When the credit and debit card companies replaced cards in 2016, the chip included with them was supposed to simplify our lives and secure our purchases. However, according to several tech websites, this may be the farthest thing from the truth.
Known as the EMV, or EuroPay MasterCard and Visa chip, it creates a one-time-use code for each purchase. In the past, the information that passed from your card to the terminal was always the same. The idea of the information changing every time means the vital information to steal your funds is hidden from the hacker. This code may make the card take a bit longer to process, but the chances of the card number being stolen at the terminal is reduced.
What the Techies Think
In the summer of 2016, while the new cards and card machines were being released in earnest, accounts were popping up daily about chip cards being hacked. So, what is actually going on with the chip cards? Are they safer? Below is how a few of the big boys in tech feel about these cards.
CNN.tech noted in August 2016 that “retailers focus on protecting the computer network that supports their payment system.” However, they are not considering the conversation between your credit card and the machine. This conversation still stays in a plain text that hackers can glean information from.
RippleShot.com put aside the brick and mortar machine concerns as early as 2014, noting that fraud in that area dropped 75 percent after the UK switched to the chip. They focused on the change the fraudsters made in their own strategy including online transaction, ATM fraud and markets without chip-and-PIN technology.
But the biggest news shared by thehackersnews.com and others, was a PIN and chip hack at the 2016 Black Hat conference. Researchers from Rapid 7 Security showed off a two-step system of gaining access to several cards and hacking an ATM for approximately $50,000!
How Did They Do It?
First, the team showed that fraudsters could attach a unit called a shimmer to a point-of-sale (POS) machine. In this case, they used an ATM’s card reader. A shimmer becomes a man-in-the-middle, sitting between the card’s chip and the card reader in the ATM. The shimmer then records the data on the chip, including the PIN, as the ATM is reading it.
The thieves then used a smartphone to download the stolen data, recreated a card in an ATM and included the instruction for the ATM to eject cash constantly.
As we can see, the release of the next wave of security features in any field of technology is also an opportunity for somebody to work on hacking that security to get what they want. The best way to ensure a secure network for point of sale, electronic records or other valuable information is to contact CMIT Solutions of Centreville today. We worry about IT so you don’t have to.
CMIT Solutions of Northern Virginia provides a strategic approach to IT consulting that improves performance of your business technology in the most cost-effective way possible. Assisting businesses in Centreville, Chantilly, Dulles, Gainesville, Manassas and Haymarket, we can help you achieve the fastest return on your technology investment. Call 703-881-7738 today to see how we can help your business stay in business.