Your Debit Card Is Much More Dangerous Than You Think

  • Share
  • Read Later
Daniel Acker / Bloomberg / Getty Images

Citibank this week announced that it was replacing the debit cards of customers whose accounts were compromised in the great Target Christmas hack. The names, addresses, telephone numbers and email addresses of more than 100 million Target customers got hacked but Citi delayed replacing them because it didn’t want to unnecessarily disrupt Christmas shopping.

But replacing these cards with the same magnetic stripe technology is like replacing a padlock that’s securing a lockbox with another padlock after someone just used a bolt cutter on it. Look at it another way: the credit card industry is still on dial-up while the thieves are using high-speed broadband. It’s a losing battle and one the reasons why the U.S. retail industry is going to remain a target until it catches up with the rest of the world.

For years, consumers in Europe and many other countries have used a technology called EMV (for Europay, MasterCard and Visa), created in the mid-1990s that makes it possible for retailers to confirm payments locally instead of placing a call to your bank. That’s possible because of a chip on the card that requires you to tap in a PIN code at the point of purchase. Simple. Safe. Secure. Instead, we’re stuck with magnetic stripes from the 8-track cassette era, which are vulnerable to hacking. With most of the planet using higher tech, hackers naturally focus on the least secure market. (Citi did not respond to request for comment.)

Chip and PIN is making its way into the U.S. slowly; you can get chip and PIN credit cards, which are better to use if you travel overseas. Meanwhile the credit card companies, banks and retailers have been bickering for years over adopting the technology and about who’s going to pay for the infrastructure needed to install it.

Some companies have gone so far as to say that consumers will resist the new cards, since they’re used to signing for their purchases. That’s baloney. Given the choice of making their account information vulnerable or tapping in a PIN code at the point of purchase, people will quickly adapt the chip and PIN cards, just as they did ATM cards. Until then, hackers will make the U.S. the global center of credit and debit card fraud.

19 comments
lordofthefly
lordofthefly

The finance industry has never cared about its customers. We would simply cost them money - not make the money - if they took steps to improve their credit card system. Use your debit card as credit so the card holder will ultimately be responsible if your account gets compromised.

brerlou
brerlou

US  credit cards should be using a technology similar to the chips used in our smart phone SIM cards. They have delayed the change over, for the same reason that the US refused to change over to metric, because of the short term cost involved. This is a viable strategy only for the short term, obviously. Now banks and other credit card issuers are going to pay a massive penalty,  and will still have to do the changeover eventually. Not smart.

brerlou
brerlou

US  credit cards should be using a technology similar to the chips used in our smart phone SIM cards. They have delayed the change over, for the same reason that the US refused to change over to metric, because of the short term cost involved. This is a viable strategy only for the short term, obviously. Now banks and other credit card issuers are going to pay a massive penalty,  and will still have to do the changeover eventually. Not smart.

Hio
Hio

I will say the other part of story. It is on credit card.

1.With Plastic Card in hand ,consumer spending goes up.

2.Check all banks statement,the hidden charges

3.You may ask for EMI on your limit ,but it may so happen that the Bank debits your account and charges penal.'

4.What is the penal interest charged PA basis  and every consumer is not an Economist or Planner.The target is normally middle class.

5.See and compare the income from Credit card business earned by all Banks/Issuing Agencies 8/9 years before and why it is showing decline on Y to Y basis?


Bank data of 20 million leaked in SKorea
An employee from the Korea Credit Bureau has been arrested and accused of stealing the data from South Korean customers of three credit card firms.

rattis
rattis

A problem with this article is that it assumes that the EMV system used in Europe is secure. Security Researches have shown at large Security / Hacking events, that the newer system is still plagued with problems and how to bypass the security measures that have been put in place.


See:

http://www.theregister.co.uk/2012/07/27/chip_and_pin_keypad_insecurity/

http://www.computerworlduk.com/news/security/3311284/card-blackhat-gets-prison-for-pin-terminal-fraud/

https://www.youtube.com/watch?v=szgwaYajKHA

http://media.blackhat.com/bh-us-11/Laurie/BH_US_11_Laurie_Chip_Pin-Slides.pdf

http://phys.org/news/2012-07-chip-pin-terminals-shown-harvest.html

famulla555555
famulla555555

I think that a piece of the argument is missing..

The Commission does not make the decisions, they just submit their proposals to the EP and the Council.It's the EP job to transform the proposals of the EC into EU Law. Not the other way around.
And then we have the Council, where each member state has also the chance to plaid for their own national interests...

Under the new treaty whenever the EC send a proposal to the EP, it's also sent to the national parliaments (NP), so they can give their objections. And since last year this was extended to any proposal sent to the EP, even if under the thready not all competences were subject to the subsidiarity of the NP.

So, while it's to blame the EC for all the bad things on this time of national elections, what we need is politicians with the courage to came forward and propose solutions that will fix what is needed to be fixed, while keeping EU spirit over the national interest.

