Yeah, right. Because signatures always look exactly the same and a layman could decide in seconds if a signature is genuine or not. Good riddance.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Mastercard's Plans to Fully Eliminate Signature Requirement Next Year Will Speed Up Apple Pay
- Thread starter MacRumors
- Start date
- Sort by reaction score
Yeah, right. Because signatures always look exactly the same and a layman could decide in seconds if a signature is genuine or not. Good riddance.
Sure will! Even if it is by five seconds, it will still be quicker.
Mastercard removing the signature requirement won't speed up Apple Pay in Canada, however, as contactless payments aren't generally permitted for purchases above $100. Above this limit, customers must use chip-and-PIN.
They're dropping the requirement for ANY kind of purchase method. Including a physical card.
That's not about supporting Apple Pay. It's about supporting a standard transaction flag that says the cardholder has been verified on device.
Last edited:
Some other insight as to the possible causes:
UK’s Lessons For US Mobile Payments Adoption
The above discusses UK, Austrailia and Canada as compared to the US.
From above link:
...OK, you say, so all we need to do now is hustle up and get contactless POS terminals out there in massive force.
If it were only that easy.
In the U.S., there simply aren’t the same dynamics in play.
Two million contactless terminals today sounds like a great start — until you do the math. There are something like 13 million POS terminals across a massive geography that is the United States, not including mPOS devices.
The U.S. is also a market in which there are 1.2 billion payments cards in circulation, more than 47 billion debit card transactions, more than 26 billion credit card transactions and 209 million adults over the age of 18.
Oh, and something like 14k financial institutions that issue those cards and countless merchant acquirers and ISOs all hawking merchants to deploy new terminals.
It’s a whole lot harder to wrangle this ecosystem to the ground given the diversity of merchants and the engrained plastic card habits honed by consumers over the last 50 or so years.
EMV: America, What Took You So Long?
"As an example, and traditionally, card fraud in the United Kingdom has always been considerably higher than here in the U.S., primarily because the U.K. previously used offline card authorization as opposed to the online card methodology used here. As losses due to fraud rose steadily in U.K., despite the best efforts of global law enforcement agencies to reduce it, the pressure to find a solution built around some alternative authentication strategy mounted. From this concern, EMV was born." ...
"So why has the U.S. not embraced EMV sooner? Part of the reason is because our fraud problem, while significant, has typically been among the lowest rates among highly-developed economically-mature countries. Much of that is due to the online authentication methods at work here. In England’s old offline authentication method, credit card transactions were gathered together at specific times – typically, at the end of the business day – and then batched over to the card issuers for authorization. It’s a method that gave those committing fraud a significant time lag between the transaction and the authorization, and this time lag contributed greatly to the higher levels of fraudulent activities in England. Here at home, our online authentication methodology permits authorizations to be done in real-time, thus thwarting a significant percentage of the fraudulent attempts at the point of sale, the best place to stop fraud. Our online authentication methods also incorporate multiple fraud and risk parameters as well as advanced neural networks that are ‘built-in’ to the approval process. It’s been a highly effective system that works well when compared to most alternatives."
Why is the US a decade behind Europe on 'chip and pin' cards?
How is that any different than the 4 digit pin you have with your credit card? The 4 digit pin on my CC and 6 digit passcode on my iPhone should both be my responsibility no?
The whole system is still hopelessly antiquated, even after the intro of EMV in the US. Still the vast majority of cards don't require a PIN (which is literally half of "chip-and-PIN"), and the majority of those aren't even able to require a PIN. The signature provides exactly zero security, since nobody looks at them and they get tossed at most retailers. And banks refuse to recognize that the fingerprint I'm required to use in Apple Pay is far more secure than signature or PIN, and still require me to use one or the other. It's so infuriating and there's no hope on the horizon. 
Good news. As others have stated, the signature never made sense. I've had an increasing number of instances with ApplePay where I've had to enter my debit card PIN number on the terminal after a transaction. That also made no sense to me.
This was pretty much exactly my question. We have (generally speaking) tap or insert (chip and pin). Tap provides no authentication other than the presence of the card itself. Insert requires the physical card, chip reader and a pin for authentication. Without the secondary authentication of the PIN, tap transactions are generally limited to a fairly low dollar value. Is the assumption here that when the tap transaction is authorized, the bank sees the Device Account Number instead of an actual CC number, can therefore recognize an Apple Pay transaction which, by definition, has a secondary bio metric authentication and will authorize the transaction using normal chip and PIN limits?
yeah when they went to chip cards I didn't really get the point... sure it makes it harder to clone a mag stripe, but I'd be willing to bet 90% of cards used have been stolen from walets\purses, etc. And going chip does nothing to prevent that. If chip and pin, the only ones who'd be able to use the cards are those who steal cards with people's pins written on them (yeah, shocking how many people write their pin on the signature line of their cards)
I used to work in a gas station here in the U.K. and our merchant acquirer often lost its DSL connection so we had to resort to the old “ironing board” imprint machines.
