Home Internet This tool could crack credit numbers in 6 seconds

This tool could crack credit numbers in 6 seconds

3 min read
0
0
credit-card-TechHabor

In what amounts to a very clever brute force attack, a group of researchers has figured out how to find credit card information including expiration dates and CVV numbers by querying ecommerce sites. The process, which was outlined in IEEE Security & Privacy, involves guessing and testing hundreds of permutations of expiration dates and CVV numbers on hundreds of sites.

MasterCards aren’t susceptible to this attack because their system shuts down cards after 100 attempts. Visa cardholders aren’t so lucky.

The researchers, Mohammed Aamir Ali, Budi Arief, Martin Emms, and Aad van Moorsel, believe that their tool can also be used to guess ZIP codes and address data or hackers can simply correlate location data with issuing banks or use skimmers to figure out where different cards are used. If the commerce site doesn’t require a ZIP code, however, cracking the card is as simple as running a program.

To prevent the attack, either standardisation or centralisation can be pursued (some card payment networks already provide this). Standardisation would imply that all merchants need to offer the same payment interface, that is, the same number of fields. Then the attack does not scale anymore. Centralisation can be achieved by payment gateways or card payment networks possessing a full view over all payment attempts associated with its network. Neither standardisation nor centralisation naturally fit the flexibility and freedom of choice one associates with the Internet or successful commercial activity, but they will provide the required protection. It is up to the various stakeholders to determine the case for and timing of such solutions.

The researchers believe that these attacks are already happening in the wild and that their solution  while distressing  isn’t unique, which makes it much scarier.

Source: Tech Crunch 

Disclaimer: Tech Habor is not responsible for the misuse of this article. This article is a news item for research and informative  purposes only. Copyrights reserved for Tech Crunch

Load More Related Articles
Load More By Kenneth
Load More In Internet

Leave a Reply

Check Also

Meet Google’s Mobile Data Saving App Dubbed Datally

Mobile Data doesn’t have to be confusing, expensive or hard to control. Mobile data is exp…