PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

Guesswork Alone Can Crack Visa Card Security – Newcastle University

By Sarah Grotta
December 5, 2016
in Analysts Coverage
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
Sport woman hand tying shoelaces wearing touchscreen smartwatch with health sensor app icon on forest trail background

Sport woman hand tying shoelaces wearing touchscreen smartwatch with health sensor app icon on forest trail background

Newcastle University published a report outlining how researchers were able to guess a Visa payment card number, the expiration date and the CVV code for credit and debit cards. As Finextra reported:

“By automatically and systematically generating different variations of the cards security data and firing it at multiple websites, within seconds hackers are able to get a ‘hit’ and verify all the necessary security data, they say.”

This is a particular concern for Visa, according to this report, based upon the way that transaction decline types are aggregated behind the scenes:

To obtain card details, the attack uses online payment websites to guess the data and the reply to the transaction will confirm whether or not the guess was right.

Because the current online system does not detect multiple invalid payment requests on the same card from different websites, unlimited guesses can be made by distributing the guesses over many websites.

However, the team found it was only the Visa network that was vulnerable.

Although the article suggests that this type of technique may have been used in the recent Tesco cyber attached, it is not known for certain. It is also good timing that Visa announced its purchase of on-line fraud solution provider, CardinalCommerce. That announcement can be found here.

Overview by Sarah Grotta, Director, Debit Advisory Service at Mercator Advisory Group

Read the full story here

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    account aggregation

    The Dilemma Facing Financial Institutions: Aggregate or Be Aggregated

    July 2, 2026
    contactless payments

    Wherever There’s Friction, Contactless Payments Can Help

    July 1, 2026
    gift card strategy, gift card trends

    How Cautionary Spending Is Fueling Gift Card Purchases

    June 30, 2026
    Know Your Agent

    Trust but Verify: Security in the Age of Agentic AI

    June 29, 2026
    SoLo CFPB

    How Banks Are Fighting the Scourge of Money Mules

    June 26, 2026
    The Goldilocks Principle and Banking

    Are Banks Fully Unlocking Their Data Gold Mine?

    June 25, 2026
    stablecoin regulation

    The New Settlement Frontier: Bank-Led Stablecoins and the Reordering of Global Capital Flows

    June 24, 2026
    merchant of record

    How the Merchant of Record Became a Global Commerce Engine

    June 23, 2026

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2026 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result