Study: Hackers Can Guess All Your Visa Card Numbers in 6 Seconds

What's Hot


2 Types of Black Marks Might Vanish From Your Credit File SoonBorrow

6 Ways the Obamacare Overhaul Might Impact Your WalletInsurance

7 Dumb and Costly Moves Homebuyers MakeBorrow

This Free Software Brings Old Laptops Back to LifeMore

Obamacare Replacement Plan Gets ‘F’ Rating from Consumer ReportsFamily

Beware These 12 Common Money MistakesCredit & Debt

21 Restaurants Offering Free Food Right NowSaving Money

17 Ways to Have More Fun for Less MoneySave

House Hunters: Beware of These 6 Mortgage MistakesBorrow

30 Household Uses for Baby OilSave

25 Ways to Spend Less on FoodMore

Nearly Half of Heart-Related Deaths Linked to These 10 Foods and IngredientsFamily

5 Surprising Benefits of Exercising Outdoors in WinterFamily

10 Ways to Save When You’re Making Minimum WageSave

Boost Your Credit Score Fast With These 7 MovesCredit & Debt

7 Painless Ways to Pay Off Your Mortgage Years EarlierBorrow

The Most Sinful City in the U.S. Is … (Hint: It’s Not Vegas)Family

The True Cost of Bad CreditCredit & Debt

10 Companies With the Best 401(k) PlansGrow

This Scam Now Tops ID Theft as the No. 2 Consumer ComplaintFamily

6 Stores With Awesome Reward ProgramsFamily

6 Ways to Save More at Lowe’s and The Home DepotSave

6 Healthful Treats for Your DogFamily

New Study Ranks the Best States in the U.S.Family

Thousands of Millionaires Moving to 1 Country — and Leaving AnotherGrow

Strapped for College Costs? How to Get the Most From FAFSABorrow

6 Overlooked Ways to Save at Chick-fil-AFamily

Ask Stacy: What’s the Fastest Way to Pay Off My Mortgage?Borrow

Where to Sell Your Stuff for Top DollarAround The House

8 Ways to Get a Good Price on a Shiny New AutoCars

Ask Stacy: How Do I Start Over?Credit & Debt

Secret Cell Plans: Savings Verizon, AT&T, T-Mobile and Sprint Don’t Want You to Know AboutFamily

30 Awesome Things to Do in RetirementCollege

14 Super Smart Ways to Save on TravelSave

The Rich Prefer Modest Cars — Should You Join Them?Cars

You’ll Soon Pay More to Shop at CostcoSave

10 Ways to Save When Your Teen Starts DrivingFamily

Researchers say your risk is highest this time of year. Find out how Visa responds to the report.

A new study has given us another reason to review credit card bills and bank statements closely.

Hackers can correctly guess every number on your debit or credit card — including the expiration date and security code — in as few as six seconds, according to researchers at Newcastle University in England.

While Visa has disputed the findings, the researchers say your risk is highest this time of year because many shoppers buy gifts online.

The vulnerabilities that enable hackers to correctly guess card numbers are particular to Visa cards, according to the study. The researchers conducted experiments involving MasterCard and Visa. They found MasterCard was not vulnerable in the same way.

Their findings were recently published in the journal IEEE Security & Privacy.

The Institute of Electrical and Electronics Engineers, or IEEE, is a nonprofit organization that describes itself as “the world’s largest technical professional organization dedicated to advancing technology for the benefit of humanity.”

The study found that hackers use a technique known as a “distributed guessing attack” to successfully guess your card numbers. This method involves using multiple websites that accept debit or credit card payments to make guesses.

Two weaknesses make this attack possible, according to lead study author Mohammed Aamir Ali, a doctoral student in Newcastle University’s School of Computing Science:

  1. Currently, the online payment system does not detect when multiple invalid payment requests — resulting from a hacker’s unsuccessful guesses — are distributed across different websites. This allows a hacker to make unlimited guesses for each of the three card data fields: card number, expiration date and security code.
  2. Different websites ask for different card data fields to validate online purchases. For example, some ask for all three fields, while others ask only for the card number and expiration date.

Ali says it’s the combination of these two weaknesses that makes it “frighteningly easy for attackers to generate all the card details one field at a time.”

Putting that another way, he concludes:

“So even starting with no details at all other than the first six digits — which tell you the bank and card type and so are the same for every card from a single provider — a hacker can obtain the three essential pieces of information to make an online purchase within as little as six seconds.”

Fortunately, the researchers note, simple steps like monitoring statements and balances regularly can help consumers guard against distributed guessing attacks.

Visa notes other safeguards in a statement provided to Money Talks News on Thursday:

“The research does not take into account the multiple layers of fraud prevention that exist within the payments system, each of which must be met in order to make a transaction possible in the real world. …

Visa also offers enhanced security using Verified by Visa (based on the 3DSecure standard) which offers improved security for e-commerce transactions. … Where a merchant chooses not to use Verified by Visa for a card not present transaction, they will assume the risk for fraud. …”

To learn about how Verified by Visa works, visit Visa’s consumer webpage on the topic. To learn about other safeguards Visa provides for cardholders, visit its “Security + support” page.

For more tips, check out “7 Ways to Guard Your Wallet — and Identity — When Shopping Online.”

What’s your reaction to this news? Share your thoughts below or on Facebook.

Stacy Johnson

It's not the usual blah, blah, blah

I know... every site you visit wants you to subscribe to their newsletter. But our news and advice is actually worth reading! For 25 years, I've been making people richer without making their eyes glaze over. You'll be glad you did. I guarantee it!

💰🗣📰

Read Next: 10 Key Facts to Test Your Credit Card IQ

Check Out Our Hottest Deals!

We're always adding new deals and coupons that'll save you big bucks. See the deals to the right and hundreds more in our Deals section.

Click here to explore 1,950 more deals!