Viewing a single comment thread. View all comments

stevehockey1 t1_j6hc1sn wrote

It's all based on software. Most software that were developed for machines that only accepted insert and swipe were developed badly with "inefficient" code. It was also made pre-2000 era.

Now these software connects to payment gateways that are older than my grandpa. Thus, the development and re-engineering for that code is difficult and very tedious (languages are old and outdated, no documentation and devs back then didn't like to leave comments for some reason so we gotta figure out what entity works with what). Also, any major iterations will likely need to get re-certified. No one wants to work on that.

So most of the time, companies would port w/ minor changes to the code such as optimization, compatibility, to the new device. However, since Contactless Payments were developed in the 2000s w/ the addition of NFC on mobile devices shortly after, the development of that code is much more optimized for modern devices.

Tap and chip have the same level of safety (from the merchant's end), technically, the chip is safer to prevent fraud, but when it's tap any chargeback will have a liability shift (all chargebacks goes to MC/Visa/Amex instead of the merchant [at least in Canada]). From the customer's end, there's no difference. Tap is simply more convenient.

Also, if you want to know the safest and convenient way to pay: Apple Pay / Google Pay.

The reason why I always encourage people to pay with their digital wallets is because of traceability. What u/BaggyHairyNips mentioned is right. When you register your card with Apple Pay/GPay, you don't just save your card on there. Apple/Google creates a token from your card (basically puts all of your cardholder data [number, exp date, name, CVV as of recently] and encrypts all of that and hashes it out) and pays everything with that token. This not only guarantees that the card is not a fraud for the merchant (as you can't have a stolen card on a digital wallet [unless you stole the phone and know the password]) as well as from the consumer's end, you have instant traceability (Apple/Google will have their own transaction history on the phone) so you don't need to wait till the transaction settles EOD to figure out if something went wrong or not.

Also, do note that this is kinda the order for the regions the most advanced in payment security to the least (note that this is mostly based on eCommerce, as security for Card Present is similar around the world):

Europe (requires SCA, 3DS)

Canada (most merchants adopted 3DS)

Asia

USA (lack of 3DS implementation for some key merchants)

Africa

​

Source: I work for a Fortune 500 in the payment industry.

48

vanriggs t1_j6igd36 wrote

>and devs back then didn't like to leave comments for some reason

Sonny those extra bytes ain't free dag'nabit. You whipper snappers these days just think bytes grow on trees or somethin'.

20

formerly_gruntled t1_j6kokeg wrote

I worked for a company that made an acquisition in 1982 that required the death one of the legacy computer systems. The reason we killed the better computer system is that it only had a single digit space for production facilities, and the merged company had ten.

1

bacondota t1_j6jqidh wrote

I find it odd that USA still uses and sometimes require to swipe the card and sign the paper when in Brazil even escorts have cc machines with contact less tech. Some are very small and uses the seller phone for Internet.

2

stevehockey1 t1_j6jyp0m wrote

Absolutely, USA is very behind in payment processing. The main reason why is due to large infrastructure, slow adoption, small adoption rate. Basically, because of how big some clients are and because those clients want reliability over security and convenience, they only update when they HAVE to. So basically, they gotta update to only meet PCI compliances.

It's so weird that paying at a restaurant is a 2-step process. You get the bill, give them the card, they auth it, then you add your tip and they clear the tip at EOD when they settle the transaction.

Over in Canada, we just add tip on the terminal / or write it on the receipt so that the server writes total + tip in the terminal and pay it as a whole. At EOD, the merchant settles the batch and done.

3

foxpaws42 t1_j6mfcbh wrote

Things are gradually changing in the States. The last two restaurants I visited, the wait staff took payment with a mobile payment terminal. Tap phone/watch, select tip, done. At least where I live, using a mobile payment terminal seems to be catching on.

1