Unfortunately, the UK seems to be on a path, where the just see the EU as a market where they want to have access to, but do not want to accept that there is cost associated with that creating and maintaining that market working. 
By being always in the de-construction of the EU institutions, they have place themselves in an impossible situation, where they can not go back, and it will be very hard to go forward and get the changes their are asking. Not because those changes are not needed, because they are perceived as a "ransom" to keep an unwilling partner into a bad marriage.

famulla555555
famulla555555

Is the euro zone better off than it was a year ago? By most measures, the answer is yes. The region started growing again in the second quarter after 18 straight months of recession. Individual countries are whittling down their budget deficits. And a year after European Central Bank President Mario Draghi pledged to do “whatever it takes” to preserve the euro, the sovereign debt roller coaster ride that sent Spanish and Italian yields soaring in 2011 and 2012 is over. And yet, a new set of alarm bells are ringing in Europe – this time over deflation. Ironically, the very same forces that are driving the recovery are also exerting downward pressure on consumer prices. In fact, if the European Central Bank’s recent actions and comments are any gauge, policymakers are increasingly concerned the euro zone could go the way of Japan, which has struggled with deflation for the last 20 years. If the inflation outlook deteriorates further, we may see policymakers who have been focused on belt-tightening shift their efforts to stimulating demand.

famulla555555
famulla555555

Gold: Is anybody a gold bull anymore? Prices of the yellow metal, after all, fell some 25 percent over the past year from $1,668 to $1,249 per ounce. And it's probably not over yet, cautions Credit Suisse Head of Precious Metals Research Tom Kendall, who forecasts that prices will drop even further, to an average of $1,080 in 2014. Several different factors are at play here, too. With complete economic meltdowns sidestepped both in Europe and the United States, fewer investors are rushing into gold in preparation for a financial apocalypse. Nor, for that matter, is there much current interest in gold as a hedge against rising prices, since the inflation outlook in much of the developed world is extremely low. In addition, with interest rates rising in the U.S., yield-bearing investments are starting to look more attractive.


Some 85 percent of the demand for gold is either for jewelry or investment purposes – gold bars, coins and gold-linked exchange-traded funds – as opposed to industrial use, Credit Suisse says. But Credit Suisse's Kendall sees softening demand there as well, predicting falling demand for gold bars and coins, as well as a continuing selloff in gold-linked exchange-traded funds Restrictions on gold imports enacted last year in India, the world's largest gold buyer, should also serve to constrain demand. Taking those factors into account, Credit Suisse forecasts an oversupply of 100 metric tons of the shiny stuff in 2014.

famulla555555
famulla555555

Easy solution: Financial institutions will only advance the amount of "direct deposit expected to be received" no earlier than 2 business days prior to actual receipt. No loan and no interest charges or fees apply. This will only occur for a given pay-period cycle and only once per cycle. (My credit union does this and we appreciate it very much) It serves as a courtesy to account holders and says "we appreciate your business"!

mbcls
mbcls

or pay with your cellphone! do a Google on ISIS mobile payment if you don't know what I talking about.

awenshok
awenshok

You can get a debit card from a new issuer -- NSA Credit Services -- the card's already been hacked, knows what you're going to buy and tracks you everywhere you go. 

In addition, it knows where you want to go, can tell you how to get there and 'beeps' in your wallet when you take a wrong turn. (Since a beeping wallet would create suspicion, the card actually makes sounds that resemble someone suffering from flatulence but delivers no obnoxious odor.)

The card also offers a 'drone-shield' option, making you invisible to all but domestic drones and notifies you when anyone wearing a ski mask is close by (with the usual 'beep' alert.) Card is a big seller in Northern Ireland, all Muslim countries and everywhere in Africa. 

To apply, just whisper "Jihad, Jihad, Jihad" in your cell and your application will arrive within 15 seconds.


Mr.Wallingford
Mr.Wallingford

Um, shouldn't the headline read "Your Debit card is much more vulnerable than you think"? Dangerous makes it sound like you could accidentally cut yourself on it or use it to harm someone else.

ShamsAci
ShamsAci

Sounds and seems like that some debit card issuing authorities are becoming least dependable with the passage of time.


        - A.R.Shams's Reflection - Press / Online Publications - Moral Messages Worldwide

mrxexon
mrxexon

The best way to use a debit card is to get one from Walmart. A Walmart money card. I use it for all my online puchases and I only load the amount of money on it I'm going to spend. It has a near zero balance otherwise. And it leaves your bank account alone.


x

Channah
Channah

My debit card I should just throw away-it is locked away and I never take it anywhere.  If I lost it, a person could clean my checking account out!  I charge everything (even a $5 item) and pay my charge card off monthly.  I like doing business this way.

Bonitasue
Bonitasue

We've been using chip & pin cards here in Canada since 2008.  I can't remember the last time I signed a receipt! Well, yes I do, it was in the US!   They still get compromised with online hackers, but we get notified via phone and they automatically send us a new card, usually before anything has happened.  I think they are being overcautious when they do this - they do it even if there's a chance that it may have been compromised.

mrxexon
mrxexon

@lordofthefly 

Another reason the Walmart money cards have done so well. It provides an alternative to people like me who have never had a bank account.

x

PoppaCharlie
PoppaCharlie

@Channah Pretty good idea.  25 day free loan and miles or cash back to boot.  


I now have chip & PIN World MasterCard, which is a good thing - but to enable use in most of US, the thing has a mag strip, too, which makes it vulnerable here.  It will be nice when we finally catch up with the rest of the world.

RDFinOP
RDFinOP

@Bonitasue We were in Toronto last summer (had a great time).  You neglected to mention that servers there carry these portable terminals to process your credit payment.  None of this running of somewhere.  I would think that it's much more difficult to clone your card with you right there watching.