[rconti]

I cancelled my Coin preorder and got my money back once the EMV rollout became a done deal, fortunately.

I was in Europe 2 weeks ago, using a local SIM so I was not getting calls on my "home" phone number registered with my banks.

On a Friday night at the bar in Copenhagen, I happened to see an email from my one bank saying to call them immediately about possibly-fraudulant charges. So I called international to confirm that i was overseas and the charges were legit, and which countries I'd be traveling to over the next week. (Previously my bank said it was NOT necessary to notify them when traveling, so I hadn't up until then).

The very next day I flew to Frankfurt and had both of my chip cards rejected at a fast food restaurant.

That night I had to make a Google Talk call to both credit card companies; the first one to bitch them out that I had JUST told them about my travel.. but it turns out they had no record of the attempted charge, something must have gone wrong with the terminal. The SECOND credit card company notified me of fraudulent charges that happened while I was on my flight from the US. They cancelled my card immediately and shipped me a new one, which did me no good since I was overseas.

However, conveniently, the "replacement" card popped up in Apple Wallet before I even got off the phone with them, so at least in theory I could use NFC payments with the new replacement card.

I was extremely nervous because not 12 hours later I needed a credit card for a 6000 euro preauth for a track car rental. Obviously my 2 debit cards would not do, I couldn't use the compromised card (unless they had NFC and I could use ApplePay for it), so I NEEDED my remaining card to work. Fortunately it did.

I happened to have a 3rd credit card which used to be EMV but was replaced with a non-chip card a year ago, and which I haven't used since; that was my only backup plan (assuming they could take a mag stripe card, which typically is not an issue in Europe). (short of spending another 20 minutes on the phone with credit card companies the next day trying to figure out why my charges were still failing).

I absolutely never charge anything to a debit card, and I make sure I have at least 2 or 3 credit cards whenever I travel, in addition to the debit card(s) for getting cash.

[nly]

As a Brit, I often experience opposing horrors. Using a UK card in the US without notifying your bank is just asking for a gubbing. I don't blame them either... the only store I've been in over the pond which used EMV, earlier this year in fact, was Riteaid. Most stores don't even do the traditional cursory signature check. There aren't even token safeguards in place to stop magstripe cloning techniques straight out of the 80s or 90s.

It's so risky from a fraud perspective that interesting travel cards like Revolut now let you toggle magstripe transactions in their app.

[snuxoll]

Comparing signatures to the back of the card is useless, most people do not sign their marks THAT consistently and it's entirely possible for someone committing fraud to make something "good enough" that would pass casual inspection from a depressed retail employee (my signature varies depending on how tired I am, how quickly I am trying to just get the hell out of the store, how much caffeine I have - or haven't - had that day, etc). Pretty much the only reason they are even ON your card is a place for you to accept the terms of your cardholder agreement (which is virtually useless since every card I've had since I started using credit/debit cards has me accept them during the card activation process or just applying for the card).

EMV PIN's are a crappy solution too, a four digit PIN is all banks in Europe need to consider a transaction "genuine" even though numerous attacks against EMV are already in the wild - makes for great fun trying to reverse fraudulent charges in many stories I've read online.

[eterm]

Stories you've read online?

There is zero hassle reversing fraudulent charges, in many cases the bank itself will tell the person they think something is fraudulent, and a quick "Yeah that was me" or "Oh dear that wasn't me" is all it takes.

4 digits is enough security given it requires having the card itself, and locks out after a few incorrect attempts.

And security is about traceability not preventability.

[DanBC]

> There is zero hassle reversing fraudulent charges,

For fraud where the pin is used? In the UK if the criminal uses your pin you're going to struggle to get the bank to repay you.

"banks / credit card companies always repay the victims of fraud" is a bit of a meme, and it's dangerous because it's often not the case. The repay in certain clearly limited cases, but not in others.

[nly]

I've never had a UK bank refuse to reimburse fraudulent transactions for me. Usually you just have to report it promptly and sign a statement to say it wasn't you. The bottom line is for relatively small transactions (say a few grand or less), it's not worth their time to investigate.

[dagw]

I've been all over the world over the past 15 or so years with credit/debit cards from various Norwegian and Swedish banks. Not once I have ever notified my bank about anything (in fact it was only a few of years ago that I even knew that that was a thing), and not once has there been any problems. I wonder why there are such different standards?

[germanier]

I assume it's much more common to use Swedish cards abroad than it's to use US cards abroad.