Infosecurity Company Finds Potential Vulnerability in Some Credit Card Terminals

Posted on August 3, 2012 by David Rodwell

MWR Infosecurity, an information security research consultancy, has found vulnerability in older Verifone credit card terminals which allows information stored in the machines to be extracted in a two part operation.

To accomplish the task, a credit card with a modified chip must be swiped at a terminal, after which the payment will be immediately rejected. The initial swipe installs software on the terminal which collects the information on subsequent credit card transactions as the hours or days go by until someone returns to swipe another modified credit card that downloads the collected information onto their card’s chip. All of this happens without the slightest indication that information is being compromised.

A Quick Response

Verifone responded by saying the vulnerability only exists in older terminals and that it has taken steps to upgrade their software to inhibit this scenario. They said they will contact susceptible parties once the upgrade has met their requirements and is ready for distribution.

As payment processing technology evolves rapidly through the next decade, it shouldn’t come as a surprise that advancements will come with a series of vulnerabilities that creative criminals will exploit.

Image credit

About David Rodwell

My name is David Rodwell and I'm an experienced journalist and blogger from the greater Los Angeles area. Most of my research and writing follows topics related to payment processing technology but I also enjoy covering business news, financial trends and credit issues. When I'm not working I'm usually looking through dusty vinyl record bins.

View all posts by David Rodwell →

One Response to Infosecurity Company Finds Potential Vulnerability in Some Credit Card Terminals

Suzy says:

August 16, 2012 at 1:34 pm

It’s good that they caught this vulnerability, but how many people has this already affected? Indeed, vulnerabilities are ever presenting themselves. That’s the nature of data security, there’s always going to be new vulnerabilities, technology has to adapt because hackers are constantly adapting too.

Leave a Reply Cancel reply

Transaction Rate Comparison

Company

Internet

Retail

Evolution Bankcard
Call: 888-838-8774

0.25% to 1.40%

0.45% to 1.69%

Merchant Warehouse
Call: 888-336-3587

0.39% to 1.69%

0.39% to 2.09%

Chase Paymentech
Call: 866-499-3711

Starts at 0.79%

Starts at 2.19%

National Bankcard
Call: 866-303-2066

0.39% to 1.58%

1.99%

Merchant Express
Call: 866-884-7309

0.38% to 1.69%

0.38% to 2.02%

Our Rankings

The rankings expressed on this site are the opinion of CreditCardProcessing.net and are subject to change due to popularity, price, special offers, current events and other factors related to each ranked company. Our reviews and rankings are designed to help consumers make informed purchasing decisions. We accept compensation from reviewed companies in order to provide our users with this free valuable service.

Credit Card Processing Statistics

Nearly 1 in every 3 consumer purchases in the United States is made with a payment card—including credit, debit, and prepaid products.¹

The convenience of using credit cards generally increases the likelihood of consumer "impulse purchases," which ultimately contributes to an increase in a business's average sale. Customers are more likely to make these purchases if they have access to credit or their available bank account funds.¹

Consumers carry more than 1 billion Visa cards worldwide— more than 450 million of those cards are in the United States.¹

The average ticket for Visa purchases is consistently more than cash.¹

U.S. Visa cardholders alone conduct more than $1 trillion in annual volume.¹

¹ First Financial USA, 2011 (Link)

Reviews

Company

Rating

Evolution Bankcard
Read Review

9.8 of 10.0

Merchant Warehouse
Read Review

9.5 of 10.0

Chase Paymentech
Read Review