Credit Card Fraud

Thursday 18th August, 2005
Millions and Millions of pounds are fraudulently taken off credit card companies all the time due to fraud, it's a growing problem. The internet hasn't helped, people are often defrauded into supplying their card details to dodgy sites pretending to be their bank or something.

Whilst thinking about card fraud and stuff I was reminded of an idea I came up with years and years ago, before the introduction of chip/pin technology into card systems.

A lot of card fraud is from duplicate cards created when an original one gets skimmed. Basically the fraudster makes a card like yours, containing your details...but it carries his PIN and his signature thereby getting past authentication systems. Why they haven't got around this is beyond me...I see a simple solution...cookies.

The first time you use your card, a small one-time cookie downloaded from the sales terminal to your card and stored in the chip. The next time the card is used this cookie is uploaded to the terminal and a new one downloaded. During card authentication, the cookie is checked to see if it's the one that was downloaded last time.

If at any point the card is skimmed and duplicated the fraudster would copy the cookie too making it usable but, the next time the card is used, the cookie data will be invalid and the card won't authenticate. A fake card could be spotted in a single transaction and multiple bad purchases rendered impossible.

Why I am I the only one who's those of this? Certainly HSBC haven't as, instead of improving card security, they've started randomly blocking my cash card as it "may have been fraudulently used". 3 times in 2 weeks? sorry, I'm changing banks you useless idiots.

Comments/Trackbacks [0]