in Search

ID theft

All about how it happens and how you can keep it from happening to you.

PIN hackers win Holy Grail; banks, consumers lose big time

Some call PINs the Holy Grail; others refer to them as the keys to the kingdom. Now--thanks to hackers--you can call them gone.

Until now, hackers could only harvest PINs one by one, or in small crops by phishing, or by attaching skimmers or small cameras to ATMs, gas pumps and the like. But now hackers are one step ahead of banking security, and applying sophisticated new techniques,

“We’re seeing entirely new attacks that a year ago were thought to be only academically possible,” Bryan Sartin, director of investigative response for Verizon Business, said in an interview with Wired.com.

The source of millions of dollars in fraudulent ATM withdrawals reported nationwide were a mystery until this discovery. It’s a grim revelation for consumers and the banking industry that encryption security measures are an inadequate defense against hacking evildoers.

PIN hacking is an even greater slam to consumers than is credit card fraud; credit card issuers pick up the tab on fraudulent charges, but, because it’s nearly impossible to prove cash withdrawals are fraudulent, the consumer is often left holding the bag.

Academic researchers have written papers and issued warnings about the banking industry’s vulnerability to PIN hacking for years. In 2003 a Cambridge University researcher outlined a scenario in which PINS could be stolen with the help of an insider. Another paper was presented in 2006 with a similar theme that also involved inside assistance.

 

Published Apr 15 2009, 11:53 AM by IdentityTheft
Add to Bloglines Add to Del.icio.us Add to digg Add to Facebook Add to Google Bookmarks Add to Newsvine Add to reddit Add to Stumble Upon Add to Shoutwire Add to Squidoo Add to Technorati Add to Yahoo My Web

This Blog

Syndication

Tags