Posted on 01/18/2014 9:03:36 AM PST by Sub-Driver
I wouldn’t hire him. He’s proven he’s not trustworthy, so I couldn’t rely on him not to write a backdoor. He could be useful as a tester.
Either that, or he'll end up as a low-on-the-totem-pole drone , working for the Russian mafia.
Offline, you need more than just the number to forge a card. The mag stripe data includes a CVV (card verification vector) field, which is a secret function of the card number and expiration date. Thus, you need the actual mag stripe image to make a card.
Once you've got a card with the proper mag stripe data, you can swipe with impunity at a lot of retail stores. However, some stores will ask to see the card, and the clerk will type in the last four of the account number. If it doesn't match the mag stripe, it's game over. Of course, you can emboss the card as well as re-encode the mag stripe, but that's a lot more trouble — mag stripe encoders cost about $300, but equipment to make a forgery that will pass a visual inspection is much more expensive.
Also, gas pumps around here have got into the habit of asking for your billing zip before authorizing.
For online transactions, there are other speed bumps. Namely, the billing address, which is not in the mag stripe data, and the CVV2, which is printed on the card but also not found in the mag stripe data.
In my case, there is a third speed bump. If my wallet is stolen, you still can't use my card online. That's because the billing address is a PO box which is nowhere to be found in my wallet.
Online would be the place where “some” merchants do not require CVV2. (I remember reading about a political donation site that did not.) But I think they still do require address, so that may be safeguard enough.
Anyone want to take that bet?
Nope. The odds are long against that. He's from St. Petersburg, which is in the north of Russia proper, nowhere near Chechnya. Rooskies seem to have a natural aptitude for hacking, needing no input from Islam.
That’s what i’m telling you....they don’t know which cards and which identities...
Thanks for posting that update.
I don’t take any “of courses” as gospels.
If Kaspersky is hiring, there is an unemployed American security infrastructure specialist with a much stronger resume currently residing in Moscow. Kaspersky should hurry, before he decamps for Brazil.
Target's not supposed to be storing the full account numbers. They're only allowed to retain the first six and the last four. That, and they also have the authorization codes and the exact date and time.
So, Target doesn't have the full list (except for their own store card, the REDcard™). However, the banks could conjure up the list by passing their databases and flagging charges made by Target customers in the affected time period.
why are you blaming Bill Gates? He has been gone from MS for years.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.