The slow death of the credit card signature
The death of the signature is not so much an acute cardiac event as a slow decline — one led, Manning says, by merchants themselves. The problem with signatures, besides general inefficacy, is that they are cumbersome (merchants have to store their copies somewhere) and slow. For smaller transactions, he says, it made more sense for merchants to eat the occasional cost of a disputed transaction than to slow down the line.
“The fast-food industry was clamoring to have swipe-based, non-signature-based transactions, because [signing] was slowing down the line. Even if it was as little as 30 seconds, you multiply that by hundreds of people, and it was a huge cost savings for them in terms of manpower,” he says. And so a threshold emerged: Starting around 2010, according to the Times, credit card networks stopped requiring signatures on purchases under $25 or $50, although it was up to individual merchants whether to take advantage of the revised policy.
Many did not. “The jumble of rules about which transactions required signatures and which did not — every issuer has its own policies — discouraged many merchants, especially smaller ones, from scrapping signatures altogether,” explained the Times.
And then came April 2018, when Mastercard, Visa, American Express, and Discover agreed they would no longer require signatures at the point of any sale. (The rules of each network are slightly different: Visa doesn’t require signatures in North America, but only for merchants with payment systems that read chip cards; Mastercard is ditching signatures, but only in the US and Canada.)
“The change is part of Discover’s efforts to continually improve the payment experience by speeding up the time spent at checkout all while maintaining a high level of security for both customers and merchants,” a representative for the company wrote me (by email, no signature), citing a number of “digital authentication technologies” that have replaced our indistinguishable scribbles. “With the rise in new payment security capabilities, like chip technology and tokenization, the time was right to remove this step from the checkout experience.”
Until relatively recently, the US checkout experience was not good. You might even say it was bad; at Vox, Timothy B. Lee termed it “old and busted.” Until 2015, in the US, you made in-person credit card purchases by swiping a magnetic strip on your card, which, Lee explains, contains “a machine-readable version of the same information that’s printed on the card itself: the account number, account holder’s name, and the card expiration date.” But this meant you were sharing your data with everyone, all the time.
Eventually, the US caught on to what Europe and Asia already knew, and transitioned away from strips to chips. Chip cards, the current standard, contain a tiny computer chip that creates a one-off code for every transaction. But while other countries use “chip and PIN” technology, which pairs the chip with a debit card-esque personal identification number, the US transitioned to a chip-and-signature system. We just love signing things here; after football, it is our national pastime.
Tokenization, meanwhile, is what happens when you use something like Apple Pay, which instead of using your actual credit card number creates a “string of seemingly nonsensical letters and numbers” representing your credit card number, NerdWallet explains. It is drastically more secure than signing your name.
So why are you still constantly signing things?
The fact that several major credit card networks no longer require signatures — and the fact that more and more shopping is happening online, where signatures are not required anyway — has not changed the reality that a lot of us are still signing a lot of receipts. Small receipts, even!
I bring my concerns to Discover (I do not have a Discover card). “Keep in mind that while Discover does not require signatures anymore, merchants may decide to still require one when customers are checking out,” the rep tells me, adding that if merchants want to transition away from signatures, they “may need to update their point of sale systems.”
Is the answer to this mystery that my merchants just haven’t updated their sale systems yet? “The vast majority of merchants have gone along with the networks and said no more signing,” Rossman says, with one categorical exception: bars and restaurants, which still commonly ask for signatures. “You’re leaving a tip that changes the bill,” which, he says, is “different than signing for something with a fixed price.” The fact that you’re changing the total after the fact is “a big part of why they still want you to sign.”
He points me to an article about high-concept dine-and-dashers, who specifically don’t sign restaurant receipts and then dispute the charges later. About half the time, he says, people get away with it. (Rossman stresses that this is still a bad idea, because of ethics.)
If you forget to sign, though, probably nothing bad will happen to you. “I think the key here is whether or not you dispute it,” he assures me. “If you just forget to sign it, chances are everything will go through just fine. If you wrote a tip on the card, it should get processed. Your card should get billed. Everything should be totally legit.” This is soothing, in a way, but also underscores the futility of signatures.
It’s possible, Rossman speculates, that they could be useful in other ways: Some merchants “may have had instances of fraud,” he suggests. “Or they just want to be careful.”
He tells me that while chip technology has ushered in the post-signature age, the real future is most likely in biometrics. “I think we’re already seeing some nudges in this direction with things like Apple Pay,” which uses touch or face ID, depending on the model of the phone. Visa is currently piloting a biometric payment card that recognizes your fingerprint. “That’s really where payments are headed,” he says.
Until then, we will continue to sign, whatever that means: a name, a line, a picture of a dog.
Analysis
The concept of payment security is complex, to say the least. This article talks through the rise and fall of the signature requirement every time you paid with a credit card, detailing exactly just why the signature was more of an “honor system” trend rather than any actual security measure. All the information from your credit card was still completely accessible on your credit card – your number, CCV, expiration date – and every time you bought something using a mag stripe, that data was shared with the world. Your signature was there to prove it was you, but half of our signatures aren’t even legible, so where was the security in that? Today’s technologies, such as chip readers and Apple Pay, hide the important numbers from prying eyes. If there’s anything that should be secured, it’s your bank account, so it’s important to consider the technology keeping your credit cards protected. I’d soon imagine, as does the article, that more biometric-centered design solutions will start popping up in the name of security. Imagine paying with a fingerprint, facial scan, or voice confirmation rather than a physical card.
Source
Sugar, R. (2018, December 5). Why are we still signing credit card receipts?. Vox. https://www.vox.com/the-goods/2018/12/5/18092092/credit-card-signatures-receipt-explained