PayPal President Falls Victim to Credit Card Fraud, Raises Question on EMV Chip Cards
By Johnlee Varghese | February 11, 2014 9:15 PM EST
The latest person to fall victim to credit card fraud is PayPal's President David Marcus. The incident has created a buzz among many, especially since PayPal specializes in online payments and one would expect the president of such a company to be safe from hackers. However, Marcus, who accepted that his credit card information had been stolen, while lobbying that PayPal is safer, raises concerns on the security issues with EMV chip credit cards.
He has used the incident as an opportunity to promote his own company.
My card (with EMV chip) got skimmed while in the UK. Ton of fraudulent txns. Wouldn't have happened if merchant accepted PayPal...
— David Marcus (@davidmarcus) February 10, 2014
A hacker not only stole the credit card information, but also made several fraudulent transactions. But what the PayPal president points out is that the EMV chip credit cards that are being touted as safe and reliable, are in fact not so safe.
Following the data breach at the Target Corp, EMV Chip cards were set across as much safer options in comparison to vulnerable magnetic-stripe credit and debit cards in the United States.
However, it now appears that EMV cards alone can not prevent a possible hacker from stealing the credit card information. Digital Transactions, a news analysis website reported earlier last month that the EMVs are vulnerable and should not be considered hacker-proof.
The article stated that "data still can be transmitted, unencrypted, or in plain text, during an EMV transaction. Much of the data is the same information fraudsters intercept from mag-stripe cards, including the primary account number (PAN), card expiration date, and cardholder name."
And when the card is connected "to the Internet and you introduce the possibility of hackers capturing card data unless the information is encrypted immediately upon swipe (or tap or “dip” with chip cards) and not decrypted until arriving at a secure place outside the merchant environment. Although the links in the payment-processing chain where data move unencrypted have shrunk over the years, vulnerable plain-text points remain," the article added.
Following the incident, there has been increasing pressure on the card issuers to improve the credit and debit card security features.
To report problems or to leave feedback about this article, e-mail:
To contact the editor, e-mail:
Join the Conversation
- Sydney Siege Aftermath: Australia's Gun Laws May Be Under Review
- Australian Muslim Says Sorry for Sydney Siege
- Sweden Launches Website To Crack Down On Child Sex Tourists
- Rupert Murdoch Blasted For 'Insensitive' Tweet Over Bloody Outcome of Sydney Siege
- Australian ISIS Fighters Mocked Hostage Situation; #SydneySiege Hashtag Condemned