Can someone explain to me how a really smart hacker hasn’t figured out a way to design a chip for a card like a prepaid visa that tells the machine reading it that it always has money on it? Sorry if this sounds silly but the chip cards have information on them can that information not be hacked or edited? Or can they not have a machine like the bank uses to program your card but program it to be unlimited?
Thanks.
In: 6
The chip on the card contains effectively the same data as is visible on the card: bank name, account number, expiration data, and account holder. The terminal still needs to contact the bank to validate that information and ensure the account has enough funds.
What makes the chip secure is that it takes some data from the terminal, such as date, merchant number, and transaction amount, and uses some encryption to combine it into a transaction ID that is only valid for that transaction. This means the merchant, or a third party, cannot just copy the data from the card and run it for a different transaction.
Now, that security is reduced by merchants still accepting non-chip card inputs, however that is mitigated by card issuers often making the merchant liable, either partially or fully, for fraudulent transactions using insecure input methods.
Latest Answers