mbz321 wrote: ↑December 4th, 2023, 7:31 pm
ClownLoach wrote: ↑December 3rd, 2023, 8:47 pm
Just because you're not aware of anything changing with cards and such doesn't mean it isn't happening. There is a industry wide push for barcode elimination on anything related to memberships, payment types etc. because they're not secure and easily replicated for cheating purposes.
I certainly hope some changes come about, but Costco up until this point seems to invest as little as possible when it comes to IT. (From what I hear, they have a lot of trouble attracting talent in Issaquah due to compensation being relatively low compared to other area companies) Any big changes made in the last few years seem half-assed and untested before being rolled out en masse. Hell, just recently they enabled the QR scanners at the gas pumps, despite the scanners being installed many years ago (and while I have not tested it, I've heard just a screenshot of a QR code, even an old one, will activate the pump). There is a lot of things the 'industry' does that Costco simply brushes off (for better or for worse).
That being said, the competition being Sam's and BJ's, aren't any better. Both simply just use a barcode for membership and have stopped putting pictures on cards.
The revenue models for Sam's and BJ's are different. I don't think I've used a full service checkstand at Sam's in many years but they used to have the customer swipe their card, not scan it. Obviously if Sam's has expanded their membership by nearly 50% in a 5 year period after closing almost a hundred locations they must not be needing to nickel and dime the membership piece. Because of the Scan and Go part of the app with your credit card in it you aren't too likely to see the username and password sharing happen there.
If the gas pump works with a screenshot, and the customer has a digital payment attached, then they are potentially going to find that whoever they shared that QR code with is going to run up their credit card since it becomes the default on the pump. Good luck disputing the charge if you shared the QR code.
Obviously Costco has learned that there is a real threat to their business from membership sharing, since most of their profit is from memberships, and they're going to do everything in their power to fix it. They reinvest everything else they make in the business so I'm still puzzled about the argument they don't spend. What they are decidedly against are the profit-sapping e-commerce concepts Wall Street pushes so hard that are completely unprofitable and just transfer the same customer from the retail bucket where they make money off them, to the e-commerce bucket where they buy less due to no impulse purchases and cost a crap ton more. Costco actually has the guts to stand up to Wall Street and say no to this nonsense.
If you really think they're not all over the security risk of the barcodes then you're actually accusing them of improper IT security management, which is a really serious accusation since they certify substantially complying with industry standards each quarterly earnings report. I appreciate skeptical perspectives but you have to realize that certain types of issues are not going to be ignored because they simply can't be. If Costco experienced substantial losses that had to be disclosed and they were from deviating from what are known as industry standard security protocols and directives, then you're talking about the entire C-suite potentially losing their jobs and perhaps those who signed the reports going to jail. They are most definitely going to be developing something that isn't a standard barcode because they must come up with a better solution. Barcodes aren't secure anymore for unique identifiers.