A bot can guess banking information on a credit card in a few seconds, as proved by researchers from Newcastle University.
Taking your bank card in your wallet and entering the different information to make an online purchase takes up to one minute, right. It may sound to be quite fast, but it’s still ten times as long as it takes a hacker to hack this same card, as it was revealed by researchers from Newcastle University. In France, the National Observatory on Crime and Criminal Answers also revealed in its latest report published on December 7th that a sharp rise in fraudulent withdrawals from bank accounts has occurred.
Thus, it would take no more than six seconds to guess your credit card detail information by using a simple Internet connection and a bot, via the “mass guessing” technique, which allows multiple tests to guess Information.
Scientists explain how this can so simply happen: the first step is to get a 16-digit card number. It’s easy, because codes are trade online for less than a dollar per unit. It is then enough to guess the expiration date of the card and the three-digit security code on the back, which information is used by the majority of merchant sites to verify that the bank cards are valid.
For this, hackers use a bot that will connect to dozens of different e-commerce sites to test different combinations. Thus, guessing the month and year of expiration of the said card takes up to sixty tests maximum. As for the three-digit security code, there are only 1,000 possible answers.
Most of the sites allow 4 to 50 missed attempts before setting an alert or even do put any limit. It is then easy for the bots to test hundreds of combinations using different sites. Indeed, as explained by the researchers, unlike MasterCard, Visa does not have any device to detect “mass guessing”.
The real key to the system could be the variety of information that payment sites require, in addition to the card number and the expiration date, you can also ask the address of its owner. But researchers explain: “We have observed that the differences between the security systems of the various websites are a exploitable vulnerability” because they allow the bots to easily crosscheck the results. Therefore, it shows that, the more the merchants add verification fields by believing to reinforce the security of the system, the more it is thus weakened.
Visa responds that “this research does not take into account the multiple levels of protection existing within the payment system”, ensuring that it is “committed to limiting fraud and working with card issuers and acquirers to make it more difficult to obtain Illegal of these data “. “The most important thing” for consumers, says Visa, is that “if their card number is used fraudulently, they are exempt from liability”.
Use the best VPN service to protect yourself from cybercriminals and cyberattacks. You will thus make sure that no one is listening and using the data you send on the Internet, even if you use an unprotected Wi-Fi connection. You will thus prevent anyone to access to your e-mail accounts and credit card details.
Our VPN service encrypts your Internet connection through a complex system, using the AES-256 algorithm. This coding makes it impossible for anyone to interact with your personal data, even if your connection has been intercepted or compromised when using an unsecured Wi-Fi. So each data you will send will go directly into your secure virtual tunnel. With a VPN, you can easily direct your traffic by choosing a server in one of the 114 available countries. Thus, you will use the best VPN services available for a secure Internet connection from your tablet, smartphone or iOT.
CYBERSECURITY MONTH SPECIAL
Get Le VPN 2-year plan for $69.60 or $2.90/month