Language Selection

English French German Italian Portuguese Spanish

Lax security enables ATM card fraud, report says

Filed under
Security

An unprecedented wave of Internet-based bank fraud has been enabled in part by banks that don't bother to check security codes on cash cards, according to a report released on Tuesday.

Roughly half of U.S. banks in recent years have stopped checking codes embedded in the magnetic stripe of ATM and debit cards, making it easier for online con artists to suck cash out of consumers' accounts, Gartner Inc. analyst Avivah Litan said.

"The only reason they don't check these things is because they forgot about it," Litan said. "Really, I'm furious."

Litan found that con artists took $2.75 billion in cash from bank accounts over the past 12 months, often by tricking consumers to reveal their bank-account numbers and passwords in a technique known as "phishing."

Banks usually cover consumer losses due to fraud.

About 70 percent of those losses could have been prevented if banks had verified magnetic-stripe information rather than relying only on account numbers and passwords known by consumers, Litan said.

But that would make it more difficult for customers to change their PIN numbers when they're worried about fraud, as they'd have to come into a branch office rather than simply picking up the phone or logging on to the bank's Web site, she said.

Another security code, the three-digit CVV code printed on the back of the card, can be easily guessed by fraud artists using an automated "brute force" attack, she said.

BANKS QUESTION ACCURACY OF REPORT

Full Story.

More in Tux Machines

Android Leftovers

today's howtos

Mozilla News

  • WebExtensions in Firefox 48
  • Mozilla's WebExtensions API Is In Good Shape For Firefox 48
    Mozilla has announced that for Firefox 48 their WebExtensions API is considered to be in a stable state. They encourage developers looking to develop browser add-ons to begin using this new API. WebExtensions is an API for implementing new browser add-ons/extensions that makes it easier to port to/from other browsers, is compatible with Firefox's Electroloysis, and should be easier to work with than the current APIs. In particular, Google designed portions of the WebExtensions API around Google's Blink extension API.
  • Mozilla a Step Closer to Thunderbird Decision
    The good news is that the folks at Mozilla seem to be determined to find Thunderbird a good home where it will be able to grow and find newfound success. This isn’t surprising. As Surman pointed out in his post, the project is quite popular among those associated with the foundation — but that popularity is also contributing to the problem Mozilla has with keeping the project in-house.