Developed in part with a grant from
the National Science Foundation
Facebook Twitter RSS Mail Signup

Popular Posts

The 7 Biggest Craigslist Scams

Online shopping lovers beware: Craigslist is not always a bastion of wondrous deals and titanic savings. Internet con-artists ...

Read more284 comments

Wedding Dress Scams: Dream Dresses & Wedding Nightmares

Throughout the ages, the perfect wedding dress has captured the imaginations of women and girls everywhere. That makes it all ...

Read more174 comments

How Bad of a Problem Is Ebay Fraud?

You’ve heard the horror stories and have been told be to careful on eBay, but is fraud really so common these days? The ...

Read more132 comments

The Chargeback: How to Get a Credit Card Refund if You’ve Been Scammed

Most of us have been a victim of a website scam or online fraud. Maybe the pair of super-cheap UGG boots you just bought ...

Read more54 comments

11 Facebook Scams to Watch Out For

Whether we like it or not, Facebook has become a large part of our lives. Even if you don’t have an account, chances ...

Read more52 comments

Groupon Revealed: The Pros and Cons of Daily Deals

Have you ever wondered how daily deals sites worked? Hailed as a great success this new, niche retail market is helping ...

Read more40 comments

Penny Auctions Further Explained

A penny auction is a special kind of online auction that allows sellers of expensive items to offer them for pennies on the ...

Read more39 comments

Alerta Semanal de Fraude: Estafas de Tratamiento con Células Madre

Traducido por Gabriela Ixcoy Es imposible que al recoger un periódico no se lean las últimas noticias y controversias sobre ...

Read more28 comments

Smart Buyer Tips The Official Sitejabber Blog

A Brief History of Credit Card Security & Online Transactions

By Rich Johnson • 0 comments

Fewer Americans are carrying cash every day, opting instead to swipe their plastic and ditch the risks of paper money. It seems credit and debit cards are accepted everywhere today, from the millions of shopping portals online to the retail store down the street – even some new vending machines are starting to accept cards. But with so much swiping going on, what sort of fraud should the average shopper lookout for, and what security protections are in place to keep us safe? Today we explore a brief history of credit card security risks over the past several decades and the actions that have been taken to protect consumers from them.

Early AOL Phishing

(source)

Phishing is a form of fraud that takes place when a con artist mimics an reputable organization with intent to steal a victim’s credit card number. Long before the days of the modern web, early Internet adopters were subject to phishing attacks from the mid-1990s hacking community.

In 1998, Wired News reported on the problem, warning AOL members that “It’s not hard to phish, and being as how some members forget that [a security warning] is there right on the screen, it makes it very easy for the phishers to obtain any members’ passwords.” The big risk with these early phishing attacks was gaining access to the account billing information, which gave skilled phishers access to credit card numbers and bank account details.

Skimming Fraud

Outside of the Internet, credit card holders still need to be on the lookout of scam artists. Skimming is a scam that targets any shopper or restaurant customers that hand over their card. The scammer can either photocopy the card, or use a small electronic device to scan the card and steal the information.

CreditCards.com reports that some skimmer criminals use the stolen credit card numbers to go on shopping sprees, while others sell the numbers through a contact or over the internet. In recent years, credit card security has evolved to plot trends in individual purchasing behavior, and notify the bank when it spots strange looking transactions. This helps banks identify a stolen card and protect their customer before the charges get out of hand.

Bin Attacks And Card Generation

(source)

Despite how they may look, credit cards are not created from random numbers. Instead, banks issue cards in batches where the majority of the numbers are the same except for the last 4 digits. Fight-Identity-Theft.com explains that BIN stands for “Bank Identification Number,” and that “cards in the same BIN range have similar data like expiry dates etc.” Using custom computer programs, credit card thieves can manipulate these last 4 numbers thousands of times and come up with a series of valid credit card numbers to use for shopping online.

Payment Card Industry Data Security Standard

(source)

Recognizing the need for increased security for online credit card transactions, the Payment Card Industry Security Standards Council began putting new merchant standards into effect in 2004. Visa, MasterCard, American Express, Discover, and the JCB Data Security Program collaborated on a set of new mandates that would require Internet retailers to enact a number of saftey precautions to protect their customers paying by card.

Modern requirements include installing a firewall, encrypting cardholder data, and regularly updating anti-virus software to prevent worm attacks from harvesting data. The standard also requires retailers to keep their security systems up to par by testing their software against attacks and hacking attempts.

Modern Day Phishing

(source)

According to TheFreeLibrary, 53 million people in the US alone use the Internet for banking and bill pay – more than ever before in the history of the Internet. Just as the fabric of the Internet has evolved into a totally new animal since the early days of AOL, so too have credit card phishers become more skilled and cunning with their tactics. Taking advantage of the upsurge in online bankers, modern phishers can design websites that look exactly the same as those of major banks.

Scammers then lure in bank customers, usually through an email that requests the user to log into online banking and verify their identity. When the deceived customer enters their user name and password, the website captures it and sends it back to the scammer, allowing him to log in and drain the accounts.

Identity Theft Protection

(source)

The rise in online consumerism has made identity theft a troubling concern for over the past few years. In fact, eSecurity Planet reports that over 11.1 million Americans lost a combined $54 billion to identity theft crimes in 2009 alone. As a result, identity protection companies like LifeLock have developed products aimed at those afraid of loss and identify theft.

One solution offered by identity protection services is a constant monitoring of a customer’s credit report, which will show any and all unauthorized attempts to open new credit or loans. In addition, credit card purchases and spending habits are recorded so that unusual spending (or spending that takes place in another geographical location) can be identified as fraud and stopped as it occurs. However, one company providing this service, LifeLock, has received substantial criticism of its business model.


Share Your Opinions

Tell us what you're thinking...
and if you want a pic to show with your comment, then get gravatar!