There was a story in The Register some years ago about a bloke who was employed by one of the major CC firms. He discovered that for the past few years, due to a computer error all the cards that had been issued had been given one of only four different PINs. Nobody had noticed because, well, when do you ever discuss your PIN with someone? He took his findings to the FSA (or whatever was the equivalent at the time), who realised that if it got out that CC firm would basically be [LIFTED], thousands of people would lose their jobs and the public trust in the electronic transaction system would shattered forever. And every CC owner with a dodgy looking transaction on their account would have had a cast-iron reason to force the CC company to refund them.
So they convinced him to keep it quiet until all the cards had gone through their 'lifespan' and been re-issued with more varied PINs.
As soon as he was in the clear he quit the firm (needless to say they weren't happy about his whistleblowing but couldn't sack him while the proverbial sword of damocles was over their head, so they made his life pretty rubbish for several years) and wrote a book about it which got strangely little publicity given the story he had to tell.
Analysis suggested the amount of fraud on those CCs was not significantly higher than on other cards that didn't suffer from the flaw. Even the criminals didn't notice apparently....
Users browsing this forum: No registered users and 16 guests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum