All we need is an easy explanation of the problem, so here it is.
Credit cards (and debit cards) are used in three different ways:
- In person + pin. The seller requires me to insert my card with the chip and input the PIN number to complete the transaction.
- In person + tap. Under $50 a simple tap would do.
- Not in person. Online or over the phone, the chip is not being read and no PIN is requried.
Why this “double-standard”?
How to solve :
I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.
With cardholder-not-present transactions, if the transaction turns out to be fraudulent, the retailer has to refund the money. With Chip and PIN, the retailer gets to keep the money, and either the bank or the cardholder bears the loss of the fraudulent transaction, depending on whether the cardholder has told anyone else their PIN or not. So retailers want to use Chip and PIN where they can, to protect themselves against fraud. Obviously, they can’t use it for online transactions, so they have to accept the risk for those transactions.
It’s a question of cost and benefit for the seller and the card holder.
A stolen/lost credit card:
- cannot be used in caldholder-present transactions (unless the PIN was revealed)
- can be used in caldholder-not-present transactions, but the owner of the card will be reimbursed thanks to the credit card insurance.
In this setting:
- The seller always gets his money, so he’ll always respect credit cards;
- The owner of the card never loses money (unless fails to block the card within reasonable time), thanks to the insurance;
- The theif gets away with the stolen money, unless his attempted transaction is suspecious (atm abroad, suspecios purchasing pattern).
In the future, if a certain standard would be adopted worldwide, online/phone transactions would become more secture. For example, if every laptop and every smartphone will be able to read the chip.
For Chip & Pin to work online, the customer would need a pinpad plugged into their computer. In some European areas, the bank will provide a pinpad so the card can be used online with the added protection.
It’s a case of somebody absorbing the cost to use the technology for the added security.
For card present transactions, it’s pretty easy to get the merchant to absorb this cost.
Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