On 25/02/2012 16:21, Roland Perry wrote:
In message , at 15:48:40 on Sat, 25
Feb 2012, Graham Nye remarked:
When using my UK credit card in the US I only needed to sign for some
transactions.

There's some over-simplification here. While I agree that some retailers
(especially high-margin ones like restaurants) may not require a
signature, there's a second floor limit above which they have to call
the credit card company. That limit seems to me to be much lower than
you'd get in the UK for a similar transaction verified by PIN.

Having signed my CC bill in restaurants I was expecting a waiter
to come back and at least pretend to check the signature. But no,
you just sign and go, and they collect the CC slip when they clear
the table. Perhaps I didn't need to sign the slip (but they had
the usual pre-printed lines to sign along).

[Gas stations.]
There's some over-generalisation here, it depends where you are in the
USA; some places need payment first, others don't. It depends a little
on the local demographic.

Clearly it must have been crooked! Well, it was the Wild West (Arizona).


--
Graham Nye
news(a)thenyes.org.uk

On 25/02/2012 16:25, Adam H. Kerman wrote:

The thing is that the merchant really wants to the driver to enter
the store to buy food or coffee or cigarettes, which are very high
markup items.

The gas station owner probably wants that but the staff seemed to
prefer me to pay up, fuel up and push off without darkening their
doors, and certainly without interrupting their conversation.

At times, merchants make nominal profits on gasoline. I don't know how
fuel prices are set at retail in the UK...

When the crude price goes up retail prices go up and when crude prices
go down this happens - -.


--
Graham Nye
news(a)thenyes.org.uk

Graeme Wall wrote

On 24/02/2012 21:20, Adam H. Kerman wrote:

What credit card transaction requires a PIN? Those are strictly for
debit card transactions.

All UK transactions.


Err, not quite all.

A UK transaction with a foreign plastic card could be signature based
and the banks have agreed to issue signature based cards to customers
with disabilities who need them.

Hence, I suppose, why a UK supermarket self-checkout has the text "PIN
or Signature".

--
Mike D

Roland Perry wrote:
at 16:40:17 on Sat, 25 Feb 2012, Adam H. Kerman remarked:

No, UK credit cards also have a magnetic stripe on the back, so they can
be swiped through a US retail terminal. You just have to sign on the
transaction, rather than use your PIN.

Only if, as above, the transaction is above the merchant's floor limit.
When using my UK credit card in the US I only needed to sign for some
transactions.

There's some over-simplification here. While I agree that some retailers
(especially high-margin ones like restaurants) may not require a
signature, there's a second floor limit above which they have to call
the credit card company. That limit seems to me to be much lower than
you'd get in the UK for a similar transaction verified by PIN.

Really? There's no concept of pre-authorizing the transaction, then
charging the customer the approved charge in two separate steps, both
performed at the retail terminal?

No. I routinely spend amounts of the order of a thousand dollars at
retailers by Chip and PIN card, and it's a one-shot process.

If that's true, then I suspect your credit limit is stored on the card.

In a typical transaction in the US, the customer or cashier swipes the
card at the terminal (which one does it depends on the layout). Data is
exchanged with the credit card processor's server. Data sent back to
the merchant's terminal is the account credit limit (not disclosed to
the cashier unless there is a situation with a high-value purchase like
jewelry) and authorization code. The authorization code is critical,
which is why merchants cooperate in pre-authorizing sales. If a merchant
submits a transaction that wasn't pre-authorized and the bill isn't paid,
the merchant's account is charged back.

During authorization, there is a temporary freeze put on the cardholder's
credit limit in some fixed block amount, such as rounding up to the next
$100. This block must exceed the actual purchase amount.

When the total sale is known and taxes calculated, this amount is sent
to the credit card processor. The merchant then receives back a transaction
ID number, which may be printed on the receipt. The cardholder sees this
number on the monthly statement.

The credit limit freeze stays on the cardholder's account till the sale
has been posted to his account. This could happen immediately, but it
may not happen until the merchant submits his accounts that night, and
might be delayed a couple of days if more than one card processor is
involved.

