this post was submitted on 03 Nov 2024
670 points (97.3% liked)

linuxmemes

21304 readers
1087 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     
    you are viewing a single comment's thread
    view the rest of the comments
    [–] [email protected] 80 points 2 weeks ago* (last edited 2 weeks ago) (23 children)

    As entertaining as that is, it does raise the question - why do they put all of the details on the back now?

    I thought one of the main reasons that the CVV was on the signature strip was so if a card was photocopied, photographed, or carbon copied (literally on carbon paper), then it was still less possible to clone the card.

    Is "physical" cloning so small of a problem now that it's more beneficial to make fancy looking cards? Anyone in the industry able to shine a light?

    [–] [email protected] 53 points 2 weeks ago (18 children)

    This is an EMVCo chip card, and not an American one so it’s chip and pin most likely. Without getting too detailed, the chip generates a one time use code for each transaction, so just having the number wouldn’t help with cloning the card plus you also would need to know the PIN. Although skimmers still exist and physical card theft is a thing, it’s less common especially in markets that use chip and pin.

    [–] [email protected] 16 points 2 weeks ago (8 children)

    Absolutely spot on, thank you - always handy to know.

    I'm wondering what it does to mitigate the "card not present" fraud though, for online purchases or remote purchases?

    [–] [email protected] 4 points 2 weeks ago (1 children)

    As far as I understand it the pin&chip system involves a challenge/response between the bank and the card. You can't just "clone" the chip, because the secret data it contains is essentially write-only.

    [–] [email protected] 7 points 2 weeks ago (3 children)

    Sorry, maybe I wasn't clear.

    I'm assuming the 16 digit card number, start and expiry dates, and CVV are printed on the reverse - whereas it used to only have the CVV on the reverse and the rest of the details on the front.

    What's stopping someone with a picture of the rear of the card visiting an online retailer and going wild with a picture of just one side of the card these days - aside from multi-factor authentication at the point of authorising the payment?

    [–] [email protected] 0 points 1 week ago

    Most card allow you to set that transactions have to be approved either by app or by SMS.

    [–] [email protected] 5 points 2 weeks ago

    Oh! In that case: absolutely nothing. Credit cards are terrifyingly insecure. Whether or not the info is on two sides or one. Any webshop you use your credit card at can just arbitrarily charge it from then on if they feel like it.

    [–] [email protected] 5 points 2 weeks ago

    The CVV should really be 2FA from your card issuer.

    load more comments (6 replies)
    load more comments (15 replies)
    load more comments (19 replies)