Saturday, April 21, 2018
News Roundup

Weak U.S. card security made Target a juicy target

NEW YORK — The United States is the juiciest target for hackers hunting credit card information. And experts say incidents like the recent data theft at Target's stores will get worse before they get better.

That's in part because U.S. credit and debit cards rely on an easy-to-copy magnetic strip on the back of the card, which stores account information using the same technology as cassette tapes.

"We are using 20th century cards against 21st century hackers," said Mallory Duncan, general counsel at the National Retail Federation. "The thieves have moved on, but the cards have not."

In most countries outside the United States., people carry cards that use digital chips to hold account information. The chip generates a unique code every time it's used. That makes the cards more difficult for criminals to replicate. So difficult that they generally don't bother.

"The U.S. is the top victim location for card counterfeit attacks like this," said Jason Oxman, chief executive of the Electronic Transactions Association.

The breach that exposed the credit card and debit card information of as many as 40 million Target customers who swiped their cards between Nov. 27 and Dec. 15 is still under investigation. It's unclear how the breach occurred and what data, exactly, criminals have.

Companies haven't further enhanced security because it can be expensive. And while global credit and debit card fraud hit $11.27 billion last year, those costs accounted for just 5.2 cents of every $100 in transactions, according to the Nilson Report, which tracks global payments.

Another problem: Retailers, banks and credit card companies each want someone else to foot most of the bill. Card companies want stores to pay to improve their internal systems. Stores want card companies to issue more sophisticated cards. Banks want to keep the profits they get from older processing systems.

Card payment systems work much the way they have for decades. The magnetic strip on the back of a credit or debit card contains the cardholder's name, account number, the card's expiration date and a security code different from the three or four-digit security code printed on the back of most cards.

When the card is swiped at a store, an electronic conversation is begun between two banks. The store's bank, which pays the store right away for the item the customer bought, needs to make sure the customer's bank approves the transaction and will pay the store's bank. On average, the conversation takes 1.4 seconds.

During that time the customer's information flows through the network and is recorded, sometimes only briefly, on computers within the system controlled by payment processing companies. Retailers can store card numbers and expiration dates, but they are prohibited from storing more sensitive data such as the security code printed on the backs of cards or other personal identification numbers.

Hackers have been known to snag account information as it passes through the network or pilfer it from databases where it's stored. Target says there is no indication that security codes on the back of customer credit cards were stolen. That would make it hard to use stolen account information to buy from most Internet retail sites. But the security code on the back of a card is not needed for in-person purchases. And because the magnetic strips on cards in the United States are so easy to make, thieves can simply reproduce them and issue fraudulent cards.

"That's where the real value to the fraudsters is," said Chris Bucolo, a senior manager at ControlScan, which helps merchants comply with card processing security standards.

Once thieves capture the card information, they check the type of account, balances and credit limits, and sell replicas on the Internet. A simple card with a low balance and limited customer information can go for $3. A no-limit card can go for $1,000, according to Al Pascual, a senior analyst at Javelin Strategy and Research, a security risk and fraud consulting firm.

Credit card companies in the United States have a plan to replace magnetic strips with digital chips by the fall of 2015. Retailers worry the card companies won't go far enough. They want cards to have a chip, but they also want each transaction to require a personal identification number, or PIN, instead of a signature, to increase security.

Comments
Motorcyclist dies after crash on Memorial Highway

Motorcyclist dies after crash on Memorial Highway

TAMPA — A motorcyclist driving north on Memorial Highway died after he crashed into a guard rail late Friday, police said."The man failed to negotiate a curve in the road and struck a guard rail," said Lt. Brett Owen. "No other vehicle was involved i...
Updated: 25 minutes ago
Shaquem Griffin: ‘I’m not just a feel-good story’

Shaquem Griffin: ‘I’m not just a feel-good story’

TAMPA — Shaquem Griffin wakes up knowing each day will be better than the last and barely unable to wait until tomorrow."It's just a whirlwind,'' Griffin said.On Thursday, he will walk the red carpet with his family, including his twin brother,...
Updated: 3 hours ago
After months, no action on Hillsborough’s substitute teacher problem

After months, no action on Hillsborough’s substitute teacher problem

TAMPA — Confronted in late 2017 with reports of misconduct by substitute teachers hired through a contractor, Hillsborough County school superintendent Jeff Eakins said he would ask tough questions and demand answers. He had his lawyer, Jeff Gibson, ...
Published: 04/21/18
Romano: Okay, now who sounds like a hysterical teen talking about guns?

Romano: Okay, now who sounds like a hysterical teen talking about guns?

The writer of the letter sounds hysterical. Perhaps a little desperate. And maybe that’s just who Marion Hammer is these days.Most of the world knows her as the take-no-prisoners maven of the National Rifle Association who directs Florida politicians...
Published: 04/21/18
Goodwill to open second store in greater Brandon

Goodwill to open second store in greater Brandon

Times staffThe greater Brandon area will celebrate the grand opening of its second Goodwill store beginning at 9 a.m. on Saturday (April 28) at 1407 U.S. 301. The new store will add another 12,000 square feet to the complex, which includes a 200,000-...
Updated: 3 hours ago
Clearwater Central Catholic tops Dunedin Spring Tournament host in extra innings

Clearwater Central Catholic tops Dunedin Spring Tournament host in extra innings

DUNEDIN — After losing a four-run lead thanks to a bad sixth inning, it would have been easy for Clearwater Central Catholic to fold against Dunedin in the final of the 49th annual Dunedin Spring Tournament. But quality relief pitching from Gar...
Updated: 11 hours ago
Span, Rays top Twins in 10 innings

Span, Rays top Twins in 10 innings

ST. PETERSBURG — Roughly four hours before taking the field against his former team Friday, Rays outfielder Denard Span spoke admirably about the Minnesota Twins, their organization in general, even hometown icon Joe Mauer.But business is busin...
Updated: 11 hours ago
Lightning feels Ryan McDonagh’s impact

Lightning feels Ryan McDonagh’s impact

BRANDON — Ryan McDonagh blocks shots. He competes for pucks in the corners and wins those battles. He moves the puck up the ice well. He can join the rush. He can shoot from the blue line. He kills penalties."It was a great pickup by (Lightning...
Updated: 11 hours ago

High school scoreboard for April 20

Friday’s scoreboardSoftballSpringstead 15, Central 0
Updated: 12 hours ago
St. Pete says discharge never reached the bay. Its own report says otherwise.

St. Pete says discharge never reached the bay. Its own report says otherwise.

ST. PETERSBURG — The city said not one of the 266,000 gallons of reclaimed water released on Jan. 18 reached Tampa Bay.There was no mention of the waste released from the Northeast Water Reclamation Facility ever reaching the bay in the city’s notice...
Published: 04/20/18