Technology aids credit card thieves
We, as a capitalist society, like buying things. Stores use days like “Black Friday” and phrases like “BOGO” (buy one, get one), “doorbuster deals”, and “(insert number here) percent off” to get customers through the door. And more often than not, customers will probably pay with a debit or credit card. Well, last week some of those customers who did some Black Friday shopping at retail giant Target and paid with a credit/debit card were in for some nasty news: their information may have been stolen.
We like to think that we’re safe as we shop, that no one could steal our credit cards because we’ve taken every precaution on our person. However, in this day and age, your credit card could be stolen from you and thieves don’t even have to take your wallet or purse. And you wouldn’t hear about it on the news. No, you wouldn’t find out until you check your statements. Thieves can steal your info to commit fraud in quite a few ways, starting with:
1. RFID chips: Some of the newer cards (2011 to present) carry radio frequency identification (RFID) chips in them. RFID chips transmit data via electromagnetic waves, even while the card is still in your wallet/purse. Not to give anyone any ideas here, but if your card has an RFID chip then a crook with a tablet, netbook or smartphone can attach a card reader to it and conceal it, and all he or she has to do to steal your info is stand close to you.
While the security codes change for every transaction with an RFID card, sometimes even just one transaction can be suspicious. The best way to protect from this, as Consumer Reports found out, is a shield made from duct tape and lined with aluminum foil. There are “RFID blocking” wallets out there, but Consumer Reports found them to be ineffective.
2. The magnetic strip: According to an Associated Press article, most credit, and debit cards are still stuck in the ’80s and ’90s. Updating technology is both time-consuming and costly. Then again, so is dealing with fraud.
One thing that is from the 20th century is that big black line on the back of your card. Yes, the magnetic strip. How can this be a security problem?
For starters, it’s what’s inside said strip. It contains your name, your account number, your card’s expiration date, and security code. If I were a hacker, everything I’d need to steal your information and loop town, or even make another card, pretend to be you at various stores, and loop town would be in that strip. (However, I wouldn’t do that, because that’s just how nice I am.) As said rhetorical hacker, I would be able to snatch your data during the 1.4 seconds it takes bank computers to talk to and send data to each other as you swipe your card, or even snatch it from a database where your info is temporarily stored.
3. Internet-based terminals: The Internet makes shopping very convenient. Unfortunately, it also makes theft convenient too. But these days, stores are starting to switch to faster, Internet-based credit card terminals instead of the older, slower square terminals.
Their speed, however, compromises security. The thing about those older, square terminals is that they weren’t hooked into the Internet. Without encryption or firewalls, the guy or gal in the store hogging up most of the Wi-Fi could really be a hacker trying to steal credit information for him or her to use, or even publish for other hackers to use.
4. ATM’s: According to a 2010 Forbes article, a security researcher named Barnaby Jack demonstrated a vulnerability at the ATM, and all he needed was a USB flash drive and a master key (purchased online). Using the flash drive, he manipulated the firmware on the ATM and got it to spit out money as though he won the jackpot at a casino. With this firmware manipulation he could also get ahold of credit card and PIN (personal identification number) codes as they were entered or swiped. While he did it to address the inherent flaws in ATM systems, it is possible that someone could do this maliciously.
Another person reprogrammed an ATM using only the keypad and an instruction manual (with passwords) posted online. It’s possible that data could be stolen in this way too.
What is the point of this? Should we stop using our debit/credit cards after years of doing so? No. Should we hope for retail stores, banks and credit card companies to step up their game as far as security is concerned? Oh, definitely. But while we’re using our debit/credit cards, we should do so without hubris. “It’s never happened to me and it probably won’t.” It has happened to others, and it can happen to you.