Oh no. I hoped the whole thing will be at least hashed with the key stored in the card, and the PIN entered, and all the data then sent to the bank who’d have the last say if the transaction is valid or not.
This is… dumb.
3 Likes
