Hacker News new | past | comments | ask | show | jobs | submit login
My bank sent me 64 copies of the same debit card (reddit.com)
455 points by elliekelly 38 days ago | hide | past | favorite | 358 comments

Plastic card distribution can be extremely frustrating, because the only time you need it to happen is when you don't actually want it to be needed (fruad, loss, damage, new account, whatever). You just want to fucking buy things, not deal with shipping incompetence, you know?

This reminds me of a time I was traveling and had to cancel a lost credit card. I told the card company that I was not at home,was definitely outside of the country, not going to be home, definitely staying at an address that was not the home address listed on the account, wanted the card to be sent to _me_ and not my _home_, gave them my foreign delivery address 5 times over as many weeks, got 5 separate promises that the card was definitely going to reach me at my outside-of-the-country-and-not-at-home location in just a few business days, and the card never showed up. So I just gave up. And then, when I finally went home there were 5 goddamn cards in my mail slot.

Honestly this reason alone makes Apple's purely digital credit card my favorite. Need a new card number? Just push a button. No incompetent shipping divisions with 5 hops and as many business days between you and your ability to buy things when your card number is breached.

Had a similar feeling of frustration the other day when I thought I had lost my wallet and was considering what a pain in the ass it was going to be to get my ID and cards replaced. 4-6 weeks for a replacement CA driver’s license, and you have to go to a physical DMV location! I know that digital-only management of identity and payment is a whole new can of worms, but I spent a lot of time thinking about how absurd it is that we still require possession of a small piece of plastic to operate as an adult in the world, and how losing that plastic cuts you off from a great many things.

(Turns out I threw the wallet in the recycling can while cleaning the garage. So I guess don’t pay me to build the system that replaces physical identity tokens.)

I once threw away a fast food bag that contained our checkbook, $100 in cash, plus the title and registration paperwork for our new car! We didn't realize until a few days later, but fortunately we found the bag before the trash pickup came :)

One nice Friday night when I was tired and barely walking after long week I threw into the trash my wallet with some cash, credit card, debit card, subway pass, driver license and US green card. Then I threw the trash into container next to my apartment building. Didn't remember a thing.

Next morning after more than ~1 hour of turning my apartment upside down I, out of desperation and thanks to intuition, dove into container and recovered my trash bag. Everything apart from cash survived.

The cash was destroyed by the garbage.. juices? Or someone found and took it?

Destroyed by the garbage. Cards survived due to being plastic. Wallet went to washing machine.

If it was any amount worth the effort, you could have sent it to https://bep.gov/services/currencyredemption.html

As someone who's done this, I can 2nd this comment.

Fire damage.

I fail to understand why anyone would keep such important documents in a fast food bag.

Have you never been in a situation where 2 hands were not enough, but that's all you had? Sometimes, getting out the car is a lot easier combining things that are not in a pocket or bag/purse into whatever back you might be carrying into the house with you.

Wallet goes in right front pocket. Phone goes in left front pocket. Keys goes with wallet.

Exception: When I'm out running, if cell phones are forbidden (certain locations at certain customers), or if I wear a suit (things like weddings, funerals and when I celebrate 17th of May.)

If a pair of trousers cannot hold these items I don't buy them.

Sticking to these invariants makes for less frustration. Not sticking to them means frustration twice a month or so.

You are my people.

You know what? Based on my life experience to this point I wouldn’t do that. On a couple of occasions I’ve had an idea of where to put something (e.g. “if I put the money here it will be safe”) and my brain stop me (e.g. “are you stupid? You’ll never remember you put it here. Put it somewhere you’ll actually check if you cant remember”) and it stops me. Benefit of getting older and learning from past mistakes?

I was wondering the same as gp. Why would anyone ever do something that risky and obviously stupid?

Then I read your comment and realized I've done this like 6 times in last year...

I was wondering the same thing, believe me!

Sometimes if you are in a hurry, such things happen.

I only carry my debit card and drivers licence as a backup incase my phone goes flat. My digital drivers licence is accepted by police and vehicle registration has been entirely digital for years. If I lost my physical one I don't think I would bother replacing it. I can register an expired vehicle through an app and drive it immediately. The only time I go to a service centre is once a decade to get a licence picture.

If I report a lost debit/credit card to prevent fraud then the card is cancelled and I can't pay with my phone and have to wait a week for a replacement card. At least I can still drive without a physical licence.

That sounds great. Can I ask which country you live in?

Don't know where OP lives, but here in India, I lost my driver's license a long time ago and only "carry" a digital copy of it in an app called DigiLocker. Digilocker also contains registration documents of all vehicles I own, Income Tax (PAN) card, insurance policies, high school/university transcripts, etc.

My "cash" or card transactions has gone down manifold over the last couple of years. Everyone, including roadside vendors, accept mobile payments that's enabled using UPI (unified payments interface) that's tied to my bank account. There are dozens of apps and "wallets" that use it, including Google Pay, Amazon Pay, Paytm, PhonePe, etc.

My income tax records are all available online, and "filing" is a matter of importing this data using a tool that the income tax department makes available on their website, checking the pre-filled forms, and pushing the "submit" button -- signed using an Aadhaar number enabled OTP.

I was thinking the same. Except passport and credit cards I don't really need any other physical document. And most of this happened in India in the last decade quietly. Sure there are many concerns with Aadhar and some of the other things but it has reduced friction in so many of activities.

Sounds similar to how I do my tax on gov.au here. There are a lot of federal government services on there, most I have never used, and an OTP app. Income tax takes a few minutes. It knows about any contributions. If you have simple financials it is reasonably painless. If you have a lot of money and investments you are going to an accountant anyway.

Australia, although I think this would not be uncommon for most developed countries as it is a big cost saving for government. Licensing and registration are state responsibilities and each state has different systems.

Vehicle rego can be checked in the app so I can see my expiry and get notifications when renewal is due. We haven't had to attach any physical proof of vehicle registration since 2011.

The app can be used as proof of digital licences for boats, cars, trucks and for occupational licences (builders, tradies, security) since 2017. I can also view demerit points. Also does proof of age and more recently COVID checkins. The app was locally developed. I think most states here have similar systems https://my.sa.gov.au/

Here in NSW it is not quite so streamlined, Registration renewal requires a vehicle inspection by an accredited mechanic (and related paper work).

The inspection itself isn't anything complex I think they check brakes, headlights and such usually takes about 20 minutes I drop car off go and grab a coffee and it's ready when I get back.

Once the inspection is done everything else can be done online.

I don't mind the process so much (I only own 1 vehicle and live in city) but my parents for example live in a remote location (50 minute drive to get to mechanic) and have multiple cars, a boat trailer and a regular trailer which all have the same registration date so for my Dad it is pretty much an entire days adventure to get all the various inspections done.

NSW is kind of weird though. They have religious education in government schools which astonishes most Aussies.

Nearly everyone gets their car serviced regularly every 6 to 12 months and they risk being defected if driving with a fault. My guess is a comparison of road safety outcomes between states would show very little benefit as the other states haven't leapt in to follow the example.

I remember paying my SA car rego with laptop over Maccas wifi in Devonport after rolling off the ferry sometime in the naughties. We didn't do it with our phones because they were still potatoes.

Wish it was possible here in the US, but because every one of our 50 states handles ID in a different way, it'd be a logistical nightmare without federal involvement.

We have no national ID in Australia and the federal government has limited constitutional powers. We have tax file numbers and medicare numbers but they are only used for tax or medical payments and for nothing else.

