Credit cards – almost everyone has you and those who don’t have them can usually only participate in online business to a very limited extent. Booking trips, shopping for products and services – all of this is hardly possible today without a credit card on the Internet. However, not having a credit card has the advantage that you are not exposed to the risk of accessing relevant data.
Now one may well counter that credit card security has risen dramatically in recent years. At first glance, this is absolutely correct, because thanks to the chip, secure codes, signature etc. and the technological interplay of all these security mechanisms, the credit card has really become increasingly secure.
But what is often overlooked here is the fact that the technical upgrade for the security features of a credit card also entails a technical upgrade on the other, fraudulent side. Plain text: Even potential credit card fraudsters do not sleep and are constantly looking for ways to “hack” credit cards.
Hackers are still using existing gaps in the credit card system
The test of some IT experts has now shown that the “hacking” of credit card data is obviously not as difficult as you might think as a normal consumer. You have managed to access all relevant data from the latest credit cards within 6 seconds. As a result, these could have been used for credit card fraud.
The fatal thing is that it doesn’t even require highly specialized knowledge, hard-to-obtain software or the like to get this data from a credit card! A normal notebook with an internet connection is completely sufficient. Required, necessary software can be easily found on the Internet. Online shops are a necessary basic element for tapping or “finding out” that data. How does it work?
British researchers have shown it with a simple method: credit cards can be “hacked” in just 6 seconds!
Different testing methods in online shops offer the target
In order to demonstrate how easy it can be, the researchers had the initial numbers of credit cards generated using simple software available on the Internet. These numbers were then automatically sent to a variety of online shops for validation. If a credit card number was validated, online shops were filtered, which only ask for the card number and the expiry date when paying by credit card.
Since the card number had already been validated and was therefore considered to exist, all that had to be done was to find out the expiry date. Most websites allowed such information to be made up to 20 times before access was blocked. If you were unsuccessful within the 20 attempts on one portal, you switched to the next portal and started a new attempt. The test showed that the expiry date could be found after a maximum of 60 attempts.