Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re: Wow ... (Score 1) 419

by Mondor (#47580943) Attached to: A 24-Year-Old Scammed Apple 42 Times In 16 Different States

I've never seen the bank to supply either POS software (thing that works at touchscreen-enabled device) or card payment terminal - the latter is usually supplied by a processing center company which works with many banks.

However, if that was the customer's (Apple) wish to only process the override numbers at the end of the day, then perhaps Apple is the victim, not the processing company or the bank. In fact, I don't see the "bank" in this scheme at all. It's either Apple or the processing company, which might or might not belong to the bank.

What Sharron and Temeshia (oh, these anglo-saxon names...) did to Apple and Victoria Secrets was one of many possible exploits to imperfect system of card transaction. When you are entering your PIN code using corded pin pad, the data is encrypted in transit (where "transit" is that short cable) using DES algorithm. The system consists of two parts - business rules and technology. However, it only protects itself against technology attacks.

The algorithms of higher level, the workflows of the whole process, are made to comfort the customer. Until that final moment of ultimate discomfort, which is regarded as "nonsense fantasy" during the development process. So you don't have to beat the technology if you know the business rules.

Hokey religions and ancient weapons are no substitute for a good blaster at your side. - Han Solo

Working...