Credit cards as a while use a security model from...what, the 1970s? Sure, they've patched by adding the 3-digit CVC, but really? A huge industry can't do better than that? Honestly, it's pathetic...
Between 3DS for online payments and EMV for POS payments (both launched in the 1990s), payment cards could be plenty secure – if the industry were to decide to mandate them for every payment.
The fact that it hasn't is an interesting study in game theory and economics.
The fact that it hasn't is an interesting study in game theory and economics.