Reader Comments (rss)

(Flattened / Threaded)

•  

  

  Anonymous Coward, Feb 24th, 2009 @ 6:28pm

  
  

  I think they do it on purpose

  It wont be long before there is a bill introduced to remove the obligation to report these incidents. It will be cleverly named something like the Truth In Data Breaches Act. Then when you report invalid charges on your account they will act like it is all your fault.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  TheStupidOne, Feb 24th, 2009 @ 7:49pm

  
  

  Verified Addresses, Bio Identifiers

  AND THE MARK OF THE BEAST!!! Beware everyone. the end time are upon us. The antichrist will rise soon and force us all to get RFID chips containing all of our financial information implanted in out hands or on our foreheads!!!!!
  
  but at least our information will be "secure"
  
  (waits for people to think I'm serious)
  
  I really should start using virtual credit card numbers for websites, but even then it doesn't help the real cards I get having their information stolen.
  
  hmmmm, what could be a good solution. How about a payment system for online purchases that generates a number for each individual merchant. If a charge comes through for a number that is specific to a merchant, but from somewhere else, then the bill goes to the merchant the "lost" the number. Then for an actual card, how about combine fingerprint and the card to make it work. might not be reasonable, but it is much more secure than a digital signiture.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Anonymous Coward, Feb 24th, 2009 @ 8:26pm

  
  

  Re: Verified Addresses, Bio Identifiers

  "hmmmm, what could be a good solution."
  
  - Companies actually giving a shit ?

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Evil Mike, Feb 25th, 2009 @ 6:46am

  
  

  Re: Verified Addresses, Bio Identifiers

  In order for something like that to work, you'd need a unique identifier generated from a combination of merchant id, merchant location, shopper id, shopper location, and time/date of transaction. Keyword here is UNIQUE. Use a separate method of verifying the components of the unique transaction identification--verifies ALL of the info--and, of course, you'd have to make it un-spoofable.
  
  Good luck with that.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  chad, Feb 25th, 2009 @ 9:25am

  
  

  Re: Re: Verified Addresses, Bio Identifiers

  Why not have credit cards that have rotation numbers similar to RSA's SecurID authentication tokens? Combine that with a pin, and you have a more secure card.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  eleete, Feb 24th, 2009 @ 8:41pm

  
  

  Identity Crisis

  I wonder how much Identity Theft has to do with the current crisis. We all hear about mortgages, but with that post about the Nigerian Scam perpetrated on CitiBank, Im surious what role Identity theft has in this whole mess. If it isn't completely manufactured in the first place. How many of these failing financial institutions (potential bailout recipients) would be willing to admit that they are victims of scams around the planet ?

   

  [ reply to this | link to this | view in chronology ]

•  

  

  eleete, Feb 24th, 2009 @ 8:42pm

  
  

  Re: Identity Crisis

  surious = curious
  late night, sry

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Anonymous Coward, Feb 25th, 2009 @ 5:38am

  
  

  Think of the children!

  I'm sure advocates of keeping wifi logs for at least two years, wiretapping U.S. citizens, and those who would make file sharing illegal will be adding this to their defense. "See! Look how much child porn was purchased with stolen credit card numbers! Using credit cards should be illegal. Think of the children!"
  
  Honestly, I don't think we're far off from having mandatory RFID tags. They already put them in credit cards, passports, its not a far strech to think they will be added to state ID and drivers licenses.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Some Credit Card Holder, Feb 25th, 2009 @ 6:10am

  
  

  I activated my last replacement card less than a week ago. Maybe they can just send me two more right away that way I don't have to wait so long between data breaches.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Anonymous Coward, Feb 25th, 2009 @ 7:04am

  
  

  fear mongering?

  I have had credit cards for better then 20 years and have never nad to change a number or been the victim of any fruad. I take only general "thinking person" precautions and have only had to change cards on a couple occasions and each time only because I myself lost the card (I would also point out that I never cary cash and do absolutely everything on credit cards).
  
  Im not sure this hysteria is really all that productive. Especially when the credit card companies themselves absorb the vast majority of fraud people actually do encounter (which I suspect is much much much lower then many in the media - and security business- would have us think).

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Gortha (profile), Jan 19th, 2010 @ 4:06pm

  
  

  Re: fear mongering?

  Actually the credit card companies do NOT absorb the majority of the fraud...the breached merchants do. I know..I'm one of them and there are thousands of merchants nation wide who have agreed to do this so they can continue to process credit cards in their businesses. It's sad...smacks of paying protection money to the mob...black mail...call it what you want. But the credit card companies won't take you unless you agree to pay any "charge backs" to cards that were compromised if their system is hacked.
  It's quite a racket! I was impressed. Sickened...but impressed...and it's legal. Go figure.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Pin Me, Feb 25th, 2009 @ 9:16am

  
  

  Pin Me

  When is the use of Credit Cards going to require the entry of PIN numbers as well as the swipe. Then we could change our PINs every 30 days.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  TJ, Feb 25th, 2009 @ 8:45pm

  
  

  A benefit to disposable numbers

  Since this case only involves card-not-present transactions like Internet sales, it looks like using disposable numbers can give me peace of mind on this one. Am using Bank of America's ShopSafe that issues unique numbers through a Flash applet, but there are other solutions too. It is a shame that I now have to be more worried about using the cc at a restaurant or gas station, and having been through trying to get false charges reversed with another bank it is something that concerns me.
  
  Something like chip-and-pin in the UK would be a step forward, but apparently that system sadly wasn't designed to be as resistent to direct hardware tampering as it could/should have been. It would be so nice for a change to see a mass-market security system rolled out where white-hats were given a chance to find obvious weaknesses before millions of people were using the thing.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Anonymous Coward, Mar 8th, 2009 @ 12:51pm

  
  

  One popular approach is to transfer your high-interest credit card debt to some lower-interest loan - either a home equity loan or a low-interest card http://www.credit-cards-rates.co.cc

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Nikhil Agarwal, Mar 18th, 2009 @ 12:33am

  
  

  Credit Cards

  I have got new credit cards that resolves all my problems from kotakcards. All of you can also get the best credit card deals online form Kotak Credit Cards. It’s time to get the best rewards from your credit card. Apply for free online credit cards available offered at http://www.kotakcards.com/

   

  [ reply to this | link to this | view in chronology ]

Add Your Comment