Cybersecurity Insight

Gone in Six Seconds: Bots Attack Visa

28 Dec

Online retailers have plenty of safeguards to protect shoppers from cyber attacks – from timed payment pages to captcha and more, security options are bountiful. So, when researchers found that one of the largest credit card companies in the world had a significant flaw in its payment system, there was initially confusion and then concern. According to those affiliated with the undertaking at Newcastle University, researchers discovered that hackers are using web bots to guess Visa card information. Is this type of inconsistency limited to Visa, or are its other card and retail compatriots at the mercy of online attacks as well?

Normally the hardest part for any online thief is obtaining the 16-digit credit or debit card number – they either have to buy them outright or use an algorithm to generate the card numbers at random. When that part is taken care of, bots can find the expiration dates and CVVs simply by entering numbers at random across hundreds of shopping sites until they hit the winning combination. Now, this would be time consuming for one person to figure out but because these are automated systems, the bots are able to crack these codes in approximately six seconds.

The issue is this: Visa payment systems do not have an automatic shutdown in place after a certain number of incorrect login attempts. Mastercard, for example, will recognize the potential threat and immediately shut down access after ten incorrect submissions. Think about the number of times it takes to remember login information for an online account you haven’t used – do you ever keep track of the attempts you make? Attackers are taking advantage of the numerous chances available to them, and your data is at stake.

There is hope for Visa to bounce back after this rather embarrassing disclosure, though it stands as a testament to the idea of cyber security protection as a whole – every company will benefit, and those that do not implement proper guards will face the potential onslaught of cyber attacks when least expected. Having 24×7 managed and monitored cyber security protection through a firm such as Neovera allows for companies large and small to leave the online worries to practiced experts and focus on their own business matters.