Saturday, January 28, 2017

I disabled online transactions for my dumb card

I called it in, told the customer rep that Card Not present purchases are invalid.  

It is simply to risky to be leaving copies on my card info on this, or any other computer. On line purchase fraud was rampant over the holidays, and how many of us have viruses that sneak ten and twenty dollar purchases that we miss? Consider the cost of constantly checking your account for fraud.

We should at least have a private key holder we can use via USB port, and an exchange that relies on private, unobservable keys.  I cannot believe technologists and retailers could have stared at each other all these years without some simple solution.

Your browser is not really safe

The pros say the browser is a JSON sandbox, and the online retailer can be assured the proper JSON code is executed, leaving no trace of the card info.. Unless you have gotten a smart phishing virus, one that monitors you URL requests, and then when Walmart url appears, triggers a key board scanner, checking for numbers. The virus is outside the sandbox, and has to reverse engineer, but here is not much treverse engineering, just ship the key scans off to a private server and compare it with yhe standard Walmart card form.

Technologists know this happens, as do the retailers. But, now the volume of on line transactions makes mass production a possibility, the idea that with a bit of intelligence, the crooks could ru a nickel and dime scam, underneath the network, but, like Zuckerberg, in volume they make millions..The retailers, technologists and government officials are ay make or break, either the consumer gets private keys, or owe leave the economy is a precarious situation.

No comments: