![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-224192-100x100.png\")
I'm surprised none of them have this sort of thing already. Well, actually I'm not that surprised, given the fact that the basic credit card system is fundamentally flawed from a security perspective. This might help to limit the processors' exposure to data breaches, but it doesn't fix the basic problem with credit cards, which is that they use a static number that can easily be stolen simply by looking at the card, using a skimmer, etc. You can use more and more sophisticated encryption and storage schemes, etc like this to limit the damage caused by breaches, and that's a good idea, but it's still way too easy for someone to steal a credit card number and use it.
If Visa/MC were really concerned about security, they should go to something like a contact smart card system with strong cryptography on the card and only one-time-use numbers for everything. But it's their decision, as it's their liability if things get stolen.
![\"user-pic\"](\"/css/images/default.gif\")
A debit card is \"two factor\", but a PIN is false security. Plus if it gets breached, you are SOOOO screwed. Try explaining to a bank how your super secret PIN somehow got out.
And as a frequent card user, I have security concerns, but I don't want to make it inconvenient to use my card or take away the ability to use it on the internet or offline when the system is down.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-68654-100x100.png\")
@johnva:
But it's their decision, as it's their liability if things get stolen.
see, THAT is the whole problem with the system. i'm assuming that \"their\" in your post means visa/mc. that couldn't be further from the truth. here's how a transaction pans out:
you --> retailer --> retailer's processor --> card issuer's processor --> card issuer
now, what you'll notice is that visa never really touches it, or more accurately, this is all visa. they provide the infrastructure/rules/hardware/standards for the system.
typically, when fraud occurs, the rules dictated by visa decide who pays: you, the retailer or the card issuer. visa is NEVER on the hook. breaches are a little different b/c each link is ultimately responsible for their security. in these cases, a processor could be on the hook (like w/ heartland). now, banks & processors typically have insurance to mitigate these incidents, but in the face of multi-million dollar breaches, the insurers are starting to do what insurers do - tell you to piss off when you need them most.
the point is, the people most likely to lose when fraud occurs are the least likely to do anything about it. insurance companies aren't even customers of the system, so it's not like they can do a whole lot. card issuers & retailers are pretty much hanging by their balls here. the processors have some interest in keeping their data safe, but the real culprit is visa & they don't have any exposure here.
@johnva:
What makes me cry is that the technology to fix ALL of this exists today.
In itself, it's not rocket surgery or brain science. But getting the industry to THINK securely is a monumental undertaking. The card companies may be satisfied with PCI, but I consider it only a most basic starting point. It's a joke.
The entire credit card infrastructure needs to be overhauled, starting with the swipe terminals used at the point of sale, all the way up to the banks. I don't like giving my card to someone and having them walk out of my sight to process it. The skimmers have portable swipers, so why can't the vendors have them? While we're at it, let's make sure that the swipers are communicating securely and that the swipe and the clearinghouse have authenticated themselves.
While we're at it, let's move away from the 60 year old model of \"swipe and it's authorized\" to a 2-factor model. This will necessitate the use of portable swipes so my card never leaves my presence. Tie it to an RSA-style keytoken that changes every minute. Now, even if you have my card number, it won't do you any good unless you have my PIN and keycode. And if you do have it, it's only good for 60 seconds.
I could go on and on at each level, and wonder why nobody has done anything to fix an obviously broken system. While we're at it, let's enforce the \"Hey big retailers... you shouldn't be retaining your customer's card info\" rule. They have no real need for it, and it's only going to lead to problems.
@cabalagent1: Yeah, like I said, the entire CC infrastructure is fundamentally broken. As always, it's an issue of money that prevents it from being upgraded. It would appear that so far it's cheaper to just buy insurance or something against fraud than to actually fix the infrastructure. The sad thing is that I'd be willing to bet a large part of the infrastructure actually gets replaced periodically anyway. I'd bet that the largest part of the cost of a new credit card system would be replacing all the POS terminals out there, and the retailers already have to buy new ones of those every time they wear out. Agreed that PCI is a joke.
I think this is a case where the people involved with fixing this simply don't see it as worth it. The losses just aren't enough, yet, for them to care.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-21984-100x100.png\")
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-202178-100x100.png\")
![\"user-pic\"](\"/mt-static/support/assets_c/userpics/userpic-125641-100x100.png\")
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-348996-100x100.png\")
This is the internet. Connecting to 50 machines won't take someone with \"skillz\" any longer than it took them to amass that 250k computer botnet they're abusing. And how is finding the IPs of another 49 botted PCs going to help them? Consider that in all likelyhood every one of the 50 computers is going to be running exactly the same everything--break into one and you can own them all. Or are they going to have each one running its own OS and a different revision of software?
And the data needs to be knitted together. Wooooo! I'm sure that will stop them! Absolutely fo' sho'!
@shepd: Fortunately, since almost no sites have security that weak, it's not about skill or resources, but about the time the attacker spends to acquire the accounts.
Yes a 0day could own a large number of servers, but not all of them. Vendors are getting better about protecting their servers lately (see the 0day archive [research.eeye.com])
@shepd:
I posted exactly this idea. It's dumb, if 1 computer is hackable, then 50 will be well, 50 hackable computers.
This is a dumb idea.
The apples and oranges analogy of $5 in 200,000 houses is also pretty stupid. $5 is a physical thing in 200,000 houses which you'd have to break into to physically retrieve. Credit card numbers are all electronic, and all available via the Internet via an IP.
Stupid idea, let me guess, consultant sold them on the idea right?