Like the US it is a federal system and states have constitutional authority over road rules, registration and licensing and can do their own thing. Every state has its own websites and apps for these things. Half our states do not have digital licences yet but some of them will be ahead in other areas. I suspect if we had to wait for something national to happen the less progressive states would hold us all back.

Sounds suspiciously like the United Kingdom. I don't think a single government service remains that cannot be done online. Not only that, but they actively invest a vast amount of resources into convincing anyone who tries to use physical services (mail, phone) that they are making a huge mistake. Anyone unfortunate enough to have to phone up any government office must to spend at least 3 minutes hearing about how much easier it would be to just use the website.

As a UK national overseas I don't know pains of calling up anywhere, and for sure there will be pains for many in varied forms, but find gov.uk consistently excellent from personal affairs to running a business. While not applicable as gov.uk does everything I need, surely channels exist for those than cannot, or unable, to use it?

Example: setting up national insurance contributions from abroad. You can't do that online, and so being repeatedly told to use the website while on hold on HMRC's phone lines (if you're lucky enough that their voice recognition system didn't hang up on you) is adding insult to injury.

Can you apply for (exchanging) a driving licence now online? DVLA services were still not online about a year ago.

Not sure if it was just a temp measure during the pandemic, but last May I renewed my driving CA license completely online, and they mailed it to my home address; no visit to DMV was necessary.

I saw that, too. Unfortunately, it’s only valid if they’ve sent you a renewal notice. My DL expires this year but I haven’t received a notice yet, so I was ineligible.

Go onto the online portal and try and renew now. I did it 3 months before receiving the notice.

At some point, your DL picture is too old, and they need you to come in to get an updated picture. Not sure the frequency, once every 10 years, every other renewal, etc, but the GP could have been subject to some similar circumstance.

That makes sense. I was more calling out that you don’t need to wait for the physical renewal form to do an online renewal - the system seems to make it an option 5-6 months prior to expiration.

DMV recently charged me $25 to get a printed sheet of paper mailed to my house (replacement registration). They dont even send you the original sized item, they just blow it up and print it on a regular 8.5x 11. Hell they should have just sent me the PDF and i could have printed it myself w/o the need for a stamp (or covid transmission)...

Part of it must be to enforce address requirements.

Funny thing I learned is you dont actually have to have the original registration card, you can also have a facsimile (which i take to mean a photocopy).

& I think one can print the same on their instant kiosk booths too, although for same money.

I’d suggest for future reference getting a passport card.

It meets all identity requirements and has the benefit of not providing your address.

«has the benefit of not providing your address.»

Little known fact: you can have a PO BOX address on your driving license (California). When you give the DMV your physical residence address, and a different mailing address, they will print the mailing address on the driver license. That's what I do.

only works for citizens

And green card holders

Not green card holders, only citizens.

Of course green card holders have a separate id card that they legally must carry with them at all times, so they don’t need a passport card.

Became a US citizen recently. You lose your green card on the day of the ceremony. If you don’t drive you suddenly find yourself with no ID for a few weeks.

You still have your passport from your original country no?

Yeah but it’s frustrating to carry it around when you’ve had a card, previously.

> Of course green card holders have a separate id card that they legally must carry with them at all times

It is utterly beyond me to guess how such a system can possibly make any sort of meaningful difference to law enforcement. Or even how it can be enforced in any meaningful way.

It's pretty much not enforced. And a replacement card is $500+ and months of wait, so I don't blame anyone for not carry it.

My friend just carried a copy of the card - not sufficient to meet the requirements of the law, but probably enough to satisfy any initial inquiries until you can get your physical card.

500 dollars? That's highway robbery! Minimum wage is about $8, so some poor guys have to fork out well over a weeks wages for a piece of plastic. U sure it's 500 and not 50?


$540 total fee "if your card is lost or stolen."

It cost me almost $3000 in fees to get my green card. That’s direct fees, no lawyers or anything.

Specially when law enforcement is not supposed to ask about immigration status unless one can't produce any ID or have probable cause.

Here's how that will go down:

OFFICER: what is your immigration status, Sir?

IMMIGRANT (thinking fast): uhh, er, pure blooded, Sir!

OFFICER: on your way then, young lad! I can't ask for your id because you don't need one. Have a nice day.

Not likely they can catch someone out unless they literally have his picture in hand. In which case, he obviously has bigger problems then not having his id card on him...

About 8 years ago my wife and I were driving to Vegas from Houston. Its basically 2 roads, I-10 from Houston to Phoenix and then some shitty state highway between Phoenix and Vegas.

Along I-10, we were stopped 5 different times at immigration checkpoints and asked a single word question "American?" and sent on our way. Our final stop was on the bypass bridge next to the Hoover Dam, same single word question, except this time, they required our IDs and asked for passports.

My wife and I are US Citizens, and at the time had no passports. Mine had expired around the year 2000, and she had never had one. Trying to explain that to some asshole hassling us felt impossible. After 15 minutes of us pulled to the side, they brought our licenses back to us and sent us on our way.

We never drove to Vegas again.

I wonder how many illegals the first 4 checkpoints managed to nab. I'm not sure how it's possible to manage there things without bothering some innocents.

Thanks for the correction.

I had an acquaintance who carried a non-citizen US passport... TIL apparently there is an edge case for certain Pacific Islanders.

A non-US citizen by definition cannot receive a US passport, which a US passport card is.

Good point, especially homeless people are vulnerable, if they lose their papers they might not be able to get new ones.

Agree, & I think now you can order a replacement driving license on their website as long as it is not near its expiry.

Let us not forget the value of having it mailed to their home address for majority of the population. It provides some guarantee that the person who gets mail at the address is the only one who will get to use it.

Most of the population use insecure Android phones and are not the Little Snitch & 1Password wielding HN crowd.

Apple's card wouldn't seem so bad to me if they didn't treat debt to Apple differently [0] & lock people out of all of their Apple services when there's a payment overdue. It's crappy enough to be behind on bills without that sort of pile-on, not to mention the Kafka-esque process of fixing the issue.

[0] https://dcurt.is/apple-card-can-disable-your-icloud-account

> It appears as though charges from Apple are special, and if your account is not 100% current, Apple will quickly take drastic action.

It's not just charges made on your Apple card. Here's a comment thread[1] from two years ago when I mentioned Apple did the same thing to me over a recurring charge for iCloud that failed because I got a new debit card and didn't update it in time. (I was traveling.)

Unlike the author of the post you linked I was given zero notice or warning that all-things-Apple would stop functioning. I had assumed the charge would just fail the same way any other charge to a "bad" card wouldn't go through and that my iCloud subscription might lapse. I never in a million years imagined the charge would create an $8 debt to Apple payable immediately and that my iPhone (which I owned outright, not financed through Apple or anyone else) would be bricked unless and until I paid up. I was unable to download anything from the app store at all until I entered new payment information. I couldn't even download free updates to free third-party apps.

Over $8.


> and that my iPhone (which I owned outright, not financed through Apple or anyone else) would be bricked unless and until I paid up

Last time you described this situation as "the app store was basically bricked on my phone". That's quite a difference.

Most apps require constant updates or they stop working.

I had set up my iphone to only update on wifi, and was travelling for a month or so only using mobile network.

When I tried to get an uber, I realized the app didn't work correctly (the driver appeared to be in the middle of the ocean). Same for other apps.

Games and apps that don't use heavy server code work fine, but google maps, uber, whatsapp, facebook, and some of the KEY things will break eventually if you never update them.

Once my bank forced me to update. When I went to make a “scheduled payment” (as I like to do after opening my bills...), it now said “coming soon”.

