General > General Technical Chat
"FU^%ING" Credit-Cards!!!
Bassman59:
--- Quote from: greenpossum on July 02, 2020, 12:57:59 am ---Saw a US project for sanitising the number pad on card terminals with UV. Around here contactless payment has been around for a while and boosted by C-19.
--- End quote ---
Some of the contactless payment terminals here still require the customer to tap "OK" on a screen, so it's not as contactless as one would like.
Rick Law:
With on-line purchases, your card (fake or not) is never present. Couple that with credit card companies' own on-line log-in accounts that can manage profile, things get easy to hack -- even if every card is equipped with a chip.
I actually don't have a problem with mobile phone validation. In fact, I rather like that.
I have a problem with society's over reliance on on-line stuff, from the damn HVAC thermostat that wants to get on-line, to the damn washer/dryer that wants to get on-line. Hack, if you are home, it does you well to get off the couch to just check. And if you are out, what's the point of knowing your wash is done anyway?
themadhippy:
One simple thing credit\debit card company's could do to cut down on online purchase fraud is only deliver to the address the card is registered to.
Bud:
--- Quote from: Rick Law on July 03, 2020, 07:56:47 pm ---With on-line purchases, your card (fake or not) is never present. Couple that with credit card companies' own on-line log-in accounts that can manage profile, things get easy to hack -- even if every card is equipped with a chip.
--- End quote ---
For on-line card not present transactions you need to enter the CVC/CVV security code printed on the back of the card. So in general you still have to have a physical card. Chip plays no role in online transactions. You can't "hack" a CVC code, you need to have a copy of it (unless you know the issuing bank's encryption keys, a probability of which is near zero). Some companies such as Digikey or Amazon store the complete set of information about the customer's credit cards and that allows them to "offer better service" to the customers by not requiring re-enter card information every time a purchase is made. But that storage is The weak link and this is what is typically hacked, not the card itself.
Rick Law:
--- Quote from: Bud on July 03, 2020, 08:37:42 pm ---
--- Quote from: Rick Law on July 03, 2020, 07:56:47 pm ---With on-line purchases, your card (fake or not) is never present. Couple that with credit card companies' own on-line log-in accounts that can manage profile, things get easy to hack -- even if every card is equipped with a chip.
--- End quote ---
For on-line card not present transactions you need to enter the CVC/CVV security code printed on the back of the card. So in general you still have to have a physical card. Chip plays no role in online transactions. You can't "hack" a CVC code, you need to have a copy of it (unless you know the issuing bank's encryption keys, a probability of which is near zero). Some companies such as Digikey or Amazon store the complete set of information about the customer's credit cards and that allows them to "offer better service" to the customers by not requiring re-enter card information every time a purchase is made. But that storage is The weak link and this is what is typically hacked, not the card itself.
--- End quote ---
As you pointed out every time you ordered on line, your security code is exposed. They don't have to hack it from you. They hack it from companies. Hackers are no dummies, why would they hack your machine and get one or two cards that you have, or hack a company that might have tens of millions of card info stored.
Like walking on the side walk, you could get squashed like a bug by a drunk driver any day, any moment. When I go out to walk as exercise, I get certain health benefits, and I am exposing myself to more risk.
We have to accept, security with credit cards, NFC payment, whatever, are never perfect. The less we are exposed, the better. Benefits must be commensurate with reward. Every time I pay with a credit card, I get 1% back or whatever, but also exposed myself to a certain risk. Risk and loss is all around us, and we are always paying for it one way or another. One just has to think that way, or one is exposing oneself to risk and/or extra cost without proper consideration. It is the lack of risk/cost consideration that is feeding the growth of the fraud/hack/data-theft industries.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version