How Effective is Credit Card Information Theft?

Click For Summary

Discussion Overview

The discussion revolves around the implications of quantum computing on cryptography, particularly in relation to credit card information theft and data security. Participants explore the potential timeline for practical quantum computers, the necessity of strong encryption in modern society, and the historical context of information security.

Discussion Character

  • Debate/contested
  • Exploratory
  • Conceptual clarification

Main Points Raised

  • Some participants express skepticism about the immediate threat posed by quantum computers to current cryptographic methods, suggesting that modern encryption is already quantum-resistant.
  • Others argue that the development of quantum computers capable of breaking RSA encryption is still a long way off, but acknowledge that smaller quantum computers may solve practical problems sooner.
  • There is a viewpoint that the fear surrounding quantum computing and encryption is overhyped, likening it to past concerns like Y2K.
  • Some participants highlight the importance of strong encryption for protecting sensitive information, citing the risks associated with data breaches in various sectors such as banking and healthcare.
  • Concerns are raised about the potential for archived communications to become readable if quantum computers are developed, which could reveal historical information previously thought secure.
  • Participants discuss the evolution of information security practices, contrasting past methods of data transmission with current encryption standards.
  • There is a mention of the challenges in preventing data interception, especially by state actors, and the implications for information that is encrypted today but may be vulnerable in the future.

Areas of Agreement / Disagreement

Participants generally express multiple competing views regarding the effectiveness and timeline of quantum computing's impact on cryptography, with no clear consensus reached on the necessity of current encryption practices or the actual risks involved.

Contextual Notes

Participants note that many current encryption methods are evolving, with some moving away from RSA to elliptic curve cryptography, which is believed to be more secure against quantum attacks. However, the discussion remains open regarding the long-term implications of quantum computing on data security.

  • #31
Algr said:
The brute force "try every password" attack was completely solved decades ago. (Just disallow more than one attempt per second.). All these giant untypeable unmemorizable O0Il| sensitive passwords are just bad security experts passive aggressively punishing users, and finding ways to blame users for bad product design.
Yes, I have for years thought those big passwords are silly. You have to record them somewhere, and that record is then a security risk.

Realize though that the true goal isn't to make the the user safe. The goals are to make the user feel safe and make sure someone else gets the blame if something goes wrong. There is also a big pressure for conformity. If everyone else goes to big passwords and you don't then in court you can be accused of laxity. An effective defense is to show you did what everyone else was doing.
 
Computer science news on Phys.org
  • #32
jack action said:
You don't think that more powerful computers will be able to create problems that will be hard to solve for that same computer? (I know I said encryption, but it may be some other method still unknown because there is no need - or no mean - for it.)
"Computers are useless. They can only give you answers."" -- Pablo Picasso
 
  • #33
jack action said:
What has changed now?
It's more difficult to steal a million physical credit cards, than the electronic details of a million cards from one computer hack.
 
  • #34
PeroK said:
It's more difficult to steal a million physical credit cards, than the electronic details of a million cards from one computer hack.
Without getting caught and being able to use this information? Are you sure about that? Why aren't there more people doing it then?
 
  • #35
jack action said:
Without getting caught and being able to use this information? Are you sure about that? Why aren't there more people doing it then?
Lots of people are! This literally happens on on a daily basis. Of course it is not always credit card information; usually it is just stolen password files that are then decrypted and the information used to access peoples e-mail and social media accounts (because people tend to re-use usernames and passwords). This is how many targeted phishing attacks are done.
 
  • #36
jack action said:
Without getting caught and being able to use this information? Are you sure about that? Why aren't there more people doing it then?

When one learns of the dark web ways, @PeroK is correct. Some hackers steal the information and then put it up for sale on the dark web. Other folks buy it and begin the process of actual theft. This makes it near impossible to track down the original hacking group.

Also this is how the pwn websites work to help you determine if your password/identifying info was stolen and should be changed.
 
  • #37
f95toli said:
Lots of people are! This literally happens on on a daily basis. Of course it is not always credit card information; usually it is just stolen password files that are then decrypted and the information used to access peoples e-mail and social media accounts (because people tend to re-use usernames and passwords). This is how many targeted phishing attacks are done.
They steal the info, but how do you know if they are using it?

Where I live, a few years ago, there's been a major data breach from the largest financial institution in my province: personal information of 2.9 million accounts. including business accounts. We're 8 million people, do the math, pretty much anyone in the province was affected, including me.

Big panic at the time. Lots of blame thrown around. Free credit-monitoring protection was offered by the financial institution (which was a big mess for people trying to get it). Personally, I did nothing. Like many I guess.

How skilled was the hacker? An ordinary employee just downloaded the info and sold it over a period of 15 months. Apparently, the buyers were small financiers trying to find potential clients.

Years later, not only has the effects of this data breach hasn't made the news in any way shape or form, but I never heard of a single person being victimized. Easy to get the info, not so easy to use it.

The true victim? The institution itself which had to deal with the fear and panic of its clients. Contacting every member personally to reassure them. And the public relations nightmare! The institution's president was in the news every day for days, if not weeks. A class action was even launched against them. How much do you think it all cost them? And for what? A small [unethical] marketing stunt to find potential clients?
 

Similar threads

Rejoice! Now You too can Build your very own Quantum Computer
  • · Replies 1 ·
Replies
1
Views
494
How can a quantum computer be faster than a classic computer?
  • · Replies 29 ·
Replies
29
Views
4K
Google: Demonstrating Quantum Supremacy
  • · Replies 6 ·
Replies
6
Views
3K
Never-Repeating Tiles Can Safeguard Quantum Information
  • · Replies 2 ·
Replies
2
Views
2K
Aging Effects for Hearts in Microgravity
  • · Replies 4 ·
Replies
4
Views
3K
Undergrad Physicists disagree wildly on what quantum mechanics says about real…
  • · Replies 84 ·
3
Replies
84
Views
5K
Storing cards with magnetic strips/chips (eg. credit cards) close to one another
  • · Replies 8 ·
Replies
8
Views
6K
Electron movement in Polyacetylene modeled in quantum device
  • · Replies 2 ·
Replies
2
Views
1K
Undergrad Nature Physics on quantum foundations
  • · Replies 460 ·
16
Replies
460
Views
27K
Declining scientific productivity
  • · Replies 12 ·
Replies
12
Views
2K