[pchelpers] Re: What's behind retail data breaches

Hi Ellen,

Saturday, September 22, 2007, 1:24:12 PM, you wrote:

EM> But before handing it over, the Verifone person took out a 12-page
EM> document, then keyed in a master password reset. Intrigued,
EM> Krawetz remembers asking what's to stop someone from stealing the
EM> credit card data within. Verifone replied that it was aware of the
EM> risk and said "it's being addressed." Krawetz said recently, "if
EM> an expert tells me that, I'm going to believe them." Now, 15 years
EM> later, he has gone public (click for PDF), with more or less the
EM> details of the flaw he first observed in 1992, the flaw that
EM> Verifone and other companies still haven't addressed.
EM> http://reviews.cnet.com/4520-3513_7-6774939-1.html?tag=nl.e404

I have a password that works on many Verifone 330s and 380s (which
have more memory), but it doesn't work on terminals programmed for use
with Unicard, so it's not a master password.

They do still store card info, even after transmitting, although I
don't know why, since as far as I know, they don't need to keep that
once they transmit.

-- 
Scott.



-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

Other related posts: