Researchers at Newcastle University in the UK claims that Visa’s credit-card payment system can be compromised online in “as little as six seconds.” The security flaw was possibly the point of entry for the cyber-attack on the UK’s Tesco Bank that lost £2.5 million.This isn’t some high-level hacking going on here either — all it takes for a determined thief to grab card data and a laptop with an internet connection with some basic guesswork, the paper says.
The team of researchers, led by PhD student Mohammed Ali, call the method “the Distributed Guessing Attack.” The approach: a thief generates random numbers to guess combinations of card numbers, expiration dates and CVV codes (that three-digit number typically found on the back of the card). The video below demonstrates just how easy it is to generate all of these fields quickly: According to the paper, there are three levels of data fields used by web merchants: Card Number + Expiry date; Card Number + Expiry date + CVV; Card Number + Expiry date + CVV + Address.
It takes just a few attempts to guess the data once the hack is put into motion with an active card number. Most cards are valid for 60 months, so guessing the expiration date takes at most 60 attempts.
The CVV is a bit more difficult to find, but not by much: the team estimates about 1,000 attempts at most. “Spread this out over 1,000 websites and one will come back verified within a couple of seconds,” Ali said.
The research paper, whose lead author is a 26-year-old PhD student, said the good news for people with MasterCard debit and credit cards was that this form of hacking did not work on MasterCards, because its systems were able to detect the attacks. It added that the minority of online retailers that used so-called 3D Secure technology to provide extra protection – such as the Verified by Visa, Mastercard SecureCode and American Express SafeKey systems – were also “safe” from this type of attack.
Did anyone see a bridemaid of color?
Five-year-old Lydia Port-Burke has self-published a fairy tale now available in the UK…July 7, 2014 Lydia Port-Burke has written her first book “Fairy Mission to Find Stripe” at the age of five. Her book, which unfortunately is not available in the US at this time, will support the British charity Children in Need. A portion of each sale of Lydia’s book on iTunes will go to the organization.
According to the BBC Children in Need website, the organization provides grants to projects in the United Kingdom which have a “focus on children and young people who are disadvantaged.
Police officers will not always have to attend court to give evidence because of Live Link, a live video link from police stations to magistrates’ courts, allows officers to give evidence from the station rather than have to go to court and wait to be called to the witness stand.
A court clerk can dial in and connect the officer live into court when the magistrate is ready for them to give evidence, allowing officers to carry on with their work in the event of a delay.
Live Link forms part of the Criminal Justice Efficiency Programm, a national initiative aimed at modernizing and reforming the Criminal Justice System by providing a swifter and more transparent system to meet the needs of victims and witnesses.
According to MyCheating,a national firm of private investigators who help people root out dishonest partners, information technology is now so profoundly integrated into our daily lives that people have become too trusting and cavalier with personal information. As a consequence fraud and infidelity are on the rise. According to Divorce Online a third of all divorce filings in 2011 contained the word “Facebook,”. There’s been a huge rise in female membership among married women aged 30+ on UK ‘cheating websites’ since the 2012 ‘Fifty Shades. 15 million people are users of online dating sites in UK – yet there are only 11.2 million single people in the country. Up to 200,000 people in UK were caught in online dating scams in 2011 . 1 in 5 couples now meet online yet a third of all online daters admit they’ve lied when writing their profile