I was not impressed.

Google maps probably won't break, but other things might.


It was quite a while ago but IIRC it was around the time of a major iOS update (which I had done) and so in the days that followed many of the apps “required” an update which I couldn’t complete. I wish I could remember which app needed updating that finally pushed me to add my credit card as a payment method. But here I am two+ years later and that AmEx is still the card associated with my AppleID rather than my debit card.

I've had my debit card replaced and forgot to update Apple's payment details

The phone might as well be bricked, updates fail and constantly pop up the payment screen, can't install new apps.

It's like having a virus on your phone.

Just out of curiosity, do you still rely on an Apple phone?

This doesn't sound like it's Apple Card but rather the Apple Store doing the disabling.

He said his Bank Account info had changed and the Auto-Pay to Apple Card failed. He mentions a card decline but that he had available balance, he never mentions that is Apple Card is disabled however and is vague about the specifics surrounding the card.

He bought a Macbook, didn't or wasn't able to fulfill the trade-in, and thus the Apple Store determined he owed the amount they credited for the Trade-In. So when the Apple Store tried to debit his Apple Card for the trade-in amount it failed. The Apple Store then disabled the device purchased and the accounts associated with the purchase.

I have a feeling if you tried to do this with a Pre-Paid Visa or a Debit Account, Apple would still disable the device and accounts.

* Yeah it's just what I said. Apple/Store froze his accounts, not Apple Card.


This will happen to anyone's accounts if they don't fulfill a transaction with Apple Store. It has nothing to do with Apple Pay.

** I also find it strange that he missed an email from Apple telling him he was delinquent on his purchase AND didn't see any emails about an Auto-Pay failure all while waiting for an email from Apple Support about his account being disabled.

Maybe it would still happen with some other card, though probably only if the purchase was directly linked to your account, e.g., buying from Apple's website or retail store. If you used a standard visa card at Best Buy, you'd be fine. Strong reason not to buy direct, if you're going to buy at all.

While that is definitely concerning, they did clarify that missing card payments will not result in a Apple lockout.

In this case, the person received a trade-in credit for a phone, did not send the phone in, and then when Apple tried to collect the trade-in credit, that payment bounced.


It's still more than worrying enough that I will not use Apple Pay because the consequences of something going wrong and having my Apple Dev account locked are _way_ too high.

What if that phone had got lost/stolen in transit, instead of not being sent at all?

I don’t understand how this is associated with Apple Pay: you don’t need Apple’s branded credit card to use Apple Pay. I have an Amex card that I use for everything except buying Apple products.

I know the original article is going to get shared way more than the follow-up from Apple that actually explains the events:


> lock people out of all of their Apple services when there's a payment overdue

They did not do this.

He forgot to send them his trade-in and that triggered it. Nothing to do with the card.

It’s kinda outrageous he hasn’t updated the article to indicate this.

I am trying hard these days not to resort to "judging heuristics" and jump into conclusions about people, but when I see someone calling themselves "Designer, hacker, investor, nomad.", it's like immediately know their type: the "fake it till you make it" entrepreneur wannebes. He also links to his GitHub everywhere, but he made literally no contribution whatsoever in the last 2 years except some README fixes.

"Cool people don't say they're cool".

No, lack of trade in wasn't the direct issue. They didn't lock everything due to failure to receive the trade, they locked it because of the debt that incurred. Read through some other comments-- someone else had the same thing happen for an $8 charge when it was rejected by the credit card company after posting to a cancelled card.

No, that person indicates they were only unable to download from the App Store until they fixed their payment method for the App Store. Which... makes sense?

The rest of their Apple ID, as far as I can tell, was unaffected. It's another example of big claims turning out to be far more mundane. https://news.ycombinator.com/item?id=26430248

They were locked out of more than the app store, including anything they stored on the iCloud account which is a separate service all together. It sounds identical to what happened in the story I linked to, although that one the person couldn't even sync their calendar. Maybe the $8 person didn't use that function & so didn't mention it. Or maybe it still worked, but it would be strange for all other things locked out to be the same but for that one thing.

Regardless, it doesn't make sense to me: Visa (Chase Bank) can't lock me out of a damn thing on on the phone I bought on Amazon. They can't even take the phone away: Most credit cards are unsecured debt, the phone isn't collateral that can be repo'ed. Store-branded cards, though also backed by a bank, are sometimes different and purchases are also security for the debt: one of the reasons I stay away from them. I live debt-free, have been fortunate to always be able to do so apart from a small mortgage, but don't really like the idea that a really bad run of luck could be compounded by having some of the things I need taken away from me as I try to dig myself out of a hole.

Why does it make sense you can't download FREE apps from the app store without a valid credit card? I get not being able to make purchases from the app store. But the app store is needed to get updates to banking apps, communication apps, etc... The price of that service is figured into the price of the device (you never have to purchase anything on the app store ever to use the app store)

If I owe the App Store money, it is not surprising to me that it refuses to work until I fulfill that debt.

They didn't owe the app store money.

Heck, they didn't even owe Apple money. They owed money to the bank backing the card: Goldman Sachs.

No, you're mixing up two cases.

Dustin Curtis claimed his Apple Card was the issue, but it wasn't. His not turning in his trade-in was the issue; that's owed to Apple directly.

I had a similarish threat from steam once. I wanted to chargeback a game and they said it would cost me access to my _entire library_ . Better to eat a $30 charge than to lose access to $1000s for games.

I had the same thing from an accidental purchase-- I purchased the PS4 version of a game instead of the PS3 version, and didn't actually have a PS4. After multiple exchanges and ultimately arguing my case with someone over the phone, they reverse the charge as a "one time courtesy"

The mere fact that you can "buy" a game on the Sony store that is available for multiple devices but not be able to play it on all of those devices is already ridiculous.

I've received three one time courtesy refunds. One game wouldn't start, and twice I've accidentally bought DLC rather than the game the DLC is for.

Can they legally even revoke your licenses to those games? Maybe they remove steam access but you’d still have the right to torrent those games?

Their TSA says the content licenses are tied to Steam. If you're banned from Steam, you lose the legal right to those games:

This license ends upon termination of (a) this Agreement or (b) a Subscription that includes the license. The Content and Services are licensed, not sold. Your license confers no title or ownership in the Content and Services. To make use of the Content and Services, you must have a Steam Account and you may be required to be running the Steam client and maintaining a connection to the Internet.

Suddenly steam games don't seem so cheap. They're hamstrung games compared to, say, back when you'd buy a nintendo cartridge and they'd basically have no control what you did with it then on (such as resell it on ebay or continue to play it whilst simultaneously disparaging them in public).

There really ought to be regulation around this. I fear it with Amazon and my Kindle library.

It's a bit of effort, but you can use Calibre (+ dedrm plugin) to backup your kindle content.


Over here "sending a credit card by mail" isn't a thing. At least definitely not the norm. You call the bank to order your new card to a specific branch. You then wait several days. They then send you an SMS saying it's ready. You then visit the branch, show your internal passport (aka "ID"), and they give you your new card.

How do you get one when you're abroad? No idea. You probably don't.

Where’s that? Sounds more frustrating than receiving 64 cards to be honest - what if the branch is out of your way/is closed when you get outta work?

Russia. Until recently mail (of snail mail variety) was notoriously unreliable, and mailboxes in row houses are out of the owner's sight and easily breachable

Mailboxes are just as breachable in the US, but the credit card companies and banks seem willing to eat the cost of occasional fraud.

