Huh???

This was discovered years ago and since then the gift cards have that "scratch-off" substance over the serial number, similar to that of a scratch of lottery ticket so the number can't be copied down prior to activiation.

WTF?

Probably more like someone reads the magstripe from a stack of cards and puts them back for someone to activate. No need to write down anything.

APE992: Probably more like someone reads the magstripe from a stack of cards and puts them back for someone to activate. No need to write down anything.

In other news, I just discovered a flaw in credit and bank cards.

NeedleGuy: Huh???

This was discovered years ago and since then the gift cards have that "scratch-off" substance over the serial number, similar to that of a scratch of lottery ticket so the number can't be copied down prior to activiation.

WTF?

NeedleGuy: Huh???

This was discovered years ago and since then the gift cards have that "scratch-off" substance over the serial number, similar to that of a scratch of lottery ticket so the number can't be copied down prior to activiation.

WTF?

Apparently, while these cards have a scratch off PIN, they don't actually use the pin for anything. Simple solution: USE THE PIN.

mgary: NeedleGuy: Huh???

This was discovered years ago and since then the gift cards have that "scratch-off" substance over the serial number, similar to that of a scratch of lottery ticket so the number can't be copied down prior to activiation.

WTF?

NeedleGuy: Huh???

This was discovered years ago and since then the gift cards have that "scratch-off" substance over the serial number, similar to that of a scratch of lottery ticket so the number can't be copied down prior to activiation.

WTF?

Apparently, while these cards have a scratch off PIN, they don't actually use the pin for anything. Simple solution: USE THE PIN.

FTFA: Starbucks' gift cards come with secure PIN numbers that aren't revealed until they are scratched off. But Ewing says that number isn't needed to scam someone else's card.

so i dont think thats gonna work either

I can't get over the fact that if I know someone's name and address, I can walk into any pharmacy and steal their meds without showing an ID or even giving my name.

irgunner: I can't get over the fact that if I know someone's name and address, I can walk into any pharmacy and steal their meds without showing an ID or even giving my name.

It's not really stealing if you have to pay for it. You do still have to pay for it. Yeah, you're getting someone else's butt itch cream, but it's not really stealing.

2nd, at my pharmacy, you also have to know what you're there to pick up. If you don't know the name of the medication you're there to get, they make you show ID to prove you are who you say you are. It's one of the reasons I use that pharmacy over the one that's closer to my home.

Freakin Rican: mgary: NeedleGuy: Huh???

Apparently, while these cards have a scratch off PIN, they don't actually use the pin for anything. Simple solution: USE THE PIN.

FTFA: Starbucks' gift cards come with secure PIN numbers that aren't revealed until they are scratched off. But Ewing says that number isn't needed to scam someone else's card.

so i dont think thats gonna work either

That was my point. Starbucks already has a ready-made solution, they just need to implement a policy that you can't use the bar code without the matching PIN. Problem Solved.

ComputerBob: irgunner: I can't get over the fact that if I know someone's name and address, I can walk into any pharmacy and steal their meds without showing an ID or even giving my name.

It's not really stealing if you have to pay for it. You do still have to pay for it. Yeah, you're getting someone else's butt itch cream, but it's not really stealing.

2nd, at my pharmacy, you also have to know what you're there to pick up. If you don't know the name of the medication you're there to get, they make you show ID to prove you are who you say you are. It's one of the reasons I use that pharmacy over the one that's closer to my home.

Ive got to believe if you started showing up and starting picking up some cancer patients load of oxycontin that people might be interested in what you're doing. - and given that almost no one is paying full retail price for meds you would be, at the very least, stealing from the insurance company that paid the 90% of the cost of that prescription.

/Interestingly enough doing this would be trivial if you had someone on the inside - one of those $9/hour techs they employ now - telling you which scripts to ask for. I would HOPE that after some very small amount of time the pharmacy would catch on but you never know.

For a company that's convinced morons to buy water flavoured with burnt beans at 4$ a cup, they aren't very clever in other areas are they.

There was a big ring that was busted in Georgia doing this at Home Depot years ago.

They would shoplift the un-activated cards, take them home and scan them, then return them to the store and put them back on the displays. Then all they had to do was check card balances online and clean them out when they were activated.

ComputerBob: irgunner: I can't get over the fact that if I know someone's name and address, I can walk into any pharmacy and steal their meds without showing an ID or even giving my name.

It's not really stealing if you have to pay for it. You do still have to pay for it. Yeah, you're getting someone else's butt itch cream, but it's not really stealing.

I believe that's called... uh... FROWD

This story involves people who give gift cards, patronize Starbucks, have smart phones and have a Starbucks 'app' on said phone all to steal what? Twenty five bucks?

I'm sorry but my sympathy meter is still trying to sleep off excessive amounts of turkey.

irgunner: I can't get over the fact that if I know someone's name and address, I can walk into any pharmacy and steal their meds without showing an ID or even giving my name.

They have changed the law in Ontario so you are now required to show ID to pick up "controled" drug prescriptions - seems like such a good idea, but it's kinda sad that we can no longer trust anyone and that you pharmacist/pharmacy staff doesn't know who you are anymore..

/ God-I'm getting old
// get off my lawn

Fizpez: Ive got to believe if you started showing up and starting picking up some cancer patients load of oxycontin that people might be interested in what you're doing. - and given that almost no one is paying full retail price for meds you would be, at the very least, stealing from the insurance company that paid the 90% of the cost of that prescription.

