Target US - Credit Card Data Breach
Brian Krebs has a nice write-up on the Credit Card data breach at Target US ( http://krebsonsecurity.com/ )
The interesting thing for me in this story is that it affects US locations only. The reason that this is interesting is that the data that was stolen was all mag-stripe data. This mag-stripe data is much less useful on a CHIP+PIN card, which is used in pretty much every other country on the planet. We'll continue to see credit card attacks focus on countries that make it easy - while of course you can steal / duplicate a chip+pin card, for a criminal it's so much easier to simply skim a mag stripe and take the win.
===============
Rob VandenBrink
Metafore
×
Diary Archives
Comments
And the other useful change would be for US restaurants to issue portable card scanners to their servers. Then we would not have our cards whisked away to be swiped out of our sight. Again, the rest of the world is way ahead of us here.
Anonymous
Dec 19th 2013
1 decade ago
And the other useful change would be for US restaurants to issue portable card scanners to their servers. Then we would not have our cards whisked away to be swiped out of our sight. Again, the rest of the world is way ahead of us here.[/quote]
Actually unless the chip is RFID and imbedded there are issues with static, mechanical abrasion and with ISO 7816 programmer it becomes fun.
Working with and around WMS for 13 years, programming ect. A easy secure way is 3D bar-code scanning fits nicely into their infrastructure since most use Motorola/Symbol. The card can handle a lot of abuse and even get wet and still work, most important cost is minimal.
You will also notice most newer ID's have them. I still think there were people on the inside and out in various areas of the US, using camouflage code to be assembled. Guess we will have to wait to see if I am correct or not.
Anonymous
Dec 24th 2013
1 decade ago
http://usa.visa.com/download/merchants/bulletin-us-participation-liability-shift-080911.pdf
One of the best write-ups on this is from Chase PaymenTech:
http://www.chasepaymentech.com/documents/emv_chip_technology.pdf
MasterCard shares their EMV roadmap in the current issue of "Security Matters" (pp.13-14)
http://www.mastercard.com/us/wce/PDF/PSI_Magazine_SecurityMatters_US_2013.pdf
Both Visa and MasterCard have the October 15, 2015 "liability forgiveness" for vendors that are fully "chip and pin" and "contactless" (tap to pay).
By 2017, similar programs are in place for fuel pumps.
Anonymous
Dec 27th 2013
1 decade ago