One year I had an epic week of fraud. My credit card number was stolen by someone involved with a local restaurant, the replacement credit card was stolen from my mailbox, and my rent check was stolen from my landlord's mailbox at a completely different address (and successfully cashed!) There was a 3 day period where the only money I had access to was the cash in my wallet because my credit cards, checking account and savings account were all frozen while their account numbers got switched. All the fraud was covered by my bank though.

In the EU, the issue with checks doesn't exist.

SEPA direct debit is the usual setup for places where you'd expect to be able to pay via credit card (regardless of fees), and for e.g. small landlords you just set up a recurring SEPA push transfer (basically like ACH push, but free for normal consumer accounts) to the landlords account.

And for direct debit, you can technically just keep an eye out for unauthorized ones (they need to be shown to your bank 5 days in advance) and tell your bank to stop them before they debit your account. But AFAIK it's the bank(s) that owe you the money, though they can in-turn try to claw it back from whoever debited your account without authorization.

Really, the worst one can do with an IBAN is trolling by spamming transfers to it or signing it up for direct debits (and I'd expect that to cause me at most 1 bank day of no funds, while waiting for my bank to reverse a fraudulent debit). But the impact of the latter is limited (just set up a whitelist with your bank and have them auto-reject the spam), while the former is fairly costly (around 20~30 ct with the accounts that don't do fair-use throttling) and quite risky (harassment and KYC).

A similar experience when younger (and less financially secure!) has lead me to embrace n+1: my emergency fund (the part that isn’t in the coffee can in the freezer) lives in a separate bank than my checking, and I carry an Amex and a Visa as backup and pay with credit at all times.

I haven’t needed the redundancy since then but it’s comforting to know that I have a multi-month cushion to fight with banks if I need one.

Fraud can also be covered by the merchants, if thy didn’t use the chip. That’s why credit card companies are so eager to simply promote sales.

How did someone else cash the cheque, this blows my mind.

Based on the digital image of the check my bank had, they wrote over the payee name rather poorly, then took it to a sketchy payday loan type place.

Between zero problems getting as many cards and accounts as one wants, instant issue virtual cards and NFC/apps on the phones here in Russia, those stories from US sound ridiculous.

I only carry plastic because I find paying with the phone a bit cumbersome and besides the card doesn't have a battery and fits better in a pocket.

I have multiple spares laying around just in case. Sometimes the cats hide one, so what, the branch office is in 15 minutes walking distance.

Internet access is better and much cheaper too.

Maybe because Russia haven't had monstrous incumbents in either place and as a result the market worked as intended.

Was? It still is. Only the government itself uses it to send important documents. Other than that, it's mostly everyone's aliexpress orders.

The one bank that doesn't have branches, Tinkoff, uses courier delivery.

It's definitely not that inconvenient. You choose which branch it should go to, they work on Saturdays, and in my city with like 400k people there's 270 branches to pick from, one of which is surely convenient.


"internal passport" yeah, that phrase is being appropriated, thanks!

In Ukraine and Russia, your passport for ID and passport for travel may be two separate documents - паспорт and загранпаспорт, the former is probably what Griskha meant by 'internal'.

Yes. What English-speaking world calls "passport" is what in Russian is literally "abroad-passport".

In German it's literally "travel pass"

In English it's literally "pass port" to pass through a port.

> How do you get one when you're abroad? No idea. You probably don't.

You go to your embassy wherever you are and notarize a document that authorizes a trusted party within the country to deal with the bank (and forward you the plastic). If you don’t need cash, you can issue a non-physical card with a click and use it via Apple Pay.

At least my Polish bank absolutely doesn't have any problem sending me my cards to a foreign address. I have to set it as my main address on the web portal though, request a card, and then it arrives where it should.

Most of the credit cards in my wallet are issued by banks that don't even have a branch. The last time I got a plastic card issued in person was a debit card I got when I was a child.

How many credit cards do you have? And if it's 3+, then why do you have so many?

Just curious.

I have 4 credit cards, plus two visa debit cards.

I have Amex because I trust them most to be on _my_ side instead of the merchants side by default. It's not accepted everywhere though. I use this preferentially anywhere its accepted that seems even the slightest bit sketchy.

I have both a Visa and a MasterCard - each from different banks, because I've been caught out when one bank's network is down and I couldn't pay for stuff or withdraw cash while travelling. I've never experienced a failure of ether Visa or Mastercards backends, but when I decided I needed a second source of credit/debit card at a seperate bank, I figured I may as well make sure I have one of each.

I have debit cards because they're pretty much an automatic part of having an account and a credit card, and also because I keep the credit limits on my cards low intentionally, and can use a debit card or online banking savings account with a much higher daily limit for large purchases.

I have one extra "single purpose" Visa card with a high credit limit and that gets used exclusively for my Apple/Google/AWS/Linode/DigitalOcean accounts. This is for peace of mind that my AppStore/GooglePlay accounts and my hosting accounts will _always_ charge successfully - the credit limit is over 10 times my total monthly spend over those accounts, I could conceivably vanish for a whole year and those would still all get automatically paid.

Definitely 3+

I grab a new one every couple of years when I see one with advantageous terms. I typically only use a couple of them at a time, but I keep the old ones around because: why not? Having more available credit is only a good thing.

I do have heard the view that it is better not to have more than 1 or 2 credit cards, because it is likely to reduce ones credit ratings, and also to avoid the extra card related expenses and charges.

> I do have heard the view that it is better not to have more than 1 or 2 credit cards, because it is likely to reduce ones credit ratings

This is, weirdly, backwards. Your credit rating is improved by having lots of available credit (i.e. lots of credit cards), which keeps your utilization percentage low, and by having a very high number of years on your oldest credit accounts.

> and also to avoid the extra card related expenses and charges.

Many cards have no fees.

Fun story - i still have the first credit account I got when I first went to college (originally cosigned by my parents with like a $400 monthly limit, eventually became solely my own and with a proper credit limit). Many years later (after getting a much better credit card that became my daily driver) I used that first card a couple of times for whatever reason and completely forgot to pay it off until six months later, when I paid it in full. That account is now still (> 8 years later) restricted with available credit of $0, but remains a favorable part of my credit score by being my oldest available credit line by many years (the non payment dings appear to have dropped off from my credit rating) ¯\_(ツ)_/¯

[edit: i just checked and that card currently has an available credit of $-0.05 which I guess means I'm giving the bank a $0.05 credit line!?]

Having a high number of applications in a short period of time will slightly decrease one’s credit score. Staying at or below 1-2 per year usually hasn’t swing mine more than a few of points. Even with a high number of inquiries, this factor only accounts for 10% of the most commonly used FICO score.

Debt burden and length of credit history are, together, 45% of someone’s score, and these are both improved by having a lot of old unused credit cards.


Having more credit cards/credit is not a bad thing... closing accounts on the other hand can drop your credit rating because your average age of credit goes down.

>I keep the old ones around because: why not? Having more available credit is only a good thing.

Also because closing accounts can negatively impact your score (by reducing your average age of accounts)

If they're in the US, a lot of financially smart and motivated people can play Credit Card games to maximize on their miles / rewards for purchases such as like 3% cash back on some purchases.

I have a friend who's honeymoon was completely paid - first class flights and ~three weeks worth of all inclusive 5 star hotels/resorts - all on points.

His father ran his entire construction company paying everything he could on the highest rewards based credit card available at the time. He apparently put over 12 million through it in two years. (I suspect it was about an order of magnitude lower than 3% cashback on that, but it was still a nice chunk of honeymoon and travel bills paid "for free", or more accurately by the bank and their merchants, and probably at least somewhat passed on to the construction company's customers in prices high enough to cover the credit card rewards scheme...)

