About the Institute

The Hybrid Vigor Institute is dedicated to rigorous critical thinking and the establishment of better methods for understanding and solving society’s most difficult problems. Our particular emphasis is on cross-sector and collaborative approaches; we seek out experts and stakeholders from a range of fields for their perspectives or to work together toward common goals.
Principals | Advisors | What We Offer

 

hybridvigor.net

hybridvigor.net houses the work of critical thinkers, researchers and practitioners who conduct cross-sector and cross-disciplinary explorations and collaborations.
Blog | Contributors | Topics

  Subscribe to Hybrid Vigor’s RSS Feed

 

Disclosure

Privacy | Funding

 

Contact Us

 

 

Intervention by Denise Caruso Read Intervention by Denise Caruso, Executive Director of the Hybrid Vigor Silver Award Winner, 2007 Independent Publisher Book Awards; Best Business Books 2007, Strategy+Business Magazine

NO CREDIT CARDS LEFT TO STEAL, HACKERS HAVE THEM ALL

by Mike Neuenschwander ~ January 21, 2009.
Permalink | Filed under: Hybrid Vigor, Policy and Decisions, Social Trust Online.

According to the Identity Theft Resource Center (ITRC) and datalossdb.org, about 250 million credit cards were compromised in the last two years. Analysts estimate that only about half of compromised cards are reported, so the actual total may be well over 500 million.

Add to that number Tuesday’s revelation that more than 100 million credit cards were compromised by malicious software at Heartland Payment Systems and the total exceeds 600 million. That’s roughly the same number as bank cards in circulation in the U.S.

So hackers can now hang “Mission Accomplished!” banner ads on Amazon.com and eBay. There are no more credit cards to steal. To co-opt that lovable phrase from Zero Wing, “ALL YOUR CREDIT CARDS ARE BELONG TO US!”

Heartland Payment Systems was no TJX. The company had plenty of security and preventative systems in place. And yet the theft went undetected for more than a year. Clearly, something is horribly wrong with both the way the credit system works and with online security.

Compliance with PCI standards won’t prevent data breaches; it’s time to rethink the whole model. In particular, security architects need to pay greater attention to the role of social trust in online transactions and Internet security.

« OBAMA CALLS THE FINANCIAL CRISIS A “DEVASTATING LOSS OF TRUST”
IT’S TIME TO PUT GOOGLE ATOP OF THE CRITICAL INFRASTRUCTURE LIST »

2 Responses to NO CREDIT CARDS LEFT TO STEAL, HACKERS HAVE THEM ALL

  1. Dave T
    February 24th, 2009 at 2:10 pm

    Mike – perhaps we change credit card pin numbers on a regular basis thus the hackers are outpaced. This would push the onus onto the merchant. Card usage would be far more transactional in nature if you get my drift ( provided we all accept there’s a 7-10 working day period each couple of months when we are waiting for our cards
    Wow – hows about “disposable” credit cards a few years down the eline ?

  2. Mike Neuenschwander
    March 17th, 2009 at 5:07 pm

    Hi Dave,

    Yes, that’s a helpful suggestion. I know several folks in the industry have discussed one-time-use credit card numbers. Essentially the number is linked to a transaction for a certain amount with certain conditions. Schemes like this would definitely deter fraud.

    However, credit card companies haven’t yet found enough financial motivation to do so. Maybe now they do?

Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word