Paying with credit cards in the Internet can result in headache presented at Positive Hack Days 2012

by Micha Borrmann,

Tags: Payment Card


Summary : Some security issues allow the guessing of the card verification value (CVV) on VISA and Mastercards. Micha Borrmann demonstrated this for the first time on a German TV programme in 2007. The procedure could also be successfully reproduced twice in 2011. The talk will describe how this process worked and how it was possible to bypass fraud prevention systems.
During his research, Borrmann detected that a successful payment can be spoofed on some web shops as the design of several payment systems is faulty. This was also successfully tested.
This talk is designed to share important facts for credit card users, for those responsible for Internet shopping sites and of course for web shop designers and developers.
The audience may be shocked by some of the insights but the talk will certainly provide some entertainment for long-time security professionals.