Not the person you're replying to, but I have: my main one, one for the railway company that my gym is associated with (needed for that gym membership), one for a theatre membership, one that reduces my bank account's annual fee, a UnionPay card for use in China, one with good foreign exchange rates and one from my previous country.

Had the same issue with my SIM card while I was a student. Still registered as living at my parents' thirteen hours away, and they insisted on sending my new sim there while they were gone for weeks.. Luckily I'm from a really small town so got the mailman to just repost it with correct address. Pretty illegal I guess, though.

Another comment here about invalid card number also reminds me about my passport. I have a Danish passport but never lived there, so my id number has X-es in it in instead of all numerical. That's pretty hard for various form validators to accept..

I don't really see why there would be a law preventing you from authorizing a postal worker to check your mail for you. Like if they were your next door neighbor.

I'm using Apple Pay and I recently canceled my card. Interesting thing is that even before I had my new card Apple Pay switched to the new one, I didn't have to do anything. I wonder how they did that.

Credit cards send updated card information to various merchants that you've used. Usually it's for things like subscriptions or bills so you don't have a gap in service. Personally I hate it because it lets smaller stuff slip through the cracks for longer.

Yeah. Google Pay works the same way.

There is no reason why Apple Pay should be linked to a physical card at all - they can and should work completely independently.

I also had this happen. I was pleasantly surprised. Apple Pay is easier than it used to be when it comes to registering cards too.

A couple months ago, I accidentally left my debit card in an ATM in Mexico, and needed to cancel that card. I called my credit union in Washington State, USA. They were quite good about handling the fact that I was not at my home address. I had to pay $32 and wait a week or so to get my replacement card, but it arrived without issue. They shipped it in an inactive state, and I had to call them to activate it. The only part that was mildly a pain was I needed to fax (what year is it?!) my address in Mexico, but that was pretty simple with HelloFax. I actually ordered a 2nd card as a backup in case I lose the new one.

Look at this from the bank's point of view.

If someone on the phone could convince a card company to send a new credit card to a random address in a random country, do you have any idea what kind of field day scammers would have?

> If someone on the phone

Not "someone". Me. They happily secure phone actions by both a password and 2FA just like online access. After that point you can do literally anything else with the account, including close it or get a copy of the card details.

Thwarting the verified owner of the account is not fraud prevention.

On the subject of thwarting and card details, though, neither CapitalOne's website nor mobile app will show my card number nor will they let me create temporary card numbers _after_ I've authenticated with a strong password and 2FA whenever I happen to be outside of the country. It just says "Oops, something went wrong". It took me weeks to figure out the first time that it was because I wasn't on a US network.

Both your and the parent's points are valid. Identity verification is a hard problem that the major legacy banks have a big problem with.

Their processes are both extremely annoying and can fail and lock out the legitimate account owner (the reason many of you have had trouble replacing cards abroad is because "shipping to a previously known address" is itself a security measure) while at the same time being vulnerable to a targeted attack from someone with knowledge of how the process works.

I've had replacement credit cards sent to me overnight fedex at least five, maybe more times. Usually involved < 5 minute phone call to Amex/Chase/Wellsfargo whoever. United States, Canada, UAE and Singapore (twice).

There must be some safeguards beyond the various identity questions they asked me - but I don't know what they were.

I think it'd be fair for them to say "no, we can't send it to any address but your home address", but that their fallback is to say they'll send it to where you are and then to send it to your home address instead is itself a security hole (albeit a smaller one).

I had a similar experience after moving once. I'd called the credit card company to update my address and had even received statements at the new address (this was before e-statements were common). When it was time for a replacement card, a year or two after the move, it didn't arrive. So I called them, confirmed my address, etc., they said it had been sent months ago, so they would cancel that card and re-send. So now I can't use my current card even until it expires since the number has been cancelled. Wait a couple weeks, still no new card. Call them again, same deal. Confirm the address, they've sent it, it never arrived.

When the NEXT card didn't arrive I went by my old house and sure enough the folks living there had received all three copies. Then I got to spend a few hours being passed around to various people on the phone with the credit card company before I could find the person who knew about the super secret place where the replacement card address was apparently stored.

Edit: Ha, I just remembered the saga actually continued the next time I moved. Remembering this experience, I wanted to proactively have them change not just the regular address, but also the replacement card address. Unfortunately, try as I might, I couldn't find anyone who would believe me that just updating the regular address on the account wouldn't work. Sure enough though, when it was time for a replacement, it once again went to the old address!

That's when you file a complaint with your banking regulator (e.g. the CFPB). At that point, the problem becomes impossible for the bank to ignore, and too important to leave to the lowest-tier phone support agent, and it suddenly gets resolved.

>"Honestly this reason alone makes Apple's purely digital credit card my favorite. Need a new card number? Just push a button. No incompetent shipping divisions with 5 hops and as many business days between you and your ability to buy things when your card number is breached.

That all sounds good. I'd be curious how the customer experience is when there's an unrecognized charge or you need to open a dispute though.

> I'd be curious how the customer experience is when there's an unrecognized charge or you need to open a dispute though.

It's as easy or easier than disputing any other credit card charge. Open the wallet app. Tap the card to bring up a list of transactions. Tap the transaction you want to dispute. Tap "Report an Issue". Tap one of "Dispute Charge", "Unknown Transaction", "Incorrect Merchant Info", or "Other Issue".

Yes but you can do the same thing with most major credit cards via their Web UIs or mobile apps as well. What happens when you need to speak to a human being such as when a merchant declines to remove an erroneous charge.

You can get support (from Goldman Sachs) over iMessage or by phone. Nothing too unusual.

Reminds me of a time I was traveling where there was no internet access for two or three months, during which my credit card was compromised, the card was closed, it got declined on 3 or 4 bills, accumulating a couple hundred dollars in late fees and preventing me from paying with a credit card on those services.

Seems like you should just be able to buy a generic card at the store and then input it’s ID/serial in your bank web portal and have the card authorized by the bank to be your card. I’m sure there’s probably a way I’m not thinking of that can be abused but it seems plausible

Buying generic cards would break the chain of trust as there's no guarantee that the card you're buying hasn't been tampered with, such as the private keys of the card already being compromised at the factory.

It is a good idea assuming you can guarantee the security of the card. Banks typically don't have an incentive to defraud each other by supplying backdoored cards, so banks could indeed partner with each other allowing people to go into any local bank branch, acquire a card and then call their bank to associate it with their account. Of course, you still have the identity verification problem there, as you wouldn't want an attacker to be able to associate a card they acquired with your account and then spending your money.

However, if you're going to solve the identity verification problem for the above, why bother with a card at all? We all have phones or similar computing devices that can act as a card (for Apple Pay & Google Pay, the phone literally simulates a contactless card).

> Honestly this reason alone makes Apple's purely digital credit card my favorite.

That only changes the card number used for online purchases, not the number on the physical card’s magstripe. The magstripe number doesn’t change, so if you get skimmed, you still need a whole new card.

There’s nothing special about the physical Apple Card.

As for online payments, you might as well use something like Privacy.com that gives you a separate number for each service. That’s better than Apple’s solution, and I’m still not sure why Apple doesn’t do that.

when i lost my wallet with my debit card in it, i went to my nearby credit union branch and they just printed a new one for me on the spot. all the relevant info was printed on the card and magnetized/loaded in the right spots. it didn't have raised numbers like many cards (even the periodic renewal replacement they've since mailed me lacks raised numbers as well).

it seemed to me then, and now, that that was a much better experience than waiting for it nervously in the mail.

