It only takes hackers six seconds to guess or steal your Visa card details (Video)
According to security researchers from Newcastle University, they have reveal how it only takes six seconds for hackers to get a Visa credit or debit card’s number, expiry date, and security code.
To be clear the air, only users of Visa cards both credit and debit are vulnerable to this attack. MasterCard has proved to be a tougher nut to crack.
Before publishing their findings in a paper published in IEEE Security & Privacy 2017, the researchers informed Visa about the gaping hole in the Visa cards security but they taught that it was a joke.
The exact problem that the researchers have found stem from two oversights in Visa’s implementation. The first, which should be the gatekeeper, is that Visa doesn’t limit how many failed attempts are made before it locks down the account from further access. This means that computer programs can try to brute force guessing a card’s credentials without fear of being locked out. MasterCard, in contrast, limits it to 10 attempts, no matter what website or e-shop is used.
The second error allows for what is termed a Distributed
Guessing Attack. In a nutshell, different online merchants sometimes ask
for different card data fields, revolving around card number, expiry
date, CVV, and credit card security code. This means that, when taking
into account the infinite times a computer program can guess a
combination of those fields, hackers can piece together correct guesses
from different websites to form a complete and valid credit card
You might think that all this is complicated but, for a
computer, all it takes is 6 seconds. Hackers don’t even need to have the
credit card number, as they can also brute force guessing a valid one.
Guessing expiry dates only takes 60 attempts, which can take place in a
split second, because credit cards usually only issue cards valid for 60
months. And the three-digit CVV only takes less than 1,000 attempts.
All of these can be tried numerous times without repercussions from
Sadly, the researchers say there is no silver bullet to this problem
other than due vigilance on the user’s part. On Visa’s side, however, it
would do well for the organization to put a hard limit on failed
attempts, just to make it harder, though not impossible, to pilfer
credit card data.
You may be interested
EaseUS Reviewed: An Effective Data Recovery Software?Olufemi Ajayi - September 19, 2018
Sometimes it is easy to forget just how much we depend on our laptops’ hard drives. It is when disaster…
MTN Launches Voice Over LTE ServiceObadina Dahood - September 14, 2018
MTN has just launched the Voice Over LTE service (VoLTE) service on its network in South Africa. MTN new Voice Over…