duplicated at a terminal, most financial institutions say you won’t be charged
double. All ‘tap and go’ transactions have a spending limit of under $100 after which a PIN number or
signature must be supplied, as with any credit card transaction.

These cards have been in use in Europe and Canada for many years now, and statistics show that the
incidence of credit card fraud has been markedly reduced. In Australia, skimming fraud on Australian cards
has dropped 24 per cent over the last financial year to June 2011. www.news.com.au/money/money-
matters/take-charge-of-credit-card-fraud/story-e6frfmd9-1226074116235

What to do if your card is stolen or there is an unauthorised transaction?
Firstly, it is very important to always check your statements for any transactions you do not recognise. If
you lose your card, or feel unsure of a transaction, it’s important to get in touch with your bank/financial
institution as soon as possible.
The procedure is normally that your card will be cancelled immediately so no more charges can take place.
You will be sent a new card which will usually arrive in 7-10 business days. While this may be extremely
inconvenient, it is better than the alternative: having your credit card number out there for anyone to use.
Your bank/financial institution can investigate the transaction(s) on your behalf, which may take up to 6
months to resolve.
In some circumstances the bank/financial institution will consider that you are financially responsible for
the transaction if:
     a) On the balance of probability, you contributed to the loss; for example, writing your PIN on your
         ATM Card or on a document you keep with it.
     b) In the case of unauthorised credit card transactions, you delayed unreasonably in notifying the
         financial institution of the unauthorised transaction(s).
If the financial institution is claiming you are liable for an unauthorised transaction you should seek legal
advice. www.cclcnsw.org.au/fact-sheets/banking/unauthorised-transactions/

Safety precautions:
* Keep your PIN or password secret. Do not use a PIN someone could guess, for example your birthday or
part of your name.
* Never write your PIN or password on your card or on a document kept with your card. If possible
memorise your PIN and do not write it anywhere.
* Do not let anyone see you entering your PIN/password at an ATM or EFTPOS machine; for example,
place your hand over the keypad.
* Immediately report any irregularity to your bank, such as a merchant who passes your card through
more than one piece of equipment, or retains your card for an unreasonably long period when accepting
payment. www.cclcnsw.org.au/fact-sheets/banking/unauthorised-transactions/