• dependencyinjection@discuss.tchncs.de
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    2 days ago

    Furthermore even if a card is skimmed these days, at least in the UK, it’s still unlikely transactions would be processed online.

    That’s because it’s become so commonplace now for transactions to pop-up in the banks app on the owners phone and they must confirm the transaction and / or receive a code via SMS. Some just use SMS as a means to confirm a transaction.

    I guess one vector for attack still remains and that is SIM swapping, but even that is more difficult these days due to widespread awareness from carriers.

    • r00ty@kbin.life
      link
      fedilink
      arrow-up
      2
      ·
      2 days ago

      I mean, if they knew where you usually shop online, probably not. I generally get the popup when either:

      1: Shopping somewhere for the first time
      2: Certain businesses (presumably those that are more often targeted for fraud I guess?)

      I bet if they tried to use a different delivery address (and the shop passed that on) it should (I think at least) trigger a security check.

      In shops especially with contactless it’s very unlikely to be stopped though. But I think the bank needs to eat the contactless losses if I remember right. I do recall there’s a maximum number of contactless payments you can make in a given time before it forces chip and pin though.