Home Internet This tool could crack credit numbers in 6 seconds

This tool could crack credit numbers in 6 seconds

3 min read

In what amounts to a very clever brute force attack, a group of researchers has figured out how to find credit card information including expiration dates and CVV numbers by querying ecommerce sites. The process, which was outlined in IEEE Security & Privacy, involves guessing and testing hundreds of permutations of expiration dates and CVV numbers on hundreds of sites.

MasterCards aren’t susceptible to this attack because their system shuts down cards after 100 attempts. Visa cardholders aren’t so lucky.

The researchers, Mohammed Aamir Ali, Budi Arief, Martin Emms, and Aad van Moorsel, believe that their tool can also be used to guess ZIP codes and address data or hackers can simply correlate location data with issuing banks or use skimmers to figure out where different cards are used. If the commerce site doesn’t require a ZIP code, however, cracking the card is as simple as running a program.

To prevent the attack, either standardisation or centralisation can be pursued (some card payment networks already provide this). Standardisation would imply that all merchants need to offer the same payment interface, that is, the same number of fields. Then the attack does not scale anymore. Centralisation can be achieved by payment gateways or card payment networks possessing a full view over all payment attempts associated with its network. Neither standardisation nor centralisation naturally fit the flexibility and freedom of choice one associates with the Internet or successful commercial activity, but they will provide the required protection. It is up to the various stakeholders to determine the case for and timing of such solutions.

The researchers believe that these attacks are already happening in the wild and that their solution  while distressing  isn’t unique, which makes it much scarier.

Source: Tech Crunch 

Disclaimer: Tech Habor is not responsible for the misuse of this article. This article is a news item for research and informative  purposes only. Copyrights reserved for Tech Crunch

  • Fake_whatsapp_url-TechHabor

    Warning!!! Be very Careful the links you open in Whatsapp

    As first reported by The Next Web, a member of Reddit discovered a malicious WhatsApp link…
  • CIA_TechHabor

    The CIA can bypass WhatsApp encryption to read your messages says WikiLeaks

    The CIA can turn your TV into a listening device, bypass popular encryption apps, and poss…
  • tech_snowden

    Edward Snowden has developed an iPhone case meant to kill surveillance

    According to PC World The concept device is designed to protect journalists from governmen…
  • tech_malware

    How to Avoid Malware when Downloading Software online

    Downloading a program especially one from an obscure publisher especially torrent software…
Load More Related Articles
Load More By Kenneth
Load More In Internet

Leave a Reply

Check Also

Facebook and Instagram Down in some parts of the World

Facebook and Instagram users are experiencing outages in some parts of the World , accordi…