Posted by Richard Lynch on 09/29/11 11:07
Brian Dunning wrote:
> I agree with this. There is way too much paranoia about credit cards
> online. 99% of stolen credit card numbers are acquired by phishing and
> the other 1% by uncrumpling receipts out of a wastebasket. There's no
> longer any reason to go to the trouble of trying to crack encryption.
> Remember the knight who went into battle wearing armor only on his
> legs?
Source for these statistics?
Cuz I believe the crumpled paper is MUCH higher than that, from resources
I've consulted.
However, phishing may be much higher than in the past, so would love to
learn where you got these numbers.
Or if you just made them up and wanted to imply that compromised servers
are the almost-zero that's fine too -- Just want to know if these are
"real" stats or made-up.
I would guess that 99%++ are still from external sources (phish + paper),
rather than compromised servers.
But I am *NOT* willing to be the one unlucky guy who loses $50K and all my
customers from a compromised server -- And I simply won't implement
something that would let my client be that one unlucky guy.
The credit card companies charge exhorbitant rates and fees and whatnot to
cover the losses to these things, and they have the resources to better
manage the data safely. Let *THEM* worry about it.
--
Like Music?
http://l-i-e.com/artists.htm
[Back to original message]
|