Community

Today (Thu) we have Sony providing some reassurance, saying "The entire credit card table was encrypted and we have no evidence that credit card data was taken."

Assuming they've used strong cryptography, then they appear to be PCI-DSS compliant.

It's nothing new, we had the same problem after 9/11 : is it Usama/Osama bin Laden/Ladin.

So with Gadafi also being spelt Kadafi or Qadafi, just like Brown/Browne or Rob/Robert/Bob/Robbie/Bobby, its the mark of good software to automatically cater for all these variations.

When I worked in Japan we used to help customers choose how to 'romanise' their names to appear embossed on their Credit Cards - so members of the same family could appear differently as SATO, SAITO, SAITOH, SATOH. 

One of the great uses of Cheques is to act as a deposit when you hire equipment, only for the Cheque to simply be torn up when the equipment is returned undamaged.

Can you imagine the palaver if we had to place deposits via our Debit Cards, and then ask for the money to be recredited?

In addition to Marriott & Hilton, I've now had Marks & Spencer write to me as well.

I agree - the problem is that the overheads & fees associated with such services make it illogical to use them unless you're financially illiterate.

My local car park charges a 20p handling fee to pay via cellphone - but the parking fee itself is only 30p per hour.

Maybe its just me, but I find reports such as this very incomplete to understand how it all works?

According to FNB, to withdraw cash using Cellphone Banking, customers needed to log onto Cellphone Banking and select the banking option. Customers would then have to select Withdraw Cash, and then the account from which they wanted to withdraw cash i.e. cheque account, savings account, etc.

Once the transaction was completed, the customer would receive an sms with a temporary ATM PIN to use at the ATM. For security reasons the temporary ATM Pin has to be used within 30 minutes of receipt and can only be used once.

But assuming we're talking about a 4-digit PIN, do I have to be standing outside the very ATM I want to use in the first place when I do the Logon, to identify the pintended place of withdrawal?

What if I then find afterwards the ATM is out of order, or has run out of money?

And when I approach the ATM, how do I register my presence and my identity?

Otherwise any little urchin could have a field day randomly pressing the buttons on the ATM keypad, and accidentally hitting on my PIN before the 30 minutes are up, and collecting my money as a gift?

In the late 1970's I was working on a Payroll System which only catered for an equivalent hourly rate of pay of £9.99 (£19,220 per annum).

Mind you, that was at Arnold Weinstock's GEC, so there were only 3 people out of 20,000 in my Division whose salary had to be done manually.

I wonder how stringent SocGen's "restricting electronic transfers outside of its computer systems" could be?

If you can't copy the data down to a USB drive, try e-mailing an innocuous powerpoint presentation to an external accomplice.

If that gets through, then copy the code into a word document, but instead of being dumb enough to print it all off, simply imbed the word document into the powerpoint.

I've yet to see a data leakage scanner that can detect a file imbedded inside another. 

Still not a fan of CHIP and PIN - I feel happier providing some evidence of who I am, such as Signature which could be verified and challenged if too different - a PIN is just too personal.

Also I can't remember more than 1 PIN, so either have to write them all down (which could be lost/stolen), or have the same PIN for everything, which provides a weak link, so in the end I went for CHIP and Signature instead.

My Bank (Royal Bank Scotland) only allows you to register a Payee Bank Account once. So where I have to pay the Electricity Bill for 3 properties, each with their own separate Utility Account Reference number, I have to use the Card Reader twice over to change the Reference field in order to pay each Property. Is the same for multiple anything else, like 2 Businesses wanting to pay HMRC Income Tax, Business Rates etc.

I've written to RBS asking why they can't support duplicate Payee Accounts, and got no response.

Does anyone know of a UK Bank that does support multiple Payee entries - I might be interested in moving!