THE RETAIL BULLETIN - The home of retail news
Click here
Home Page
News Categories
Commentary
CX
Department Stores
Desert Island Stores
Electricals and Tech
Entertainment
Fashion
Food and Drink
General Merchandise
Grocery
Health and Beauty
Home and DIY
Interviews
People Matter
Retail Business Strategy
Property
Retail Solutions
Electricals & Technology
Sports and Leisure
TRB conference review
Christmas Ads
Shopping Centres, High Streets & Retail Parks
Uncategorized
Retail Events
People in Retail Awards 2024
Retail Ecom North
Retail HR North 2025
Retail Omnichannel Futures 2025
Retail HR Central 2025
The Future of The High Street 2025
Retail Ecom Central
Upcoming Retail Events
Past Retail Events
Retail Insights
Retail Solutions
Advertise
About
Contact
Subscribe for free
Terms and Policies
Privacy Policy
Fraudsters cleaning up with pre-paid gift cards

The growth of plastic gift cards with magnetic stripes on the back is leading to a wave of fraud as these payment methods are not as… View Article

RETAIL SOLUTIONS UK NEWS

Fraudsters cleaning up with pre-paid gift cards

26 October, 2009 | by

The growth of plastic gift cards with magnetic stripes on the back is leading to a wave of fraud as these payment methods are not as secure as credit and debit cards that now have chips embedded.

Research from Corsaire found that although credit card security technologies like chip and PIN are now being rolled out on a global scale, fraud against cards that still use a ‘magstripe’ remains a very real threat to both consumers and retailers.

Adrian Pastor, principal security consultant at Corsaire and author of the report, says: “As with any other form of currency, magstripe gift cards are an attractive target for fraudsters, especially since there are several different strategies that an attacker can use to try to perform fraudulent purchases using gift cards. As such, gift cards should be treated in the same way as any other type of currency, and retailers should follow the same security procedures that they use with any other types of electronic payment.”

Gift cards are even more enticing to fraudsters as many retailers allow customers to take the cards from easily accessible locations on Point-of-Sale displays as the cards have no value until they are processed at the till. Retailers often do not consider the loss of gift cards to be a security issue because the cards are not activated unless purchased.

But Corsaire found that the data on the magnetic stripe on these cards remains exactly the same before and after being activated. Instead, the card gets its value from an online transaction whereby the back-end servers of the gift card provider update the balance for that given card number, and then flag the card number as being activated.

For fraudsters, such easy availability of these cards makes it much easier to clone them. Even if the gift card has not yet been activated, the attacker can simply puts the cloned card back on the stand and then waits until it is purchased and loaded with credit. At this point, the fraudster can purchase goods with the illegal copy of the card.

“Although card cloning represents a particular threat for magstripe technology, the entire gift card system can also be compromised through online administration consoles if a fraudster manages to attack a website that isn’t secure. For example, it may be possible for the attacker to use the information that he has obtained to gain unauthorised access to important back-end systems, and then perform fraudulent purchases by changing the balance of a card in their possession, even if they have little or no knowledge of cloning or magstripe technology,” explains Pastor.

Subscribe For Retail News