A security vulnerability has been found in Visa Cards which does not exist in MasterCard. Basically, it involves the number of times you can try to process a transaction with an incorrect expiration date (or CVV). Visa allows multiple attempts to process a transaction, and Mastercard allows only 10 attempts before the transaction is blocked not.
Why does this matter? Because if a computer can make an unlimited number of attempts, then it can try different numbers until it guesses the correct number. In this case, criminal that illegally purchased a 16-digit credit card number can (literally) guess different month/year combinations until they find correct information. On average, there are roughly 60 likely month/year combinations that are available for a valid Visa card at any given time. Continue reading “Security Flaw Found in Visa (But Not MasterCard)”
If you had a Yahoo account in 2014, you should read this to find out what happened, and what you can do about it. The bottom line is, the advice that Yahoo is giving their users is not nearly enough to protect from the scale of this data breach.
In the last few days, the US Government both mandated and rejected the same method of cybersecurity.
It’s called Second Factor Authentication, specifically a One Time Passcode (OTP) sent by Short Message Service (SMS). So, together, its a “SMS OTP,” which is basically what happens when you receive a 4 to 6-digit security code to your cell phone as a text message after you enter your username and password. You must enter this security code (usually) on the same screen where you entered your username and password as an extra factor of security to complete online registration and/or to sign in to an account. The shorthand for all of this is sometimes referred to as Continue reading ““Cyberschizophrenia” in the US Government”
A serious vulnerability was discovered today with a common picture file type called “Tagged Image File Format, or TIFF. It is an older type of file, but you probaly have many of then somewhere in your computer right now. Every now and then, a new way to hack a computer is discovered before any bad guys figure it out. Thankfully, that happened in this case.
It is called a “Format War.” Two or more companies with different products compete for your attention. Of course, as a consumer, you get to choose the product you want. If you don’t like it, certainly you are free to switch to another product. However, since companies know this, they can make it incredibly cumbersome for you to do so.
Mobile Payments could be heading toward a format war, and the first casualty could be consumer privacy. On one side are all of the mobile wallet and mobile payment products that are based on the existing payments system in use around the world today. On the other side are alternatives to the existing payment system, which could bypass the processors or schemes that are the backbone of the payment system. Continue reading “Will Mobile Payments Become a Format War?”