Although it’s the best part of 10/11 years since Chip & PIN became the norm and signatures were only allowed for those couldn’t use PINs or the card fell back because the Chip was worn you’d be amazed at how many people never signed the back of theirs.
Although it’s the best part of 10/11 years since Chip & PIN became the norm and signatures were only allowed for those couldn’t use PINs or the card fell back because the Chip was worn you’d be amazed at how many people never signed the back of theirs.
I just shopped at a medical supply place/pharmacy, and they had brand new POS terminals. They accepted contactless payments and SWIPED cards.
Here’s the kicker: I had to sign the terminal before I could use Apple Pay.
I was all the way confused.
Here’s the kicker: I had to sign the terminal before I could use Apple Pay.
I was all the way confused.
VERY GOOD POINT. - not that many here - LOL!
A stolen card still works just fine. We read about in the local paper daily.
Actually thats not even true (Just a common myth). An Australian merchant or European merchant isn't liable if the signature doesn't match either (as long as a signature is actually taken). The only time a merchant is liable for fraud is when they swipe the magnetic stripe on a chip card (which 99% of terminals won't let you do as the magnetic stripe has a code on it to tell the terminal it has a chip). Even if a transaction fallsback (I.e. you try to use the chip and it fails and prompts you to swipe) it will tell the bank that a technical fallback has taken place and if the bank approves the transaction, the merchant still isn't liable for fraud. So as long as you have a correctly programmed chip terminal, you can never be liable for swiped, chipped or tapped transactions). The card verification method (PIN,Signature, NO CVM) is irrelevant.
[doublepost=1508456957][/doublepost]
It's funny though as you could go to any self service machine (Or any manned terminal as long as the merchant isn't paying attention) in Sainsburys (Or many other places) insert your card backwards 3 times and the terminal will let you swipe and sign.
I am still shocked that people have to use Chip and PIN for transactions over a certain value. I use Tap and PIN (via my Watch) for anything over $100 - including over $1,000 spent at Costco last week.
[doublepost=1508457021][/doublepost]
I think the stolen cards come from mass theft rather than taken out of wallets.
[doublepost=1508457021][/doublepost]
I think the stolen cards come from mass theft rather than taken out of wallets.
I think that's the media's spew on it, but not reality. I'd bet 90% are stolen wallets. I've had my card stolen in a restaurant before. Never had it stolen online. And I use it online a LOT... But then again I know how to differentiate between a legit and non-legit website... so I don't go keying in my card number on bedazzleyourphone.com or anything haha.
Many reasons really, especially on on Australian cards. One its just to say you agree to the card terms and conditions. Two, your card could fall back to a signature transaction (This is more likely to happen on Australian cards, as Australian banks don't store the PIN on the chip, so if the terminal can't contact the bank (I.e. on a plane for example), then the signature is the only authorization method is available). Many card machines in Canada, the UK and France also don't support the pin used on Australian cards (Called online PIN), as all cards in the UK, CAN and France use offline PIN (PIN encrypted onto the chip), so Aussie cards will fallback to signature. And finally there are still a ton of terminals around the world that don't support chip.
[doublepost=1508457419][/doublepost]
As someone who works in card fraud prevention, fraud from theft/loss of a card is very low (even in the United States).
If you say so. Not sure what the issue is here though... my comment is that going to a chip-based card does nothing for someone stealing the card out of your wallet and going to Walmart and using it. Your response about most being stolen online is irrelevant to my comment. Bottom line, going from mag strip to chip card without a pin was a basically pointless change but for it weeding out a few people using cloned mag strip cards. Most people who had their info stolen online didn't have the perp then go and make a card and use it, they just used the card info online.
Understatement of the century. I have never once- not a single time- had a cashier check the signature on any of my 4 cards. I also have not signed any of my cards.
Definitely an outdated form of "security" that needs to go, and I'm excited for the signature requirement to be phased out.
No it is the reality and it is why companies who deal with credit cards should comply with the PCIDSS (Payment Card Industry Data Security Standards) or you end up like these bozos:
http://www.bbc.com/news/technology-25681013 - 70 million cards
https://www.finder.com.au/the-sony-playstation-hack-what-it-means-outside-the-gaming-world - 77 million cards
http://www.abc.net.au/news/2013-07-...-ever-credit-card-fraud-in-us-history/4844814 130 million cards
I haven't signed a credit card receipt in 6-7 or more years here in Canada, since we've been using Chip+Pin for a long time. You can't even swipe a credit card that has a chip in it, its only for fallback or outside of country use.
And of course NFC in recent years, even before Apple Pay become available.
And of course NFC in recent years, even before Apple Pay become available.
I just today used mine at two stores via Apple Pay. Both purchases were <$60. Both times required a signature.
That's what the card companies want you to believe...
In reality, the signature protects the card companies from their own customers! Consider this: A customer calls in claiming their card was stolen and used to buy a TV at Best Buy. The CC company can check the signature, see that it is the same squiggle as the previous 30 purchases, and start a fraud investigation against their own customer. If the signature was different than usual, then they can believe the customer.
interesting. Today I did grocery shopping for 50 some dollars. Payed with apple pay (mastercard capital one, no signature.