Mastercard did not just “finally” realise this. They realised it back in the 90s when they were involved in the creation of EMV, which replace the “signature” method of cardholder verification with PINs.
Signatures have been all but obsolete for purchases in Europe for years; I can’t even remember the last time I used it here. Everything is contact or contactless EMV now, authenticated by PINs.
Canada as well. We transitioned later than the EU, the big push started in the late 2000s and they just recently finished the last of the liability shifts to the merchant (some gas pumps got an extension since they were more expensive to upgrade). Aside from BC Ferries, I haven't had anyone swipe my card in years, and most transactions are contactless.
When I was in Belgium last year, with my American chip-but-no-pin credit card, the terminal would just spit out an extra long receipt and the slightly confused cashier would say, "oh, you have to sign ... somewhere" since there wasn't a line or spot for it.
Similarly, every time I am in America (although last time was a already a long while ago) with my Belgian chip-and-pin credit card, the terminal would show a cryptic error message with a slightly confused cashier saying, "sorry, your card doesn't work" (or sometimes: "is refused"). Queue me pointing to another terminal: "don't swipe the card, insert it in the sleeve and let me enter my pin."
Same problem at shopping malls in China, by the way (where the language makes the explaining even more fun).
When paying with a German bank card in Germany (especially in supermarkets), you’ll sometimes be asked for a signature instead of a PIN. This usually means that you give the merchant a mandate to debit your bank account directly rather than having the credit card networks process the payment, resulting in lower fees.
Italy: I've never been asked for a PIN, which I don't remember and I'm happy not to have to. It was swype and signature, then it became chip with signature and it's contactless without signature now, but only for amounts under 25 Euro, I think.
Also Italy: I've never signed when paying with my card, whether chip or contactless. Always PIN, except if it's contactless and the amount is low, in which case no PIN. This is also what I see when I see others pay for things in shops with their card. Not sure how to match this up with your experience...
Different regions? Milano here, but I really never used a PIN even when I used my cards in other cities around the country. If some shop asks me for a PIN I would have to pay cash or with the debit card.
Oddly enough I got a Gold MasterCard from a Luxembourgian bank (Advanzia) that almost (but not always!) asks the payment terminal for signature instead of the PIN.
PINs are a lot more dubious. If you get fraud on your account that is verified by PIN, then you will have an impossible time charging it back in the case of fraud. So PINs are safer for merchants and for credit card companies, but less safe for consumers if there ever is fraud. It's the exact opposite of what you would expect.
If you pick a common 4-digit PIN, there are 10 000 possibilities for your PIN code. Given that your card will block after 3 incorrect tries, the probability that a thief will correctly guess your PIN code is ~0.03%. If you pick a 5- or 6-digit PIN, that probability is 0 for all intents and purposes, since it's extremely likely that the thief will assume a 4-digit PIN.
In most countries, you cannot choose the length of your PIN; often it is limited to 4 digits, and e.g. some ATMs don't even wait for you to press enter after you enter the fourth digit (UK).
In Australia you can choose a PIN up to 6 digits, though the banks may warn you that a >4 digit PIN can be problematic in countries like, well, the UK I suppose.
edit: huh, it's actually more than 6. According to Commonwealth Bank, it can be up to 12.
Given no one checks card signatures, a signature based system relies on you reading your statement carefully and going through the process of disputing a charge, and depending on the scale of the fraud you may well not notice.
With a PIN based system, on the other hand, they're blocked from making the transaction to begin with.
It’s my understanding that this isn’t totally true. You are liable for the fraud if you have been “negligent” with your PIN and stored it insecurely or divulged it. If the fraudster obtained it through some other means then your bank is liable. It’s true that the merchant isn’t liable.
Signatures have been all but obsolete for purchases in Europe for years; I can’t even remember the last time I used it here. Everything is contact or contactless EMV now, authenticated by PINs.