Smart Cards, Smarter Passwords
The Changing Landscape of Payments
The nature of payments, and how they’re made, continues to change — whether credit, debit, or prepaid. Payments continue to move from one digital platform to the next with smart cards, sometimes leaving customers wondering if making any of the changes are worth it, or if something even newer will come along first.
The Rise of Smart Cards
The latest entrants to the field are mobile pay systems, and virtual wallets, such as those offered by Apple and Google. Even for the majority of individuals who still rely on traditional cards, significant changes are on the horizon. The United States is gearing up for a significant transition as it embraces the adoption of new EMV standards, already well-established in Europe, Asia, and other parts of the world. These standards, set to become the norm in the country, are scheduled to take effect in the upcoming fall. This development signifies a notable shift for the American market, which has been relatively slower in adapting to these changes.
But now the Extreme Tech website is reporting on a have-your-cake-and-eat-it-too innovation that may allow card-users to move into the next arena of payment technology while still using a familiar device.
The Advantages of Smart Credit Cards
“Smart credit cards mimic the look of current plastic credit cards, but come with a microprocessor chip that has standard PCI-DSS data encryption compliance to protect your personal information,” the site notes. “Once you’ve swiped your card, the card reader uploads the information to the smart card via Bluetooth.”
However, the chip found in smart credit cards differs from the one used in upcoming EMV cards. While current credit cards can only read a single set of financial information for a specific store brand, smart credit cards have the capability to store credit card information for multiple stores.
Enhanced Security with Smart Cards
ExtremeTech thinks some of the appeal of sticking with a “card” platform could be security: “With the hack attacks executed on the IRS, the White House, and major banks like Chase, some consumers would rather have at least one plastic card in their wallet or purse to pay for purchases. Starbucks saw its mobile app hacked into recently, with hackers stealing money from the digital cards of regular customers.”
The Pitfalls of Default Passwords
And yet, another recent CNNMoney article shows an astonishing lack of security on the receiving end of purchases, making all kinds of hacks and breaches still much too likely. And what is the main reason?
“Get ready for a facepalm,” the article says. “90% of credit card readers currently use the same password.
The default passcode, in use on credit card machines since 1990, can be effortlessly uncovered with a quick Google search and has been publicly known for a significant duration. Concealing this passcode is now futile. The available options for the passcode are either 166816 or Z66816, depending on the particular machine.
“With that, an attacker can gain complete control of a store’s credit card readers, potentially allowing them to hack into the machines and steal customers’ payment data (think the Target and Home Depot hacks all over again). No wonder big retailers keep losing your credit card data to hackers. Security is a joke.”
The Importance of Strong Passwords and Dedicated Machines
That’s right — up to 90% of merchants keep the default passwords that come with their machines, which are easily searchable on Google — and don’t change them!
Naturally, we have provided a comprehensive set of security reminders to emphasize the importance of promptly changing passwords (and regularly updating them) as a fundamental measure to enhance security. These reminders serve as a critical step in safeguarding sensitive information and ensuring robust protection.
The article emphasizes that the issue of default passwords is a significant concern. A recent case highlights the severity of the issue: a store’s computer, used for processing credit card transactions, became infected with a malicious keystroke-logging spy software. Employees inadvertently downloaded the malware when they attempted to play a pirated version of Guitar Hero on the same computer.
The Future of Smart Cards
And as for the smart cards? ExtremeTech says “at the moment, smart credit cards are in their prototype stage, with few available for preorder.”
Stay Current with AVPS
Either way, AVPS will be here to help keep you current. And either way, make sure you’ve changed those passwords.