Well, with my Spanish cards I get an online PIN that I need to put into the websites before being able to use the card. The PIN is only for online use, and I need to activate it before being able to use it.

Not sure, but I think the UK system might by leaning towards the same thing.

At the moment we are not looking at implementing any chip and pin stuff into our sites.

I haven't seen anything from our merchant provider about it either.

Chip and Pin can be implemented on websites. The Pin should NEVER be typed into the merchants website, but it should forward you to the MasterCard or Visa website where you enter the Pin number. It is difficult to know you are on the correct site from card issuers, however, due to all this phishing going on.

I have seen phishing scams asking for PIN numbers. A friend got one off of "ebay" which nearly had him.

it is amazing that information on this is so sparse

Chip and Pin can be implemented on websites

Interesting. Do you think that implementing it on a website gives the merchant provider any more responsibility? I think the terms of business when I look at chip and pin only really protect the merchant more when it is a cardholder present transaction when you look at the small print.

I guess that chip and pin on the site will reduce fraud for the merchant, if not transfer liability to the merchant service provider, but if it is allowed online then I agree - phishing will become rife in the UK with this.

When I spoke to a human at BMS, they decided that our online site should NOT use chip and pin - even though they had been pushing me down that route by letters and even sending me videos on the subject until that point.

i spoke to barclays merchant services about this as we are both online and offline.

according to the woman i spoke to, the customer not present sales (eg online) are not affected and the merchant is still liable for all losses, pin numbers are not required.

... mind you i've spoken to reps before who are then contradicted by another rep at a later point.

I think she was right this time though. Thanks Topr8 - at least we are getting the same message! (maybe the same rep?)

I spoke to Streamline earlier in the year about this and they said that online / card holder not present transactions are not covered by chip and pin.

So I think your Barclays rep was right.

Where the customer is not present at the point-of-sale (i.e. mail order, telephone order and internet transactions) chip and PIN does not affect the current situation

[chipandpin.co.uk...]

We've had these Electronic chip and pin type credit cards since the outset ( they were invented by a French guy ) ..not one French bank or merchant site requires us to input our PIN number to have a "higher" level of security and never has ...I use the cards all the time ..

PIN was always "cardholder present" ..what on earth is the thinking behind anysite asking for pin to be given (even the bank's own sites )...