Hacked: The purloined smart card …

A friend reported an interesting – and very ironic – breach of credit card security.

She had one of the fancy new cards with an embedded chip intended to confound cyber-thieves.

In “normal” operations, no problems.

image

But, she encountered a truck-sized hole in the program .

Here’s what happened …

 

=====

Her credit card company email alerted her her of some strange transactions …

First, an out-of-market purchase in Miami … then one in Italy … then one in Spain.

Fortunately, the card company cancelled out the errant transactions and issued my friend a new card number and replacement card.

What went wrong?

A couple of weeks prior, my friend was issued a new card since her’s was approaching expiration.

Usually, the procedure is to cut your old card into teeny-weeny pieces and call to activate your new card (and hear a bunch of upsell messages).

Well, the old card wasn’t plastic, it was aluminum or metal or something like that,

Instructions were to mail the old card back to the company in a provided envelop.

My friend tried to cut and shred the card before mailing it, but the card won the fight … it was practically indestructable.

So, she mailed the whole card back.

Guess what happened?

While cause & effect can’t be proven, the fraudulent transactions started a couple of days after the old card was mailed.

Coincidence?

Think about it …

A high security credit card with a no-security procedure for swapping cards.

Proves that a the strength of a chain is determined by its weakest link.

=====

Thanks to MS for feeding the lead.

=====

#HomaFiles

Follow on Twitter @KenHoma            >> Latest Posts

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s