[OWASP-South Africa] Fwd: [Owasp-leaders] Flaw in New ‘Secure’ Credit Cards Would Let Hackers Steal $1M Per Card

Wellington Mekhoe wmekhoe at gmail.com
Tue Dec 2 09:04:03 UTC 2014


Hi Brett

Thanks alot for clarifying.

Kind regards
Wellington Mekhoe

On Thu, Nov 20, 2014 at 11:22 AM, Brett Russell <brettr at paycorp.co.za>
wrote:

>  Hi Wellington,
>
>
>
> I am in Payments, and they are both right.
>
>
>
> The vulnerability is there and the virtual money can be retrieved from the
> card. However, in order to turn that in actual currency, you need a
> merchant account. This is not so easy to get and the extensive fraud
> checking that both Visa and MasterCard do, mean that even if you get an
> account, you are not likely to get away with much, if anything at all. In
> the end, all that happens is you will end up being Blacklisted on the MATCH
> system.
>
>
>
> Something to watch out for and know about, and certainly something to be
> fixed, but not the end of the world for NFC (yet?).
>
>
>
> Regards,
>
> Brett
>
>
>
> *From:* owasp-southafrica-bounces at lists.owasp.org [mailto:
> owasp-southafrica-bounces at lists.owasp.org] *On Behalf Of *Wellington
> Mekhoe
> *Sent:* 19 November 2014 07:31 PM
> *To:* Brett Russell
> *Cc:* OWASP South Africa
> *Subject:* Re: [OWASP-South Africa] Fwd: [Owasp-leaders] Flaw in New
> ‘Secure’ Credit Cards Would Let Hackers Steal $1M Per Card
>
>
>
> Hi Brett
>
> Thank for the article.
>
> Just wondering who do we believe, Visa or the Researchers?
>
> Kind regards
> Wellington Mekhoe
>
> On 13 Nov 2014 11:40 AM, "Brett Russell" <brett.russell at owasp.org> wrote:
>
>
>
> ---------- Forwarded message ----------
> From: *Bev Corwin* <bev.corwin at owasp.org>
> Date: Thursday, 6 November 2014
> Subject: [Owasp-leaders] Flaw in New ‘Secure’ Credit Cards Would Let
> Hackers Steal $1M Per Card
> To: "owasp-leaders at lists.owasp.org" <owasp-leaders at lists.owasp.org>,
> OWASP IDecosystem List <owasp_nni_initiative at lists.owasp.org>
>
>  FYI: Flaw in New ‘Secure’ Credit Cards Would Let Hackers Steal $1M Per
> Card:
>
>
>
> http://www.wired.com/2014/11/chip-n-pin-foreign-currency-vulnerability/
>
>
>
> Bev
>
>
>
>
> --
>
>
> Kind Regards,
> Brett Russell
> OWASP South Africa Chapter Leader
>
>
>
> _______________________________________________
> OWASP-SouthAfrica mailing list
> OWASP-SouthAfrica at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-southafrica
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-southafrica/attachments/20141202/01f3b733/attachment.html>


More information about the OWASP-SouthAfrica mailing list