Now, the authorization and transaction ID steps can occur closer together
if the total sale amount is sent with the credit card account number,
but the retailer receives the data back in two steps. It just depends
how fully integrated the card terminal is into the cash register.
Retail stores tend to have more sophisticated terminals than, say,
restaurants do. At a restaurant, the food and drinks bill may be calculated
on one system (or by hand in plenty of places), the cash register is not
integrated into the food ordering system the kitchen sees if they aren't
still going by hand-written tickets, and the card terminal is separate
still. In that case, the cashier rings up the purchase, gets a total,
swipes the credit card, waits to receive authorization, then enters the
total again into the card terminal, then receives the transaction ID back
which prints on the credit card slip the customer signs. Some restaurants
can enter the total into the card terminal at the time the card is swiped,
but they ask the customer to add the tip before entering the total.

Fast food restaurants have extremely sophisticated and well integrated
systems, using one system to take the order and relay the order to the
kitchen and handle the sale, including the credit card transaction.

In any of these setups, from the customer's perspective, the card is
swiped just the one time (unless there is a failure to obtain authorization),
but the authorization and transaction are two separate steps, perhaps
with a noticeable delay between the two.

Jewelry stores don't call the credit card processor or bank if nothing
appears to be amiss. It's handled electronically.

The mechanism is that their terminal asks them to call, if the
transaction is flagged.

Yeah, hoping and praying that they are dealing with mere con artists
committing a burglary and that the situation won't deteriorate into
a robbery.

The occasional machine, e.g. at gas stations, wanted to know my home
zip code (which, of course, I don't have) but I was able to pay in
the kiosk. (US gas stations need payment before dispensing fuel,
rather than afterwards, as in the UK.)

There's some over-generalisation here, it depends where you are in the
USA; some places need payment first, others don't. It depends a little
on the local demographic.

Actually, two gas stations at the same intersection can have different
policies.

So it also depends a little on the retailer's internal policy (and also
their previous record for accepting fraudulent transactions, which might
in turn depend on their staff training programme), but common sense
tells us that already.

It may depend on past history of theft, but as I commented on in the
other message, it may depend more upon assuming that the driver is
traveling a great distance and this won't be a repeat customer, with
a hint of prejudice against strangers from out of town being more likely
to be thieves than locals are.

Of course some merchants assume everyone is a thief, no matter how
regularly he shops there.

On 25/02/2012 16:27, Roland Perry wrote:
In message , at 16:22:09 on Sat, 25
Feb 2012, " remarked:

UK credit cards and proximity cards are different things.

They are "converging things". I don't know of any post-payment proximity
cards that aren't also conventional credit cards. But only a few
conventional credit cards have the proximity technology.

Barclays Bank, IIRC.

On 25-Feb-12 10:21, Roland Perry wrote:
In message , at 15:48:40 on Sat, 25
Feb 2012, Graham Nye remarked:
No, UK credit cards also have a magnetic stripe on the back, so they can
be swiped through a US retail terminal. You just have to sign on the
transaction, rather than use your PIN.

Only if, as above, the transaction is above the merchant's floor limit.
When using my UK credit card in the US I only needed to sign for some
transactions.

There's some over-simplification here. While I agree that some retailers
(especially high-margin ones like restaurants) may not require a
signature, there's a second floor limit above which they have to call
the credit card company. That limit seems to me to be much lower than
you'd get in the UK for a similar transaction verified by PIN.

By "call the credit card company", do you mean actually speak with a
human, or just do a standard automated authorization?

The merchant's "floor" allows them to post transactions below a certain
threshold without prior authorization. At least in the US, the floor is
usually USD 25-50, though for some merchants it's $0 due to high
chargeback rates.

The occasional machine, e.g. at gas stations, wanted to know my home
zip code (which, of course, I don't have) but I was able to pay in
the kiosk. (US gas stations need payment before dispensing fuel,
rather than afterwards, as in the UK.)

There's some over-generalisation here, it depends where you are in the
USA; some places need payment first, others don't. It depends a little
on the local demographic.

More specifically, it will depend on the drive-off (i.e. theft) rate at
that location or in that neighborhood.

S

--
Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking

On Sat, 25 Feb 2012 09:15:20 +0000, Graeme Wall
wrote:

On 25/02/2012 08:40, Charles Ellson wrote:
On Sat, 25 Feb 2012 08:26:56 +0000, Graeme Wall
wrote:

On 24/02/2012 22:59, Charles Ellson wrote:
On Fri, 24 Feb 2012 21:42:40 +0000, Graeme Wall
wrote:

On 24/02/2012 21:20, Adam H. Kerman wrote:

What credit card transaction requires a PIN? Those are strictly for
debit card transactions.

