Comments on: Three Charged With Hacking Dave & Buster’s Chain

By: Lawrence Pingree

Lawrence Pingree — Wed, 21 May 2008 17:13:40 +0000

Actually, the losers here is the retailer, the retailer is held responsible for fraudulent transactions since the retailer is the one who was not protecting the data appropriately. The credit card companies and banks are almost never held responsible, it sucks, but its the way their contracts are written. I have proposed several times to the House Subcommittee on Finance and Consumer credit to change the laws regarding validation of PII during credit issuance to include validation of the credit to check a valid Bank Checking account information against the credit card before permitting the credit issuance, I know it does not apply here but must fraud is performed without AVS (Address Verification Service) which is one huge issue with processing cards. I feel the PII should be encrypted in the card with the user’s PIN just like debit cards, this way the card cannot be used unless you have the PIN duh, credit card companies have this ability on their terminals but refuse to utilize it because then they would be held more responsible instead of the retailer. My 2 cents.

By: Jinesh Doshi

Jinesh Doshi — Wed, 21 May 2008 11:21:42 +0000

Thankfully our country is not tht advanced or I would have lost $5k-$10k already

By: linuxamp

linuxamp — Wed, 21 May 2008 09:42:47 +0000

Guy, you say that the merchant is hurt. Don’t the CC companies have security policies that, if followed, remove such liability? What about auditors? You’d think the merchants could have CC audits also to shift liability.

By: Guy Sohmbadi

Guy Sohmbadi — Tue, 20 May 2008 17:44:48 +0000

Hey – just a quick note: You say “the only real loser here are the banks and credit card companies who will have to refund all the money fraudulently used.”

This is incorrect. Visa/MC/AMEX are setup so that in the event of a fraudulent transaction, the MERCHANT loses. not the bank or credit card company. In fact, they even get to keep the transaction fees for the fraudulent transaction…

Let me repeat that. The ONLY person that loses in a fraudulent CC purchase is the MERCHANT. They are out the goods, and the CC company takes back the money, to give it back to the real card holder.

By: zupakomputer

zupakomputer — Tue, 20 May 2008 16:35:36 +0000

Credit cards have been hackable all along. It was even possible to use hotel door key scanners to read the magnetic strips, and make dupes.

At the end of the day, there’s some things that don’t benefit from becoming automated. At least when it was old ring-up tills, you couldn’t mess things up with the wrong scan-in, one person on the till at a time, sorry can’t give you change of whatever cause it’s all automated – you just punched in the prices, and added them up, and printed a receipt.

It’s an awful thing when technology replaces what works fine without it (or in this case, without it updating past mechanical or stand-alone electrical).