Skip to main content
  1. Home
  2. Computing
  3. News

Researchers identify ‘brute force’ method of stealing credit card information

By

A hand on a laptop in a dark surrounding.
Image used with permission by copyright holder
We all know it’s important to be vigilant while shopping online, so that our information isn’t captured for illicit purposes. However, the user’s due diligence is worthless if the retail platform itself has a security flaw — and new research suggests there might be a glaring issue with the way online stores take payment information.

A group of researchers from Newcastle University in the United Kingdom has published a paper that suggests online criminals can use online payment systems from a variety of different sites to figure out a target’s banking information by “brute force.” The researchers suggest that this methodology may have been used to facilitate last month’s attack on Tesco Bank customers.

Recommended Videos

Typically, a website will only allow a user 10 or 20 guesses at any individual field on a payment form, which is enough to prevent attackers from guessing a 16-digit account number. However, different retailers use different systems, meaning that a criminal could cross-reference data from several sites to find out that information, without ever exceeding the number of guesses that would prompt detection.

Related

MasterCard is apparently immune to this kind of attack, because the company detects guesses even when they’re carried out across different websites, according a to a report from security expert Bruce Schneier. However, Visa does not implement the same system.

It’s thought that criminals only need the first six digits of a card number to facilitate this kind of attack — which is worrying, given that those numbers only refer to the bank and card type. With this information in hand, the card’s full number, its expiration date, and its CCV code can apparently be learned in as little as six seconds, giving the culprit everything needed to make fraudulent online purchases.

Editors’ Recommendations

Topics
Brad Jones
Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
The 10 best gaming monitors of 2024: tested and reviewed
Alienware ultrawide OLED on a desk.

Editor’s note: Gaming monitors are always hot sellers on Black Friday and Cyber Monday. We're expecting some really great discounts on some of the top models, including high-end OLED gaming monitors, super-fast refresh rate screens, and more budget-oriented fare. There are tons of fantastic monitor deals available now, and they're bound to get even better on Black Friday and Cyber Monday. Make sure to check out our other Black Friday deals or Cyber Monday deals for even more bargains on TV, headphones, and more.

A good monitor is essential for gaming due to its significant impact on the overall experience. There are a ton of options if you are on the hunt for one of the best gaming monitors, but for us, Alienware's 34 QD-OLED still takes the cake in 2024. It's not the display for everyone, though, and after reviewing dozens of the top gaming monitors, we've settled on a list of displays that offer great gaming performance for any budget or purpose.

Read more
Nvidia’s RTX 5070 Ti may trail behind the RTX 4080
Power adapter on the RTX 4070 Ti Super graphics card.

As we inch closer to the launch of Nvidia's RTX 50-series, new leaks keep cropping up daily. Today, one of the most prolific leakers in the PC hardware space shared a glimpse of the specs for Nvidia's upcoming RTX 5070 Ti. Although it's not the full spec sheet, one specification in particular tells us that we may be dealing with a GPU similar to the RTX 4080, which is still one of Nvidia's best graphics cards. But is that good news?

All of this is unconfirmed. Kopite7kimi is one of the accounts that most of us turn to when we want some new scoop on upcoming PC hardware, but this time, the leaker didn't post on X (Twitter), and has instead shared some specs directly with VideoCardz. Let's dig in.

Read more
I tried the RayNeo Air 2s glasses and they’re on sale for Black Friday
RayNeo Air 2s on custom Steam Deck - Briley Kenney Digital Trends_edited

With the holidays coming, I've been trying a spat of unique VR and AR devices. One pair I got my hands on, called the RayNeo Air 2s, basically gives you a portable 201-inch display that you can put on and use anytime, anywhere. They work with Android, Mac, Nintendo Switch, PS5, and -- my favorite -- Steam Deck. Our team has used the RayNeo Air 2 previously and also gave them high marks. Fun Fact I learned from reading that, RayNeo is actually a TCL brand. As for what I think of them, we'll get to that. For now, I want to talk about the crazy RayNeo Black Friday deals that have just dropped.

 
RayNeo Air 2 -- $184, was $380 51% off

Read more