My bank (ING) just cut me off completely when I was outside Australia. Couldn't get my replacement card sent to me (was just lucky my listed address still had my family living at it), couldn't ever log in to the app again, I was just done. They have no system for people outside their home country and their solution to any problem is to fly home. Unbelievable. Especially for one of the biggest multinational banks in the world.

After more than a decade of lurking HN... this is the comment that compels me to create an account.

Schwab dropped this ball and left me in the Guatemalan jungle for 18 days after many assurances that they would definitely not send the new card to my home address. Embassy? Nope. Hotel? Impossible. But sure enough it reached my house. Schwab was great, but this was too much.

Oh man the physical card thing annoyed me when I went to use my Amazon card a few weeks ago and it asked me to re-confirm the number. I had to go digging around for it because I figured I would never need to know that again. The card only is only useful on Amazon so why in the world can't it be completely digital?

I guess it depends on the bank. I had to cancel my card because I was afraid it had been skimmed while temporarily living in Singapore. My bank couriered a new card to me over night.

I was very impressed.

> Honestly this reason alone makes Apple's purely digital credit card my favorite.

And what if your phone is stolen or lost? The hassle is no different than card ...

Or another way would be get a placeholder card from any of the trusted places and then register that card online with your account to make your own.

You can have a lot of free debit cards that you can order online as backup. When your card gets stolen you immediately go online and transfer some money to the backup card before calling the bank to cancel the lost/stolen card.

I recommend:

TransferWise https://wise.com/gb/borderless/card

Revolut https://www.revolut.com

I am not an Apple user but presumably Apple is processing your payments in this case, and have an insight into your spending?

> Apple Card features that use your transaction history, like spending summaries, are created on-device. Apple does not know your transaction history. [0]

> When you use Apple Card, our issuing bank and payment network partner — Goldman Sachs and Mastercard — and their service providers receive information about your transaction, including the merchant, time, and amount in order to operate Apple Card. Neither Goldman Sachs nor Mastercard share or sell your transaction information with third parties for advertising or marketing. [0]

[0]: https://support.apple.com/en-us/HT210662

> Neither Goldman Sachs nor Mastercard share or sell your transaction information with third parties for advertising or marketing.

Hmm, I wonder why they sell it then? Since they needed the "advertising or marketing" qualifier, they obviously sell data to third parties.

Two thoughts:

1. Maybe they are selling purchase data to hedge funds? Lots of possible use cases.

2. Maybe some regulation only requires them to disclose if the information is sold for advertising or marketing (I think I remember this showing up on some post-CFPB credit card disclosure forms). Therefore the lack of such a disclosure for other uses for the information could mean nothing, just that they are minimizing discourses that aren’t legally obligated.

Definitely some of #2 going on. A lot of the language surrounding privacy disclosure requirements under the Gramm-Leach-Bliley Act is literally copy-paste from a form that the FTC suggests for compliance with the law.

Just about anyone with a financial account in the US will probably instantly recognize this form:


My guess is fraud detection partners? Some company that aggregates transaction data to spot patterns of abuse or fraud, and in turn provides services to their customers to mitigate it.

Governments probably fall under 3rd parties?

> Apple Pay data that has been disassociated from you may be retained for a limited period of time to generally improve Apple Pay and other Apple products and services.


It’s actually Goldman Sachs. Apple does not retain transaction history, per their privacy policy.

Ouch. Sounds very tedious. I guess it could be a good idea to have more than one credit card, especially when travelling.

Just wait till you loose your phone next time.

No bank should be sending cards to an address not on file - that is a major fraud risk 101 issue right there.

And in the US they can’t issue a debit card within 30 days of an address change without specifically verifying the change is legitimate: https://www.ecfr.gov/cgi-bin/text-idx?SID=a04646f38f28731e83...

It was "on file" as soon as I gave it to them after verifying my identity.

I too can verify your identity. All I need is your first name, last name, date of birth, and last four digits of your SSN. Which are all floating around the darknet in one of the dozens of large data breaches American companies have had over the years.

Should I be able to get your replacement credit card delivered to my home address with that?

My response to another comment would be relevant here too: https://news.ycombinator.com/item?id=26433737

> Both your and the parent's points are valid. Identity verification is a hard problem that the major legacy banks have a big problem with. Their processes are both extremely annoying and can fail and lock out the legitimate account owner (the reason many of you have had trouble replacing cards abroad is because "shipping to a previously known address" is itself a security measure) while at the same time being vulnerable to a targeted attack from someone with knowledge of how the process works.

Account changes by phone involve a password and 2FA like everything else. Try again.

Neither my primary bank nor my primary credit union support 2FA.

If you're conditioned to give your password to your bank over the phone, I can use those three piece of information, and will happily call you up, posing as a bank CS representative.

If you think you're smart enough to not fall for that, let's suppose for a moment that you may be right. But what about your 76-year-old grandmother? Is she going to consistently be able to make a determination between a legitimate, and a fraudulent bank CS representative who wants her to confirm her username and password? Or is she going to have an easier time in a world where you never, ever, ever, ever give another human being your password over the phone?

Do you want convenience, or security? Actually, the better question is, does your bank want convenience for you, or security for them? (Because they are ultimately on the hook for fraud)

>If you think you're smart enough to not fall for that

What? Seriously? There's nothing to fall for here.

You should never trust an inbound call. If your bank calls you, you take their information, immediately hang up, find the banks phone line and call that number back yourself.

The scam goes as follows.

'We have detected fraudulent activity, call us back with the number on the card.'

You hang up. They don't. You pick up the phone, and dial the number on the card.

Depending on how landline phone routing works in your area, you hanging up does not end the call. You picking up the phone again resumes the previous call, you dialing some numbers does nothing, the scammer makes some telephony noises, and goes ahead and resumes their conversation with you.

Nothing to fall for, eh?

Also, please keep in mind, we are apes. The logical centers of our brains turn off when your bank calls you to tell you that you are being robbed. Especially if your mind isn't as sharp as it used to be.

I literally do not know a single person with a landline, so I cannot say if that is remotely true or not. I'll take your word for it. But what I am 100% sure of is that you could make any telephony noises you like down my phone and you will not succeed getting access to my banking details.

You'd probably have better luck calling the bank and trying to persuade them.

The point isn't making the telephony noises, the point is that most people have no idea that in certain situations, hanging up the phone and dialing a new number does not actually dial a new number. It sounds like you didn't know about this, for instance.

And again, this isn't about you. Most of the time, you don't pay for fraud, the bank does. That means that your bank is incentevised to reduce fraud, at the expense of your convenience - because not all of their customers are as smart as you are.

> Depending on how landline phone

Do you have a scam in mind that doesn't depend on a rampaging time machine forcing me back to the 1990s? I don't think I've used an analog land line for decades, and I definitely don't know anyone who has one now.

I live in a universe where 40% of Americans still pay for, and use a landline.

You don't need a time machine to find one, you just need to leave the young techie bubble.

> I don't think I've used an analog land line for decades

You were cellphone-only since at least 2001? If you spent any time talking on the phone back then, your monthly bills must have been staggering.

What bank is this? None of my half dozen credit cards have this. None of them even support 2FA on the web to the best of my knowledge.

American Express will absolutely send replacements while traveling.

I’ve had them send replacement cards to my hotel without problem.

I live in the Netherlands, a country that primarily uses debit cards. I do have a credit card that I rarely use. Only when I buy something in the USA for example.

