>Let's put it into perspective.. you go to a restaurant, and give the
>camarrero your credit card, he disappears for 15 minutes to run it through
>the machine. If he was bored enough, or part of a gang, he could be
>making a copy of your details.
>
>A bored teenager, decides to look through the dustbins outside the same
>restaruant - maybe he finds all those pieces of carbon paper with the
>imprints on them.
>
>That said, I still wouldn't use my card over the Internet :-)
Just FYI (not to start another off the topic debate)
heh....5 years ago in the states, I wrote both client & Server
applications for BankNet, VISAnet, and NDC and other Banking Financial
Transaction networks which mostly utilized X.25 Networks (usually leased
space from BT, Compuserve, etc) for the Authorization, and Transaction
processing of Credit Card Transactions made with Automated Teller
Machines and Credit Card Verification Systems from the makers of
Verifone, Omron, NDC, etc.
Even though the card numbers were *supposed* to never leave the credit
card terminals without being encryted, they were stored as "plain text"
in the terminals memory until transaction processing. Although most
people these days seem to "feel comfortable" enough to let people pass
thier cards through said terminals, in reality, it would be easier for
someone to actually DIAL IN to a terminal (yes, most support dial-in
access) and download all it's data-card tables in ASCII format. I could
be in and out of the terminal in under just 1 minute, and walk away with
over 400 card numbers and the only logs would be of a simple unobtrusive
phone call.
Now.....your sayiing to me that you would never use your credit card over
Internet Based security layer protocol that would take someone at about a
week to crack, but yet you would trust your card to some kid to slide
your card through a credit card terminal that has almost no security
preventions at all? Come on.
And yes, most of these same and similiar terminals with large gaping
security breaches are still being used today all over the world. In
fact, Verifone and MicroSoft have signed agreements to develop
applications together for the banking industry over the Internet. Now
there's an example of security (sarcasim intended)
AS for me.... I haven't used credit cards in the last 5 years. :)
Kevin McPeake
|
|
