CQ-Contest
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [CQ-Contest] Dayton Crown Plaza Credit Card flaw

from [Ria Jairam] [Permanent Link][Original]
To: David Siddall <hhamwv@xxxxxxxxx>, cq-contest <CQ-Contest@xxxxxxxxxxxxxx>
Subject: Re: [CQ-Contest] Dayton Crown Plaza Credit Card flaw
From: Ria Jairam <rjairam@xxxxxxxxx>
Date: Fri, 26 May 2017 19:54:49 +0000
List-post: <mailto:cq-contest@contesting.com> 
I believe that European credit cards have mag stripes on them, so they can
be used overseas. US has begun to adopt chip cards but a large number of
places use swipe despite the liability shift that occurred in 2015. There's
also the good old fashioned knuckle buster that can read a card imprint.

The best security is NFC, such as Apple Pay. You get a different account
number from your actual card number and it is secured. It's also faster
than an EMV chip dip.

I wish more places would have it.

Ria
N2RJ
On Fri, May 26, 2017 at 2:42 PM David Siddall <hhamwv@xxxxxxxxx> wrote:

> My understanding is that IHG caused their own problem because they used
> old-fashioned "swipe" terminals instead of modern chip terminals.  (Chip
> information is encrypted.)
>
> But don't feel overly safe.  Even credit card chip technology in the U.S.
> is less secure than elsewhere.  A lost U.S. credit card with chip can be
> used anywhere by anyone until canceled.  A European credit card, however,
> cannot be used without the owner's 4-digit PIN in addition to the chip
> (same as debit cards, but not credit cards, in the U.S.).
>
> 73, Dave K3ZJ
>
>
> On Fri, May 26, 2017 at 6:02 AM, jpescatore--- via CQ-Contest <
> cq-contest@xxxxxxxxxxxxxx> wrote:
>
> > Here's what happened - it happened to me and I work in Internet security:
> >
> >
> > The Intercontinental Hotel Group (parent of Holiday Inn, Crowne Plaza,
> > etc) was hacked back in February and continuing through April. Over 1,100
> > of its hotels were impacted. If you are interested, details here:
> > http://www.computerworld.com/article/3190175/security/1-175-
> > hotels-listed-in-payment-card-breach-of-holiday-inn-parent-company.html
> >
> >
> > I checked in to the Crowne Plaza on Friday afternoon. Later that day I
> got
> > a potential fraud alert from Mastercard that a "card not present" charge
> of
> > $377 was made to my card by something called IHG. I checked online, my
> > charges that day for gas and for the hotel I stayed on on Thursday night
> > were there and legit - and there was an IHG charge of $377.
> >
> >
> > When I checked in, they physically swiped my card so it should *not* have
> > shown up as card not present, and I didn't immediately connect IHG to
> > Crowne Plaza. I called Mastercard, they connected me to the fraud folks
> and
> > I asked "Do you show more information about IHG?" they said no. So, I
> said
> > that must be a fraudulent charge and they cancelled that card and are
> > sending me a new one.
> >
> >
> > I went down to the desk to tell them I would switch the charges to
> another
> > card and they said "Yes, we are having a lot of that because of the
> hack."
> > Bells went off in my head, but too late to stop the card from being
> > cancelled. The clerk said "let me check the list of disputed charges,
> > because the system will shut your room card access off." I'd come down
> > quickly enough, wasn't on that list but it was several pages long.
> >
> >
> > Because of the hack and exposure, IHG apparently was centrally processing
> > card swipes until they could validate that all impacted hotels had
> cleaned
> > up there local systems. So, the charge showed up as "card not present" -
> I
> > have no idea why it showed up when I checked in, as on business travel it
> > usually shows up on checkout.
> >
> >
> > When I was checking in, two hams sharing a room came down and said their
> > room cards didn't work. They might have had the disputed charge thing
> > cancel happen to them, don't know.
> >
> >
> > Advice: no reason to worry about fraud to your card from your Dayton
> stay,
> > but if you stayed in any of the 1,100 hotels between February and April
> and
> > haven't been contacted, good idea to at least check your credit records
> if
> > not change that card number.
> >
> >
> > 73 John K3TN
> > _______________________________________________
> > CQ-Contest mailing list
> > CQ-Contest@xxxxxxxxxxxxxx
> > http://lists.contesting.com/mailman/listinfo/cq-contest
> >
> _______________________________________________
> CQ-Contest mailing list
> CQ-Contest@xxxxxxxxxxxxxx
> http://lists.contesting.com/mailman/listinfo/cq-contest
>
_______________________________________________
CQ-Contest mailing list
CQ-Contest@xxxxxxxxxxxxxx
http://lists.contesting.com/mailman/listinfo/cq-contest
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [CQ-Contest] Dayton Hamvention, Jukka Klemola
Next by Date:  Re: [CQ-Contest] Crowne Plaza Credit Card transaction, Ria Jairam
Previous by Thread:  Re: [CQ-Contest] Dayton Crown Plaza Credit Card flaw, David Siddall
Next by Thread:  Re: [CQ-Contest] Dayton Crown Plaza Credit Card flaw, Barry
Indexes:  [Date] [Thread] [Top] [All Lists]