Click here for a Printable PDF

by Jesse D. Gossett*

Shopping on Black Friday. It’s almost as American as baseball and apple pie. But during the 2013 holiday season, over forty million U.S. citizens experienced what is increasingly becoming a uniquely American problem: face-to-face (“FTF”) credit card fraud.[1]

FTF credit card fraud occurs when a consumer’s credit card magnetic stripe (“magstripe”) is swiped through a merchant’s card reader.[2] The fraud occurs when someone intercepts the information somewhere along the way. In the case of Target’s December 2013 data breach, [3] the interception of credit and debit card information[4] happened using a so-called memory parsing malware at the Point of Sale (“POS”).[5] But this is not the only interception method. Nearly ten years ago, fraudsters used wireless technology to access the unencrypted network of Marshall’s, which allowed them to access at least forty-five million credit card numbers.[6] Or, the theft can be as seemingly low tech as so-called skimming where the fraudster places a secondary card reader on an ATM or gas pump, or the waiter you handed your credit card to at lunch swipes it through a device on his smart phone before giving it back to you.[7] What all of these frauds have in common is they take advantage of a serious flaw in the credit card payment processing system in the United States. Namely, our credit card system relies on forty-year-old magstripe technology.[8] Continue reading “Target, Negligence, Chips, and Chickens” →