Some years back I moved to a different city. About a year later I wanted to make a purchase with my credit card. I found out it had expired. I rang the bank and asked for a new one. They promised to send it to me. It never arrived. Rang again, got the same promise, and still no card. When I called them the third time, the employee found out my old address was still in their database. Turns out the credit card department had a different client database then the debit card department (who had my new address).

To change my address, I had to log in to their site. They weren't allowed to change it on the phone. As soon I tried to log in, I noticed I forgot my password. When I clicked 'reset password', there was a new surprise: they send the new password by snail mail.... to the old address of course!

So I had to go in person to the house I used to live in and explain the situation. I asked them to ring me when the letter with my name on it arrived on their doorstep. Luckily the people who now live in my old house were very nice and gave me the letter!

This seems to be a common issue with banks. Over the years, they have built system after system that stores things like your address. So you end up with addresses stored in multiple systems. When you request an update to the address, it depends how well designed the update flow is whether they update all the instances of your address. Often they miss a few instances or the accounts aren't linked so a subset get updated. in other cases, some department pulls a customer dump and uses it for 10 years without ever getting updates.

been there. done that. have the t-shirt. :/

I recently got an SBA loan. After I got the loan the bank was bought or rebranded or who knows what and they moved my account to a new website. I was still able to log into the old website and, until I tried to update my email on the account, which can only be done over the phone, I didn't notice that they had actually cloned the database, and locked their customer service representatives out of the old one. I can still log into the old system, and update my password from there, thankfully. But I've been unable to change the email address on it because the customer service representatives insist that the old system "has been deleted" and refused to connect me with any engineers or escalate the issue to someone with the ability to solve it. Ironically the old system is still responsible for email notifications, so those are locked to my old email address. I'm pretty sure this is a data leak waiting to happen, but what can I do about it?

> I live in the Netherlands, a country that primarily uses debit cards

I noticed that on my very first visit to the Netherlands. Many shops just don't accept credit card and that was very strange to me on my first visit. My only use case for debit card was to get cash out of ATM until then. So, I was really surprised to see that everybody uses debit card everywhere. And I was told that credit card is mainly used for online booking and traveling.

It is very strange... I have some assumptions that it would be better for the general public to not have a credit card culture. Very rarely have I "required" the use of one, but when I was moving for my first real job out of school it was somewhat essential as a sort of buffer until the first paycheck kicked in. Not a comfortable place, but one I bet a lot of people could resonate with, and IMO a responsible use of credit.

To me (Dutch) the idea of using a personal credit card is very strange for anything other than because a website/shop doesn't accept any other form of payment. If you're a company, credit makes sense. You invest on a risk of getter a greater return in the future. But paying for your groceries or rent in advance should not be considered 'investing' in your personal life imho. You should just make due with what you have.

From what I understand about the US, it is mainly to get better credit rating. This is apparently the most important social score in American society...

Note to Americans: In European countries this tends not to be a thing afaik. Privacy is taken more seriously, so there is no central & privatized system to query for credit. However, to rent an apartment, get a loan or get a new job here in Switzerland it's often required to provide something like a credit register extract from the local government office. That register will get notified when someone isn't paying bills, usually after the third notification ~2 months after a bill was issued (notifying the register is costing fees, so businesses try to avoid it as much as possible). After a couple of years, entries get deleted. This way there is an attempt of balancing privacy, social mobility and the interest of businesses to collect their revenue.

Not just the US, the UK has credit scoring too, there I think 3 credit scoring agencies. When I moved here from Europe the entire notion of credit card and credit scoring was new to me. I still use my debit card whenever possible though, just spending enough on the credit card to avoid getting it cancelled due to not using it.

Similar to what we have here. Only I don't think it common they check your credit score for a job application. Only when you want a new loan (mortgage, credit card, buy on credit, etc). You can also query the information yourself and see who requested access to it in the past months.

where is here, the US you mean? but the way I understand it, those credit score agencies are private, and their info is much more granular. e.g. it would never matter in CH and pretty much all of Europe, how much you already spent and payed off on credit in the past.

Lots of credit cards come with incentives. For example, I get reimbursed a flat 2% rate on all transactions ("cashback"). As long as I keep the card on auto-pay for the full balance, it's a win-win situation: credit building + free money.

Where does that "free" money come from? From the payment network fees, of course. Mastercard takes a 4%-ish cut, the bank keeps 3% of that, and 2% of that goes back in my pocket. Banks have to offer such benefits because they will get cannibalized by the other players if their card can't compete.

Structurally, it's actually quite stupid that there's an invisible tax which you can only recover by playing ball with the creditors... but on an individual level you would have to be foolish to not take advantage.

I can confirm the strong deterrent towards having a credit card, any personal loans really, in the Netherlands.

My bank, and I believe most banks in the Netherlands, requires proof of stable income well above minimum wage before even considering an application for a credit card. This puts credit cards out of reach of a sizable part of the population.

Also, credit checks and reporting new lines of credit to the authorities by lenders are mandatory for all personal loans, be it for getting a mortgage, issuing a credit card, paying monthly installments for a smartphone bundled with a contract, or buying on credit from Dutch online stores or mail order catalogues.

It's just a normal way of paying with money you actually HAVE, not money you "borrow" from a credit card company...

Same here in Germany. A normal credit card is a charge card, so billed every 30 days in full from the giro account. Credit cards that are rolling are rarer but slowly breaking their way through.

I mainly use an Amex charge card that functions like this, don't spend money I don't have, and only don't use a debit card for things because our financial system is very insecure and don't want to give the number out because getting my money back is a lot harder than just calling Amex and reporting the fraud.

It's the same in Poland. I've never had a credit card in my life and honestly I don't feel any need for it. My debit cards work pretty much everywhere around the world, including internet payments (occasionally one card may have a hiccup so I always carry two cards from different banks)

It costs the merchant more to process a credit card transaction, so they don't bother unless they're likely to get a lot of tourists. These days, more and more places are going cashless too, though those places generally always accept credit cards, otherwise it'd be really hard for overseas visitors to pay.

I have a credit card here and only use it for international transactions[0], it has a fairly low limit to the point where if I'm, say, booking long-haul flights I need to pre-load it with money which fortunately only takes moments. This is partly by choice - as it's automatically paid off each month, I want to ensure I can never put more on it than will be in my bank account - but also that was the default limit when I got it.

[0] local online transactions pretty much always use a system (iDeal) that goes via your bank website.

Same in the UK. Both credit and debit cards tend to be MasterCard or Visa cards, so they can generally be used interchangeably.

Personally, I only tend to use credit cards for larger purchases (flights, hotels, etc) because you get some better protections if things go wrong.

Data: https://www.finder.com/uk/credit-card-statistics

€18 a year for just having a credit card? My bank can go f itself.

I once had that on a bigger scale, also with a Dutch bank...

Shortly after I relocated from the Netherlands to Australia, my house was broken into and my Dutch debit card stolen. The bank would only send my new card to my local branch, which was 20,000km away. And none of my friends could pick it up because they insisted on verifying my id.

Very frustrating...

Wow that’s crazy. How did you solve it?

Sending a new password though snail mail might be the dumbest thing I’ve heard all week!

It's not completely dumb. Address verification can be part of an identity verification measure. It shouldn't be the only one, and an override should be possible, but it's completely valid and effective at thwarting remote attacks.

Sure, the logic lines up. I think it’s dumb just because how un-useful it is. Waiting for a week for a password reset to arrive in the mailbox is pretty painful.

Pretty secure I suppose, except in the OP’s case, where it was sent to an old address. And they wouldn’t update it over the phone? So they essentially gave some strangers access to his bank account.

it's a thing. my bank has even special paper that obfuscates the password so you can't see it through the envelope.

