This is a report about the hacking of corporate retailer databases, eg Target, Home Depot, etc, which captures the magnitude of the problem. I think it would have been better if more focus had been placed on the implementation of "chip and pin" technology which is coming in 2015, but still a real eye opener. http://www.cbs.com/shows/60_minutes...FE7oG/what-happens-when-you-swipe-your-card-/
The lack of preparedness is not the result of inadequate solutions, it's about money. The retailers have dragged their feet regarding the implementation of "chip and pin" smart credit cards because they haven't wanted to spend the money to upgrade all of the point of sale terminals and other infrastructure. The more secure smart card technology has been in use in the UK since 2004. The other important fact is the retailers have not been liable for the enormous losses due to fraud (the banks have been absorbing the losses). This is going to change in 2015 and that should spur implementation of the more secure system. Currently the only retailer I know of supporting the newer tech is Walmart. Walmart's terminals can accept chip and pin cards along with standard magnetic strip cards (never thought I'd have something positive to say about them LOL). https://en.wikipedia.org/wiki/Chip_and_PIN http://www.paymentsleader.com/will-retailers-be-ready-for-emv-by-oct-2015/ http://www.eweek.com/security/chip-and-pin-cards-finally-winning-acceptance-in-retail-sector.html
Saw that episode. If I recall, they said that 98% of major businesses have been breached. Assuming that's reasonably accurate, if you use a credit or debit card for retail purchases, it's almost guaranteed that someone is using or selling your card data. The only thing saving you is that no one has bought that data yet. "Fixing" the cards only fixes part of the problem. The whole system still uses a very insecure system to send and receive data, the internet. It doesn't solve the problem of businesses, terminals, and user devices being compromised. If the cards themselves are fixed, another part of the system will be targeted and we'll be back where we started. All of this has a simple solution. Don't use credit/debit cards. Pay with cash. It's much easier for an adversary to steal your card data than it is for them to physically rob you.
As a matter of interest has anyone tried to go on a website that sells credit card details? ie silk road type of sites and tried to buy their own details back?
Interesting thought, literally paying ransom for your own identity. That assumes a lot of honesty on the part of the seller, that he's only selling each identity or group once.
I can picture it on TV during prime time. I am sitting on camera being charged with the felony of using a carding site to buy back my own identity. LOL!!
I always wondered, why USA, which actually started to use card payment system ages ago, still uses the old embossed card system, while the rest of the world moved forward. In my country no one uses embossed cards, contactless rules now. I guess, they just do not want to invest money into the new payment terminals?
The US companies that created this system care only about profiting from it and inserting themselves into everyones finances. They're not interested in investing in it or securing that system unless there's immediate profits to be made. People need to see them for what they are, profiteers that don't need to be involved in people's financial activities. Using them does not save or earn you any money. Only they profit from their involvement. The convenience of paying with plastic is completely offset by the inconvenience and hassle that one data breach can cause. With 98% of businesses having been breached, it's only a matter of time for most people. It doesn't matter how careful you are or how well your devices are secured. The businesses that accept those cards aren't well secured. Neither are the financial institutions themselves, not to mention the internet that connects all of them. Plastic money, debit and credit, serves 3 purposes, none of which benefits the user. 1, To involve themselves in and profit from our financial activities. 2, To create an easy way to monitor our financial activities. 3, To create an easy way to constantly borrow and spend money you don't have, which keeps you in debt and financially enslaves you.