Recent cases in which people have been charged with online fraud for allegedly making purchases with illegally obtained credit card numbers have shed light on the lack of effective measures taken to frustrate the CreditMaster scam used in these incidents, even though the credit card industry was already aware of its existence.
The industry is being urged to take steps to protect cardholders from the CreditMaster scam, in which credit card numbers can be deduced through simple manual calculations.
[…]
According to the Japan Credit Card Association, credit card numbers are basically set sequentially based on a specific protocol created by individual credit card companies.
The CreditMaster scam–which takes its name from a card-generation malware– allows existing credit card numbers to be identified by making calculations based on the number of the base card and excluding a specific set of numerals by which the credit card company can be identified.
“The calculations were very simple so I could [identify the card numbers] by manual calculation,” Asahi reportedly said.
Asahi identified 68 credit card numbers and the cards’ expiration dates based on 10 existing cards. She used the numbers to purchase TVs and other domestic appliances worth a total of 10 million yen on major Internet shopping sites.
Read more on Daily Yomiuri Online.