It’s almost been an entire decade that we no longer had to sign for our debit card purchases. Signature verification for card transactions became a thing of the past on the 1st of August 2014, ditched in favour of four-digit PINs.
The move was made in order to establish new point-of-sale (POS) terminals and improve security for credit card and debit card transactions.
According to PINwise, the body responsible for the changeover, the campaign is about “strengthening payment security across Australia”.
“When using their credit, charge or debit card at the point-of-sale terminal, the customer enters a PIN to authorise their transaction, rather than signing. The PIN transaction is encrypted and sent in real-time to the customer’s card issuer to be authorised,” PINwise explains, adding that using a PIN can also “help protect against fraud due to lost or stolen cards, because the fraudster would need to have both the card and the PIN”.
But while Personal Identification Numbers might be considered more secure for in-person card payments, there has been a lack of information for cardholders about the change.
Alongside using a PIN, the COVID-19 pandemic changed the way people used their debit cards. As more customers shifted to online and contactless transactions, Australian banks responded by increasing the limit for contactless payments from $100 to $200. This was done to reduce the need for actually touching payment terminals and handling cash, with the goal to help prevent the spread of the virus.
With that in mind, here we have three important things to remember about the PINwise movement and what it could mean for how you use your cards.
1. Debit Card Security Is Still Important
While PIN verification is proven to be more secure than signing for card transactions, it is still important to be aware of other security risks.
There has, for example, been an increase in the number of stolen contactless cards, which can be used without any verification so long as transactions are under $100.
Similarly, online transactions made with your debit card or credit card are still exposed to Card-Not-Present fraud risks such as hacking or phishing scams. And people can always try and remember your PIN if you do not cover it at a payment terminal.
The bottom line is that even as card security measures increase with strategies like PINwise, it is still important to be aware of the risks.
2. You Could Still Sign For Some Transactions
The phasing out of signature verification has been commonly referred to as a move to “PIN-only” transactions at POS terminals, but that is not exactly true.
If you decide to use your debit card overseas, for example, you may still have to sign for transactions depending on the country and the payment system used.
In Australia, SBS News has also reported that the Big Four Banks (ANZ, CBA, NAB and Westpac) have said they will keep “an option of sign-only cards for people with special requirements including those with cognitive impairment.”
“While some overseas credit card users will still be given the option to use PIN or sign, so too will people with some disabilities, particularly dementia.”
So even though PINs will now be the norm, there are still exceptions to that rule.
3. You Can Change Your PIN
Most banks and credit unions now let you change your PIN so that you can make sure the four digits are as easy to remember as possible.
Some, like NAB, let you change it at ATMs while others, like Citibank and Westpac, require a phone call or a branch visit and photo ID.
But if you do decide to change your PIN, remember to make it numbers that are not as easy for someone else to guess.
Just like online passwords, PINs get a lot of attention from hackers, and some of the obvious ones – such as 0123, 1234 or even your birthdate – would make it easy for a thief to start using your card for fraudulent transactions.
In Westpac’s guide using your PIN, the bank says that “much like choosing a computer password, you should keep your PIN secret.”
“You should avoid using a PIN that contains repeating characters (like 9999) or digits in sequence (like 1234), or numbers that represent publically researchable information, such as your birthday, year of birth, or address.”
The recommendations from NAB follow similar lines, adding that you should not write your PIN down or “store it somewhere it could be found and used if someone found your card or wallet”.
But once you have a PIN that falls within these guidelines, you will also have more security for your card – at least for POS transactions.
August 2014 saw the end of signing for debit cards, but there are still a few things you need to know about “PIN-only” transactions. So reading up on how it affects card security, exceptions to the PIN-only rule and solutions to forgetting your PIN mean that you will be able to keep using your cards safely and conveniently.
Questions & Answers for the Three Things You Need to Know About PIN-Only Transactions