Edex News

All it takes is six seconds to hack your credit card!

Researcher Md Ali tells Seema Rajpal how easily a credit card can be hacked

Published: 16th January 2017 06:00 AM  |   Last Updated: 15th January 2017 08:34 PM   |  A+A-

Express News Service

Happy with the amount you saved in the last online sale? Good, because recent research will give you second thoughts about shopping online. PhD student, Mohammed Ali, from Newcastle University, UK, along with four other members, wrote the paper How to crack a credit card in six seconds — proving that your worst nightmare of your bank account getting hacked, can indeed come true. Just six seconds though? “It takes two seconds for VISA to get back to us after we click on the checkout page and a normal debit card is valid for five years. The hacker creates fake websites, and needs just 60 attempts to get the expiry date right. He will distribute these attempts over various websites,” and before you know it, your account has been hacked.


The 26-year-old begins by telling us one of the flaws of the e-commerce industry. Essentially, there are three groups of websites as there are variations in the fields required like card number, expiry date, CVV and then OTP. “While some sites require OTP, others require only card number and expiry date - all for the sake of speeding up the process,” Ali points out. Couple this with the unlimited attempts websites offer to get the fields right, hackers can go to a website that requires only card number and expiry date, and get them right through trial and error. Then they use this information to proceed to the next group of websites, eventually hacking your card.

With a lot of hackers and phishing software constantly in the mix, things can get a little unsafe for the average online shopper when they’re chilling.  But this is hardly the worst, “If the hacker gets hold of all your card details and attempts the OTP three times, your card will be blocked and then you, even as a valid customer, cannot use it,” says Ali.  He tells us, “Sometimes we can’t differentiate between original and dubious websites. Amazon.org will look exactly like Amazon.in. Always check if you are on the correct website. Also, keep an eye on your bank statements. If you find anything fishy, inform the banks immediately,” advises Ali.

Stay up to date on all the latest Edex news with The New Indian Express App. Download now
Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.