[mattzito]

Followed him home, then used a phone number search? That would also explain why they didnt need to ask him his address.

This is a really elaborate scam, btw. The few times my cc# has been stolen, some dude just makes a card and uses at someplace like a hardware store and buys $1500 worth of tools before the bank frauds it out. In, out, no contact with me, just a sprint.

[kalleboo]

In the european chip and pin system, there's no way to extract the private key on the chip - the chip has to be present, and has to be unlocked with the PIN. Which is why they had to steal the card, and get him to enter the PIN. (of course it's possible to trick most merchants to fail back to the legacy mag stripe which is still present, but perhaps that triggers fraud alerts quicker)