In Does The Online Card Payment Landscape Unwittingly Facilitate Fraud?, a new paper in IEEE Security & Privacy, researchers from the University of Newcastle demonstrate a technique for guessing secruity details for credit-card numbers in six seconds -- attackers spread their guesses out across many websites at once, so no website gets enough bad guesses to lock the card or trigger a fraud detection system. Read the rest
