Missing the Target on debit chip cards
You’d think that in the wake of a massive theft of credit card information in a 2013 network breach, Target would be extra careful about protecting its customers’ credit cards. It turns out not so much, at least at one store.
Like other retailers, Target is preparing for the switchover from debit and credit cards with magnetic stripes to cards with embedded microchips, which are said to be more secure. Banks and credit card companies have been putting chips in newly issued and updated cards for months (the chips are plainly visible on the front of the cards).
By next month, U.S. retailers must have card readers (and systems) in place for processing transactions with chip cards, or else they’ll be responsible for any fraudulent charges. The new readers have a slot at the bottom for inserting chip cards, as well as a traditional swipe mechanism at the side for cards with magnetic stripes.
The new technology, called “chip and PIN,” won’t change the
way you validate purchases. With a chip credit card, you’ll still need to sign your name. With a chip debit card, you can use your PIN.
That brings me back to Target, whose store nearest to me has embraced chip-and-PIN technology ahead of the deadline. When I went shopping a couple of weeks ago, I found that swiping my chip debit card no longer worked. The checker told me I had to insert it in the card reader’s chip slot, which did work. Last week, I visited the store again, and this time I went straight for the chip slot (I’m a quick learner).
There was just one problem: Both times I used the chip-and-PIN process, Target’s system validated my purchases without requiring me to enter my PIN. It just spit out a receipt (and a couple of coupons, thank you very much). When I questioned the checkers about the omission of the PIN part of chip and PIN, they told me not to worry, I was all set.
Good citizen that I am, I notified the person at the service desk that the PIN step in the process was missing — making it possible for anyone with a stolen chip card to waltz out the door with a shopping basket full of stuff. The service person was duly upset and ran off to look into it.
Let’s hope that Target fixes things quickly, and, more importantly, that other retailers understand the meaning of “chip and PIN.” Q: I recently bought a new Android smartphone, and I want to enable the security feature that will prevent it from being used if it’s lost or stolen. The trouble is, I can’t find that feature. Where is it, and how can I activate it? A: Android’s “kill switch,” called Device Protection, is only built into phones running Android 5.1, the latest incarnation of the operating system (although some manufacturers have offered it as a patch for selected phones with version 5.0).
If your phone has Device Protection, you would have enabled it automatically during the initial setup when you chose a lock for your screen. With Device Protection, the phone cannot be reset and reactivated without the owner’s Google ID and password.
By the way, this is one area where Apple trounces Android. Every version of Apple’s mobile operating system starting with iOS 7 has included Activation Lock, the kill switch feature that Android basically copied. But Google, which owns Android, doesn’t force phone makers to install the latest version of that system, or offer upgrades, for that matter.
The result has been a hodgepodge of Android versions on new phones, as well as an arbitrary (and often nonexistent) upgrade path to newer versions. Not only is that unfair to consumers, it has put some new phones in conflict with a California law that requires any smartphone manufactured after July 1 and sold in the state to be equipped with a kill switch.
The last time I looked, a couple of weeks ago, a number of smartphones at Best Buy and elsewhere still had pre-kill switch versions of Android. Q: My 5-year-old Windows desktop PC doesn’t have built-in Wi-Fi. It has always been connected to the Internet via an Ethernet cable. Now I want to move the computer to another room, away from my router. What kind of Wi-Fi adapter do you recommend? A: It depends. If you have a dual-band router, get a dual-band adapter. But I wouldn’t worry about wireless protocol (AC, N, etc.), or USB speed. Any brand name adapter (Netgear, Linksys, Belkin, etc.) should do the job nicely. And don’t spend more than $40.