SecurityWorkspace

PayPal President Has Credit Card Hacked

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Follow on: Google +

Online payments chief had card ‘skimmed’ whilst in the UK – and says it wouldn’t have happened if we all used PayPal

The President of online payments company PayPal has revealed that his credit card was cloned recently whilst on a trip to the UK.

David Marcus tweeted that a ‘ton’ of fraudulent transactions had been carried out via his account following the hack.

Marcus believes his card was ‘skimmed’, a process whereby information is copied using an external device before being printed onto a new card which can then be used for fraudulent payments.

It is often facilitated by a device fixed to the front of a point-of-sale terminal or ATM that secretly swipes credit and debit information when customers slip their cards into the machines to pay for something or withdraw cash.

david marcus paypalProper precautions

Marcus (pictured left) isn’t one to let a little credit card fraud get in the way of his corporate message, however, remarking that the crime, “wouldn’t have happened if (the) merchant accepted PayPal.”

“Obfuscating card data online, on mobile, and now more and more offline remains one of PayPal’s strongest value props.”

US credit cards are usually less secure than those of the rest of the world, because they do not have “Chip and PIN” or EMV technology – but Marcus revealed that this was a Chip and PIN credit card. He believes the skimming was most likely to have occurred via cloning of the magnetic strip on his card.

EMV chips  which validate credit and debit card transactions using a “Chip and PIN” machine, did away with the process of signing a credit card receipt in Britain and much of Western Europe some while ago , but has had a slow up-take in the United States, with a number of companies still using the older, and less secure, magnetic strip. However, Mastercard has this week confirmed that it will begin rolling out Chip and PIN services in the US from October 2015, with Visa also stating they are looking to implement the technology soon.

PayPal has endured several attacks on its operations recently, coming under attack last week from notorious hacker group the Syrian Electronic Army. The SEA carried out an attack on the DNS infrastructure which served the site, redirecting users logging into the service to a page of anti-US government messages.

The recent attack on the American chain Target, which led to the credit card details of 40 to 70 million customers being stolen, proved a major turning point in opinion regarding credit card security. The company is now in the process of upgrading its systems to offer Chip and PIN services, which provide better security to customers, as it is expected to suffer hundreds of millions in losses as a result of the breach.

Think you know security? Test yourself with our quiz!