April 26, 2016

All About Fraud: How Crooks Get the CVV

This post was originally published on this siteA longtime reader recently asked: “How do online fraudsters get the 3-digit card verification value (CVV or CVV2) code printed on the back of customer cards if merchants are forbidden from storing this information? The answer: If not via phishing, probably by installing a Web-based keylogger at an online merchant so that all data that customers submit to the site is copied and sent to the attacker’s server. Kenneth Labelle, a regional director at insurer, wrote: “So, I am trying to figure out how card not present transactions are possible after a […]
July 30, 2020

Is Your Chip Card Secure? Much Depends on Where You Bank

This post was originally published on this siteChip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards. A chip-based credit card. Image: Wikipedia. Traditional payment cards encode cardholder account data in plain text on a magnetic stripe, which can […]