Credit Cards And The "Fantastic" CVV CVC Code

[SIXTYNINER]

Hey all ,

it is not fantastic ?

credit cards with CVV - CVC code printed in the back (and-or the front) ,
so that anyone can hold even for a few seconds the card ,
maybe picking it up after you accidentally dropped it
(or it was dropped on purpose)
and-or if with new Ray Ban Smart Sunglasses ( another crime against privacy ?)
equipped with micro cameras , microphones ,
and wireless connection to transfer footage in real time
to smartphones , wireless media drives , etc...
able to store the data required to make payments for online purchases etc... ,

and about the fantastic contactless option ?
check recent cases , where thieves with specially created scan apps
have positioned themselves in the most crowded places
such as underground stops, busy squares , and similar places ... ,
hoarded thousands of small sums
by taking advantage of payment with the contacless automatic authorisation ,

and as icing on the cake :
found online a talk about the 3 and 4 numbers CVV-CVC codes ,
and the easy way to crack them ,
https://www.darkreading.com/vulnera...guesses-full-credit-card-details-in-6-seconds
other more ?

but they just can't (or won't)
adopt a more secure payment aurtorization system ?
cheers

 

[AnalogPackrat]

I'm really looking forward to the grand utopia of the cashless society. Aren't you? <sarcasm intended>

 

[JohnRoberts]

The microprocessor cards generate unique handshake codes when used so sniffing the number is not the full monty.

The security algorithms are pretty good at detecting fraud but the last time my card was hacked they used it to buy airfare in Europe.

AFAIK I was made whole after both hacks but it was a PIA. I was hacked twice in a period of a few months... It looks like they plugged that hole.

JR

 

[user 37518]

My bank no longer issues cards with any numbers printed on it. The CVV code is dynamic, you have to generate it with an app and it is only valid for 5 min. It is a double-edged sword, it does help secure your card, but it makes registering the card for automatic payments or similar issues completely useless.

 

[JohnRoberts]

I can get my CC company to issue temporary single use card numbers for making web purchases from dodgy vendors.

JR

 

[pucho812]

Just wait, they may start doing multi factor authentication on purchases.

 

[JohnRoberts]

don't give them ideas....

 

[totoxraymond]

Just wait, they may start doing multi factor authentication on purchases.

My bank already does that. Not every time, but they require a 2-factor authentication every month i think?

I think it's a EU requirement now.

Not really a problem, most of the time, I use paypal for online payments. This way i'm sure my CC numbers aren't registered everywhere on the internet.

 

[cyrano]

Using PayPal is probably worse, security-wise.

There's a new car hack out there that affects most modern luxury cars. The problem isn't the crypto system an sich, but oversights in the implementation. As usual.

https://i.blackhat.com/USA-22/Thursday/US-22-Csikor-RollBack-A-New-Time-Agnostic-Replay-Attack.pdf

 

[Rob Flinn]

I have a wise account for European use. Their debit card is now issued with no name or number on it, so getting a photo of the card is useless for fraud purposes.

 

[gyraf]

dariokgladstone - can you explain why you chose to replay to this eight-months old thread? You're under suspicion for being a bot..

/Jakob E.

 

[SIXTYNINER]

Using PayPal is probably worse, security-wise.

There's a new car hack out there that affects most modern luxury cars. The problem isn't the crypto system an sich, but oversights in the implementation. As usual.

https://i.blackhat.com/USA-22/Thursday/US-22-Csikor-RollBack-A-New-Time-Agnostic-Replay-Attack.pdf

There are not good "perspectives" about.....
(..if nobody put an hands on...)

the much-vaunted biometric scanning system has been said to be unreliable,

artificial intelligence in the wrong hands will give some examples...
unfortunately...

etc...