SoylentNews is people
SoylentNews
Submitted via IRC for AndyTheAbsurd
Forget fraud, Société Générale and Groupe BPCE's new bank cards are about to change everything about fraud.
Part of the problem is that once your card details are stolen – whether through a phishing attack or by someone copying the digits on the back – fraudsters are free to go on a spending spree until you notice something's up.
They're getting away with millions, and it's a problem affecting over half a million people in the first half of 2016 alone.
Normally by the time you get around to actually cancelling your card, it's all too late. But what if the numbers on your card changed every hour so that, even if a fraudster copied them, they'd quickly be out of date?
That's exactly what two French banks are starting to do with their new high-tech ebank cards.
On the back of each card is a 3 digit security number which you must quote to validate any online or telephone purchase. If this number is compromised then there is nothing to prevent the card being used by anyone else. But on the new card the digits are displayed on a small LCD 7-segment display:
The three digits on the back of this card will change, every hour, for three years. And after they change, the previous three digits are essentially worthless, and that's a huge blow for criminals.
Providing that you still have the card in your possession, then whoever has access to the current security number has less than 1 hour to make use of the card. No details are given on how the card issuer and businesses keep synchronised with the current valid card number.
[Ed's Note: Edited to show LCD display rather than LED. Apologies for my error.]
(Score: 2) by janrinok on Wednesday October 05 2016, @04:37PM
From TFA: "The three digits on the back of this card will change, every hour, for three years."
The error was mine - it should be LCD, but if you read the TFA all your questions will be answered.
(Score: 3, Interesting) by frojack on Wednesday October 05 2016, @08:15PM
The three digits on the back of this card will change, every hour, for three years. And after they change, the previous three digits are essentially worthless,
But there is only 999 possible combinations of a three digit display, and that time period requires 26,280 for ALL the previous 3 digits to be worthless.
Sounds to me like the three digits are good for an hour, and the transaction must be submitted and cleared within the hour, and previous or next numbers don't work, but those same three digits will be cycled around and reused - on-average- once every thousand hours.
I wonder if this presents a problem for resturants? Many clear your purchase at the time the ring up the sale, but they clear your TIP later, usually after closing. Or places you have your credit card on file, and re-occuring payments are processed against the card.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Thursday October 06 2016, @07:43AM
Restaurants don't use the CVV on the back of the card at all.
No place where you physically swipe the card uses it.
And even online, it's optional - the merchant has more fraud protection if they require you to give it, but they can run the card without it.
Amazon, for instance, generally doesn't require it.