Totally happens in Sweden

Does Netherlands has mail forwarding? USPS in the states does mail forwarding if you change your address, it is very convenient.

Up to a year, but it's quite pricey (75-ish euro's for the full year).

Yeah I had that but this was just a bit more than a year later I think

I would think that you should be able to just walk to a bank branch and get the address updated on the spot.

That must have been so frustrating. We have advance technology but still not very good

A bank in Boston once sent me a debit card that didn't meet the valid number algorithm. I had to go in there and show them the math step by step to prove it.

I'm surprised YOU even know.

meaning two things: you understand the algorithm and you checked the algorithm.

This is like discovering a compiler bug from code that compiled - statistically unlikely, and requires deeper expertise.

I mean I shouldn't be surprised, it's HN.

Not surprising that they discovered it, even if they weren’t aware of it - I’m guessing this is how it went: person tried to use his card number on some random website, but it kept telling him that his number is invalid. They scratch their head and double, triple check that number and then do a google search.

I'm fairly sure someone else suggested it as a possibility, because why the heck would a bank issued debit card number not work on say... Amazon.com?

If the code compiles sometimes the bug is pretty obvious!

The algorithms are not complicated.

It was even originally designed to be calculated mechanically

The Luhn algorithm is fairly common in software interviews, though I agree I would never think to check it if my card failed.

npm i card-validator

Why would you even try? Surely "my card number doesn't work" is the simple and sane response. They don't need to know, or care, why.

If you are a software dev, you should know that devs love to expend relatively extravagant effort and time to figure out an issue, explain it precisely, and fix it to avoid the possibility of it happening again.

In general, and for my job especially, I am absolutely this person. However, as soon as I'm talking to any form of customer support I pretend to know nearly nothing about tech and try to stop myself from diagnosing the problem (at least out loud). Often the person I'm talking to has no real agency to make changes to the organization and me explaining what is wrong or trying to give them more details just confuses them. I'll still guide the conversation gently if I feel they are veering off into something wrong/unrelated but I've been "trained" by multiple experiences to just play dumb and try to move through the system as quickly as possible.

Yup. I can count on one closed fist how many times the phrase, "trust me, I'm a computer person" has gotten me anywhere with a technical issue at any company I've been a customer of.

This has actually worked for me once. I called my ISP to explain I had no internet access and where exactly in the protocol stack the issue seemed to be. They checked and fixed something on their end and two minutes later it was working again.

Did you say "shibboleet"?

Heh, I didn't have to, I wasn't even transferred to another employee. This is a small-ish local ISP which probably doesn't have ten levels of tech support. A bit more expensive than offers from other providers, but absolutely no regrets.

Since we're talking about good support here, I have another story involving them:

When we started the contract with them 6Mb/s was the fastest available speed, a few years later it suddenly went to 70Mb/s for a week and then down again (which is fair, we had a 6Mb/s plan after all). I called them and asked if we could upgrade to a faster plan. They said they could now offer us a 50Mb/s plan and asked when I would be home. One hour later they sent a representative with a new contract, we signed, and the next day speeds went up to 50Mb/s again.

Oh yeah, the people at the branch no doubt pulled down the latest git repo and checked in the changes.

I've renewed cards only to get a new card with the same number (with a later expiration date and different CVV).

Renewing is different than replacing.

Tell them your card was lost - problem solved.

That's how it's been for every card I've renewed.

This was after a replacement card also didn't work.

sadly most bug reports just say "it doesn't work" - which is not helpful at all. Why would they not need to know!? Maybe they had this problem for a long time, and affecting other customers too.

This does not surprise me. There are typically 5-6 discrete business systems involved in debit card issuance. Only 1 of them is implicitly responsible for ensuring the number is valid before the rest of the process begins. The card printers (at least ones I've dealt with) are certainly not taking the time to validate this information. I do not think the debit switch networks have any integral validation/exceptions for card numbers, as long as the bins are valid. It is ultimately the responsibility of the merchant/acquirer and issuer to verify this information is accurate.

Wow, that's insane. Bank tech can be shockingly low tech sometimes - maybe they were using a spreadsheet to create their numbers or something

Yeah, I could believe it. It was a small bank and the card was being sent in the mail. Nowadays my bank (a different one) can print a new card on the spot.

lol this is the most "sir this is an arby's" shit I've seen in a minute.

Like the teller possibly doesn't know anything about that algorithm except that it exists. Just show them the card doesn't work they can verify that quickly.

This was the second card they'd sent me that didn't work. Couldn't use the card anywhere, and their telephone support didn't understand the issue.

At least you didn't have to go far to complain in person :)

Heh, do you remember when I was dealing with this?

I don't, seems like I should remember something as crazy as this... Maybe after my time, then :)

In a way, isn’t that the hell of modern life? Even if the teller/ phone support cared and was interested in helping and learning, they’d be screwed by their drop in Average Resolution Time. Are we making the world better or are statistics making us more compliant?

That's interesting. You would assume the LUHN digit would be calculated and non-editable. Was it a card with an unusual number of digits or something?

I have a fun story about a card with an unusual number of digits!

I worked for a very large department store on their mobile app. They issued their own in-store credit cards that only had 9 digits and didn't pass the LUHN check.

They jumped into e-commerce a loooong time ago so the tech stack was showing it's age and they didn't have real test servers. (They did but they were almost always unusably slow.) We did almost all of our testing against the production servers. This was fine because we were mostly just loading product pages and building shopping carts.

Normally for testing checkouts we'd use bogus credit cards like 4111 1111 1111 1111, which passes the LUHN check but is obviously a non-working card so our order would fail.

We had to check the in-store card processing a little differently and would test with the number 123456789, thinking that surely couldn't be a real card number. (You may see where this is going.)

We ended up typing out a lot of addresses so we usually picked one with the first state in our state picker, Alaska. Then we found the shortest city name in Alaska, which is Tok (there's a couple other three letter towns in AK but that's what we usually chose.)

One day, someone decided to check the order history of the account we were using to place those test orders. They noticed a tracking number and clicked on it. We had sent several dresses to 1 A St. in Tok Alaska. It was the longest tracking list I've ever seen with several delays and problems that could only occur when shipping to a fairly remote town in Alaska. (I believe avalanche was one of the listed reasons.)

Sorry to whoever had that card!

Regular Visa Debit card.

Obviously not that regular or it'd have worked :)

I can tell you've probably worked with building your own Stripe forms back before the PCI rules made that difficult. It was so fun adding Luhn validator for the first time and seeing how quickly it rejects a card number if you're a digit off.

Alas not, I don't think I've ever used Stripe, except as a user.

Did they generate the number by hand or something?

Not sure, it was a small regional bank (next door to the FSF, see my other story in this thread) but they've been replaced by a bigger bank.

What was the consequence of this? Would the card not work anywhere, or would it only not work online?

I believe that such a card shouldn't work anywhere - even if the terminal didn't validate anything (IIRC they must, and that's likely to be one of the test scenarios in the certification process for every new terminal model release) and the issuing bank would accept transactions from that card, a transaction with this card number couldn't get from the terminal to the bank as the network (visa or mastercard) should immediately reject it; all that validation is built in since the earlier days where card numbers may have been passed on manually (taken with an "imprinter" pressing down the embossed numbers through a pad of carbon paper, written down, taken over the phone, etc) with a nontrivial chance of mistakes.

Didn't work anywhere I tried it, but I'll admit I didn't try it at a lot of places.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact