Putting all security and functionality on a single card makes it unsafe
Putting all security and functionality on a single card makes it unsafe
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Credit card flaws fuel online fraud bonanza

Fundamental design errors helping criminals, claims analyst

Robert Jaques, vnunet.com 10 Mar 2005
ADVERTISEMENT

Today's credit cards are vulnerable to online fraud because of fundamental design flaws, industry experts warned today.

According to Forrester Research, the provision of all security and other functionality on a single physical card makes it intrinsically unsafe.

Ivan Remsik, senior analyst for financial services at Forrester, warned that, as long as multiple technologies use or reside on the same physical plastic entity, fraud is set to rise.

"The criminals will always look for the weakest combination. For instance, they would copy data from the magnetic strip on a chip card and acquire the cardholder's Pin through a fake terminal," he said.

"It is then child's play to encode this data on a plastic hotel room key and use it to withdraw money from a cash machine."

The analyst firm also warned that card fraud is increasingly moving online. Remsik argued that "something clearly needs to be done" to reduce the ease with which card-not-present fraud can be perpetrated, in particular online.

But he added that the current fraud prevention mechanisms on offer from Visa and Mastercard have their own problems.

Forrester indicated that various types of online scam targeting the consumer are on the increase, both technical, such as Trojans, and non-technical, such as phishing.

The analyst firm believes that fighting this threat effectively must combine technical and non-technical responses from financial services institutions, and potentially others such as ISPs.

Forrester's warning comes after the Association for Payment Clearing Services released figures this week indicating that UK card fraud increased by 20 per cent in 2004 compared to the previous year.

According to APACS, losses are reported to total £504.8m. The rise is attributed to fraudsters increasing their activity before the security benefits of chip and Pin are fully realised, in addition to targeting other areas such as card-not-present and identity fraud.

See also:

Vendors fight card cheats
New payment system developed to fight card-not-present (CNP) fraud  13 Jun 2005
Security
Security
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack.  15 Apr 2004

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story
R E A D E R   C O M M E N T S
Post your comment Post your comment   What is this?

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Senior C# Agile Web Developer, Online Gaming, London
| Aston Carter
Senior C# Agile Web Developer, Online Gaming, London My Client provides adult customers with high quality gambling and gaming services in an environment that is convenient, entertaining, fair, regulated and secure. My Client is one ... more >
EMC, NetApps, West London, Media
| Aston Carter
EMC, NetApps, West London, Media • NetApps FAS ... more >
Data Analyst / Trafficker / MI Analyst / Information Analyst - Online Gaming Company
| Abraxas
Data Analyst / MI Analyst – Leading Online Gaming Company A Data Analyst / Trafficker is sought by a leading online gaming company. The role encompasses all aspects of online advertising including data handling, communicating ... more >
Power Electronics- Field Applications Engineer-55K Package
| JAM Recruitment
Field Applications Engineer Power Electronics/Supplies Europe/Based Surrey Permanent Position £35-45k Basic+Bonus 10-15%+Car/Car allowance A global organisation involved with the design and development of power supplies actively requires a Field Applications Engineer to strengthen it existing ... more >
More job opportunities
Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Feedback . Contacts
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503