Thursday, November 18, 2010

No-PIN Debit Cards – No Thanks

Bill Mann reports that No-PIN debit cards will be coming to Canada this summer. You’ll be able to wave these cards in front of a reader without having to insert them or enter a PIN or sign a slip of paper. My personal take on this is that I don’t want any part of it.

I only use my debit card for accessing bank machines or to identify myself within a branch of my bank. I think of it as a bank card rather than a debit card and prefer not to give retailers access to my bank accounts. If my debit card were stolen, I certainly wouldn’t want the thief to be able to drain my bank accounts by making purchases. If I ever need to use my bank card as a debit card, I would prefer to have to enter a PIN.

I realize that others think differently on this issue and that’s fine: to each his own. However, I would want the option of having a card that cannot be used as a PINless debit card.

Some may say, “just don’t use it to buy anything,” but this doesn’t address my objection. I don’t want anyone else to be able to use my card without a PIN. If I never use it without a PIN this does nothing to prevent a thief who gets hold of my card from using it without needing to know the PIN.

Banks have plans to permit PINless transactions only if they are under $100. They also plan to occasionally require PIN entry particularly if there have been many transactions. This limits the pain somewhat, but not enough for me. A thief could easily run up thousands of dollars in charges. I have no interest in arguing with a bank over which charges are legitimate and whether I notified them quickly enough or protected my card well enough.

I understand the motivation for this “innovation”. Paying with a debit card is usually much slower than paying with cash. Retailers (and customers waiting in line) would love to speed up the payment process. The banks like it because it will increase the number of transactions people make with debit cards. Faster payments will make it more practical to use debit cards for smaller payments.

I’m just not interested in getting on this train. I don’t buy things very often and I don’t mind punching in my PIN or signing for purchases. For many people, bank statements are a blur of numbers (mostly debit purchases) to be ignored except possibly for the current account balance. However, I still check every entry on my account statements against my records and I do find errors from time to time.


  1. I'm with you 100%. I already have only one account accessible from my debit card, and it never has more than $100 in it, and I never use the card anyway. If my bank allowed PINless access on my card, that might prompt me to remove that account too and, as you say, just use the card to identify myself when I talk to a teller.

    I have experienced fraud on both a debit card and a credit card. For the debit card, the bank claimed they'd investigate, but nothing came of it, and I'm out the money. For the credit card, it was a total non-issue: I told them which transactions were mine and which weren't, and never heard from them again. The fraudulent charges just vanished.

  2. @Patrick: This difference between how fraud is handled between debit card and credit cards is the main reason why I stick to using my credit card.

  3. @CC: As you say, even if you don't lose any money to fraud, you still lose in the sense of time and hassle. I've had a few problems with credit cards, but each time I lost no money and the hassle was minimal. People who have had debit card problems often report more personal trouble and loss.

    1. The comment above is a reply to Canadian Capitalist's comment:

      I haven't had a debit card cloned but my credit card numbers were stolen twice. Even if you don't incur liability for fraud with a credit card, getting a new one gives you a headache having to redo all the pre-authorized payments. Losing money on top of it will add insult to injury. I'd like to not board the PINless debit card train as well.

  4. What's your take on Paypass? It's the same idea, but with a Mastercard instead of a debit card. I kind of like it, since it's very quick. As you, Patrick, and CC all mentioned, fraud is less of an issue, but I could see there being substantial fraud with a lost Paypass credit card.

    I'm frequently absent minded and recently lost my credit card in a parking lot. Luckily, the person who found it was an honest employee of the store and reported it. In another case, it could have cost the card issuer quite a bit of money.

    Add me to the list of people who hardly ever uses debit cards, except where credit cards are not allowed, or I get some extra bonus for paying cash.

  5. @Gene: A PINless credit card is better than a PINless debit card, but it's not for me. I just prefer a few seconds of inconvenience on each purchase rather than the risk of major inconvenience if the wrong person gets hold of my card.

  6. Pre-authorized payments on a credit card? People do that?? :-)

  7. Here's a video of a guy disabling the RFID chip in a Paypass credit card:

    He basically smashes the chip with a screwdriver. Maybe this would work? Maybe it's illegal?

    I didn't realize they used RFID technology. There has been a lot of bad press about RFID being an insecure technology. At any rate, I agree, I don't want one on my debit card.

  8. Slight correction - the article I read said the daily limit for such transactions would be a TOTAL of between $25 and $100, as set by your bank. So the total damage for the day would only be $100, not thousands.

    I'm still not for this.

    My daughter carefully uses her cash back credit card which has paypass and takes it out and taps it. Her friend laughed at her and demonstrated how you just have to tap your wallet to make the payment. She asked, "What if you have two credit cards with paypass, how do you ensure the payment goes on the correct card?" This stopped her friend in his tracks, he checked his receipt and said, "Damn!"

    Adding multiple paypass cards in your wallet almost defeats the purpose in the first place.


  9. @Gene: The video was funny: two guys in their basement pounding on a bank card. I suspect that it amounts to destroying bank property, but it's hard to see why the bank would get too excited about it.

    @Larry: Just make sure your account doesn't permit overdrafts.

    @Kate: The articles I read indicated that if there is a limit, the limit would default to $100. So, if there is a limit in place, the exposure is $100 times the number of days until you realize the card is missing. Unfortunately for me, I use mine quite infrequently.

    The bit about having multiple RFID cards in your wallet is interesting. I wonder what would happen if you waved multiple cards in front of a reader.

  10. Luddites, all of you!

    Prediction: by 2015, you're all on pinless debit cards, like it or not.

    Personally, I like the idea and I'm guessing the majority of people will too.

  11. @Geoff: I believe your prediction. Banks simply won't offer cards that don't have PINless capabilities. I've never cared what most people think or like. Most people buy lottery tickets or carry a balance on their credit cards or both.

    On a more serious note, I hope that the law will keep up with this. Banks should be on the hook for losses, not customers. But, I fear that in the case of debit cards, banks will try to make customers eat losses. This will give banks even less incentive to improve security.