All UK transactions.

... other than on-line (or contactless?).

Not actually come across any contactless credit cards in the wild yet.

I know they exist, just haven't come across any.


Barclays. Both debit and credit cards.

On-line you need a different PIN, aka a security code.

That is in addition to supplying the 3-digit code on the back of the
card

Which is what I was referring to.

Hardly a "PIN" as it is stamped on the back of the card and is mainly
concerned with "cardholder not present" transactions. It is
deliberately visible as it does not otherwise appear in the
information contained in/on a card and requires use of a Mk.1 eyeball
to read it thus cannot be determined by a magnetic stripe reader or
from discarded undercopies if anywhere is still processing cards the
old-fashioned way.

(without which you won't get as far as the password challenge
which cannot be all-numeric)and the requirement for goods to be
delivered to the registered address.

On 25-Feb-12 11:30, Adam H. Kerman wrote:
Roland Perry wrote:
at 16:40:17 on Sat, 25 Feb 2012, Adam H. Kerman remarked:
Really? There's no concept of pre-authorizing the transaction, then
charging the customer the approved charge in two separate steps, both
performed at the retail terminal?

No. I routinely spend amounts of the order of a thousand dollars at
retailers by Chip and PIN card, and it's a one-shot process.

If that's true, then I suspect your credit limit is stored on the card.

In a typical transaction in the US, the customer or cashier swipes the
card at the terminal (which one does it depends on the layout). Data is
exchanged with the credit card processor's server. Data sent back to
the merchant's terminal is the account credit limit (not disclosed to
the cashier unless there is a situation with a high-value purchase like
jewelry) and authorization code.

Really? I've never heard of card processors telling merchants what the
credit limit (or available credit, which is what I suspect you meant) on
a card is, just whether the authorization attempt succeeded.

Note that an authorization is for a particular amount of money, so there
is no _need_ for the merchant to know how much credit is available in
excess of that.

The authorization code is critical,
which is why merchants cooperate in pre-authorizing sales. If a merchant
submits a transaction that wasn't pre-authorized and the bill isn't paid,
the merchant's account is charged back.

That's not how it works. Authorization is confirmation from the card
issuers that a charge for the specified amount (or less) can be posted
successfully.

It has no effect on chargebacks; a customer can dispute posted charges
whether or not they were authorized first.

It also has nothing to do with whether the bill is paid, which is
entirely a matter between the card issuer and the customer.

During authorization, there is a temporary freeze put on the cardholder's
credit limit in some fixed block amount, such as rounding up to the next
$100. This block must exceed the actual purchase amount.

Perhaps your issuer does that, but every card I've had puts a "hold" on
the exact amount the merchant requested authorization for.

Some merchants, eg. restaurants and bars, will authorize more than the
total assuming you'll make additional purchases and/or add a tip, which
gets corrected when the final charge is posted. I've never seen any
other type of merchant do that.

Gas stations usually authorize for $1 and then (try to) post the full
amount. Technically this is risky for them, as the posting may be
denied if the card doesn't have enough credit available at the time, but
apparently the common risk is closed/over-limit cards.

S

--
Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking

Not actually come across any contactless credit cards in the wild yet.
On-line you need a different PIN, aka a security code.

I have a contactless AmEx in the U.S. which I can tap at the till in
my local Wegmans supermarket (sort of like if Waitrose was owned by a
family of Italian-Americans) and many convenience stores. Wegmans
don't require a signature up to $50, tap or swipe.

I really don't understand the resistance of US banks to chip+pin
cards. Very few issue them, primarily for people who travel to other
countries. Visa and MasterCard say that all their acquirers have to
support chip+pin by April 2013 but I'll believe it when I see it.

R's,
John

PS: Don't waste time arguing with Adam, unless you fancy a battle of wits
with an unarmed opponent.
--
Regards,
John Levine, , Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly

In message , at 17:30:39 on Sat, 25 Feb
2012, Adam H. Kerman remarked:
I routinely spend amounts of the order of a thousand dollars at
retailers by Chip and PIN card, and it's a one-shot process.

If that's true, then I suspect your credit limit is stored on the card.

It isn't. What you have to accept is that things are done differently in
USA vs the rest of the world.

--
Roland Perry