When I worked for a drug company we had a client that went over their credit limit. I looked at their purchases to see if an increase was warranted and found that 100% of their purchases were oxycodone, which seemed odd. SO i asked their sales rep about them and he said they were a "pain pharmacy".

The next week he said, he thought there may be something funny going on. He went by the store and the line went out the door. It appeared people were going in to a doctor next door, paying $20 for a script and then getting it filled next door. We had no choice but to report them and they got busted.

Now, consider the fact that this pharmacy was buying nothing but pain pills, was so brazen that they had people lined up outside the door and it only got discovered because they went over their credit limit.

The easy way to avoid this sort of thing?

Buy things with money.

Why can't the info in question be stored on the cards themselves instead of in $tarbuck$' computer system so a thief can't exploit the flaw with having that card itself?

The problem is that the numbers used by the app and the card are the same.

One secure solution is that the app generates its own number. If you have a card, you can use the number (plus the pin) to transfer the amount from the card to the app.

So if you skim the numbers from a stack of unactivated cards, you're still SOL. You don't have the pin plus once the legitimate user has loaded his app account from the card, the card is tapped.

SharkTrager: Now, consider the fact that this pharmacy was buying nothing but pain pills, was so brazen that they had people lined up outside the door and it only got discovered because they went over their credit limit.

And yet pot is illegal...because it's so dangerous.
/rolleyes

radioberlin: The easy way to avoid this sort of thing?

Buy things with money.

THIS.

Gift cards have to be the stupidest thing you could ever buy. The marketing guy who came up with them and convinced people they needed to use them was an absolute genius. I could just imagine the pitch to the boss:

"Here's what we'll do: We'll make a product that turns cash (which can be used at any store) into this plastic thing that you can use to buy stuff at one store! Seriously, people will use them!!"

I would have laughed him out of the office, but here we are.

Cloudchaser Sakonige the Red Wolf: Why can't the info in question be stored on the cards themselves instead of in $tarbuck$' computer system so a thief can't exploit the flaw with having that card itself?

If you mean having the balance and stuff on it, with a small investment of money, you could have unlimited funds at Starbucks instead of whatever the other person is putting on the card. Unless there was some sort of rolling encryption on it. But that would still require stuff to be stored on the SB computers. Also, because the data on the card would have a predictable pattern on it, it would only be a matter of time before it got hacked again so that the thieves would know what data to put back on the card.

If I remember correctly, the original chip and pin credit cards, is that the pin number was not needed. But you still needed to enter ""any""" 4 digit number to make it authorize.

/And regulations up there in Canada, make gift cards """never""" expire(or at least a 2 to 5 year expiry date).
//Unlike in the U.S. with a redeem before 3 months and pay a transaction fee per use and why don't you give cash next time asshole.

I've found a foolproof way to protect myself from this scam...

The solution is to somehow physically put the coffee into the card. Not only could you drink from your wallet at leisure, but what thief is going to want your cooties?.

Get Lost: If I remember correctly, the original chip and pin credit cards, is that the pin number was not needed. But you still needed to enter ""any""" 4 digit number to make it authorize.

Chip and pin does have some redeeming features, but it was designed in secret (which left big holes to be found by outsiders) and banks chose to implement the simplest, cheapest, easiest to hack methods first. The EMV designers should've known better, and both kept things public and simply not offer the cheaper options. It's really not rocket science.

Hector Remarkable: The solution is to somehow physically put the coffee into the card. Not only could you drink from your wallet at leisure, but what thief is going to want your cooties?.

Oh come on. You'll never keep the coffee hot enough.

Get Lost: //Unlike in the U.S. with a redeem before 3 months and pay a transaction fee per use and why don't you give cash next time asshole.

Gift cards are still stupid, but at least in California they don't expire and don't come with transaction fees.

Also, you can walk into starbucks any time you want and steal napkins and little stirring sticks. No one is even guarding them. If you do it a little bit at a time, you can eventually get like, a lot of them.

flaminio: Get Lost: //Unlike in the U.S. with a redeem before 3 months and pay a transaction fee per use and why don't you give cash next time asshole.

Gift cards are still stupid, but at least in California they don't expire and don't come with transaction fees.

and when it gets under $10, you can redeem it for the cash value. my company freaked out because they were giving gift cards away to customers and they were having to actually pay cash on them.

flaminio: Get Lost: //Unlike in the U.S. with a redeem before 3 months and pay a transaction fee per use and why don't you give cash next time asshole.

Gift cards are still stupid, but at least in California they don't expire and don't come with transaction fees.

Other than Barnes&Noble, I've never had a card that did expire or used transaction fees. Most places say they're good as long as the store's in business. Smarter that way (for the business), too, since people don't worry about spending it right away, so they're more likely to forget about it and never spend the card.

Gift cards are still stupid, but at least in California they don't expire and don't come with transaction fees.

Same in Massachusetts.

+1 lawmakers

I despise Starbucks. Their coffee is positively VILE! The ONLY reason I ever shop there is because it is a nice place to meet dates abd for some reason all the women I have dated like the foul stuff Starbucks serves.

I just got a SB card for my birthday, and wow, they don't have PINs on them. So the scam is quite doable.

Delawheredad: I despise Starbucks. Their coffee is positively VILE! The ONLY reason I ever shop there is because it is a nice place to meet dates abd for some reason all the women I have dated like the foul stuff Starbucks serves.

The coffee itself is like bits of molten hell in your mouth. However, the caramel frapuccinos are tasty.