Unfortunately, these well-paid professionals didn't save us from the utterly broken scheme with credit card numbers. And, what's worse, nobody in banking industry is taking any action to fix that.
Thanks for the reference. I have just activated "verified by visa" feature on my primary card, but it appears to be a nonsense again:
"After you activate Verified by Visa, your card will be recognized when you buy at participating online stores. You'll enter your password in the Verified by Visa window, your identity will be verified, and the transaction will be completed. In stores that are not yet participating in Verified by Visa, your Visa card will continue to work as usual."
basically, everyone still has the power to charge me, when it knows my card number. The feature seems to be protecting merchants, not customers (yes, I understand that my bank will likely refund all stolen funds, but I would prefer a sane solution)
Unfortunately chip and pin is not as secure as the industry wants you to believe. --There have been several examples of where people have modified card terminals to allow the chip and pin information to be intercepted and used elsewhere.
Any links? All the breaches I've seen so far have been either to fool the user to fall back to magstripe (after having them enter their PIN), or to fake the display of the amount you're charging.
IIRC there was one problem where the encryption used between the card and the bank was bad or the card's chip still had its write pins exposed but I think that was solved by replacing the cards with newer ones.
