Credit Card 101 - Part 1

Hello guys , we are back with another awesome article. In this series of articles ( credit card 101 ) we are going to learn about various credit cards , how credit cards work , how to hack credit cards and most important how to secure your personal credit card. So to start with credit card hacking we must first understand how credit cards are designed and how they work.

Credit Card Numbers :

So lets consider a random credit card for example ( This is not my credit card ).

4485 3151 5882 2849

Now the credit card number is divided into various parts which help the payment gateway to charge the original consumer of the credit card. 

1. The first number (4) is the MII

2. The next 5-6 numbers are the issuer ID

3. The next numbers leaving the last number are the user ID

4. The last number is the check number also known as check algorithm number.

What is MII ?

MII basically stands for major industry identifier . This is a constant number that is given to the consumer according to the needs of the consumer . For example in most cases a consumer uses his/ her credit card numbers for online transactions. This is the reasons most credit card numbers start from 4 and 5 which means banking and financial industry . This digit can range from 0 to 9. We will provide more information in the bottom of the article .

What is Issuer ID ?

The issuer ID basically stands for the card provider i.e. visa , mastercard , etc. For example if the digit is 4xxxx then it is a VISA card and the length of the card is 16. We have provided more information about in the bottom of the article.

What is User ID ?

This number is basically the Identity of the user and the bank to which the card was issued . It depends on the users account number and other details . This number can be reused if a particular card holder stops using the service.

What is check number ?

A check number is used to ensure the validity of the card. It is the last digit of the credit card. Credit cards follow luhn check algorithm.

Luhn's Credit Card Algorithm :

Original Number : 4485 3151 5882 2849

1. From the back , double every alternate number.

What we get : 8  (16)  6  (10)  (10)  (16)  4  8

2. If the doubled numbers are double-digit numbers then add them.

What we get  : 8   7   6   1   1   7   4   8

3. Write the alternate numbers that we deleted in the first step.

8475   6111   1872   4889

4. Add the new credit card number that we get.

8+4+7+5+6+1+1+1+1+8+7+2+4+8+8+9=80

5. If sum is a multiple of 10 then the credit card number is valid.

Since 80 is the multiple of 10 . We can conclude that 4485 3151 5882 2849 can be a valid credit card number.

MII / Digit Value Category

0 = other industry assignments 
1 = Airlines industry assignments.
2 = Airlines and other industry assignments
3 = Travel and entertainment 
4 = Banking and financial 
5 = Banking and financial 
6 = Merchandising and Banking 
7 = Petroleum 
8 = Telecommunications and other industry assignments 
9 = National assignment

Issuer ID                                  Card Number

• Diner's Club/Carte Blanche   300xxx-305xxx, 36xxxx, 38xxxx
• American Express                   34xxxx, 37xxxx                   
• VISA                                        4xxxxx                               
• Mastercard                              51xxxx-55xxxx
• Discover                                  6011xx     

Download PDF of this article

DownloadMP4 Video of this article

Check Latest Article

Check Next Article ( will be updated soon )

More :

You can access full course free on the following platforms :

www.ehacking.net

www.priyankgada.blogspot.com

www.youtube.com/c/priyankgada

www.facebook.com/webmaster.pg

www.twitter.com/group_flexi

Please note all the content is copyright (c) material of Priyank Gada. Using this without permissions should be prohibited .

Read more

by Malik korrich ~ dimanche 4 septembre 2016 0 commentaires

The outcome of the Notorious Teamviewer hack

Over the past few months, the users of teamviewer, a remote access service have been discussing their experience of being ransacked by attackers, who somehow gained access to their accounts. In many of the cases, online thefts reportedly drained user’s PayPal and other bank accounts. No one knows the exact number of accounts being hacked yet, but there’s no denying that the Teamviewer is breached.


For more than a month, many social media sites and blogs have received such numerous reports. Many often claimed that the intrusions are the reason for this failure, which has an effect on many others.

The attacker did transactions and shopped online using user’s PayPal and bank details, many caught this and rolled back the transactions but many left helpless. Nick Bradley the Security Researcher at IBM reported his experience, "In the middle of my gaming session, I lose control of my mouse and the Teamviewer window pops up in the bottom right corner of my screen, As soon as I realize what is happening, I kill the application. Then it dawns on me: I have other machines running Team Viewer!"

He continued:

“I run downstairs where another computer is still up and running. Lo and behold, the Teamviewer window shows up. Before I am able to kill it, the attacker opens a browser window and attempts to go to a new web page. As soon as I reach the machine, I revoke control and close the app. I immediately go to the Team Viewer website and changed my password while also enabling two-factor authentication. Lucky for me, those were the only two machines that were still powered on with Team Viewer installed. Also lucky for me is the fact that I was there when it occurred. Had I not been there to thwart the attack, who knows what would have been accomplished. Instead of discussing how I almost got hacked, I’d be talking about the serious implications of my personal data leak.”

The threat is that if personal data or bank transaction is performed without being noticed then who is responsible for their losses. That made the users of Teamviewer insecure and creates a bad impression on them.






 


These statements made Teamviewer to announce two measures to introduce in response to the huge number of reported hijacking. The first measure “Trusted Devices”, ensure that the account holder must explicitly confirm that the new device is trusted before access is granted to existing accounts for the first time.

The second measure is “Data Integrity” which provides automatic examine that detects when an account goes hacked. "The system determines continuously if your Teamviewer account shows unusual behavior (e.g. access from a new location) that might suggest it has been compromised," said Axel Schmidt the spokesperson of Team Viewer.

Read more

by Malik korrich ~ mardi 7 juin 2016 0 commentaires

EHACKING Weekly : Roundup of Top Hacking News

This has been a heck of a week for the security industry, with many new Vulnerabilities and Malware's discovered by security researchers around the world. Plus a major hacking attack on LoopPay  by Chinese hackers, which has raised many questions on the security of Samsung Pay.

iOS and Android security teams also hit with a setback of latest malware discovered by security researchers, which has already effected their thousands of users around the world. Here's the roundup of all the top news of this week.

An iOS Malware which even attacks Non-Jailbroken devices 

Palo Alto researchers has discovered a new malware which they dubbed as the "YiSpecter". This Malware is attacking both type of iOS devices (Jailbroken and Non - Jailbroken). The Malware can bypass the Apple's App Store which is something seen very rarely. So far iOS users in U.S are not effected with this malware but it has effected thousands of users in China and Taiwan.

A highly dangerous Android Malware discovered 

Android developers and security team also had to hear a bad news this week when they discovered on Wednesday that a Malware name "Kemoge" is effecting their users in more than 20 countries around the world. The malware was identified by the Fireeye Researchers, which they believed is developed by Chinese Hackers. The malware can enter the users device through third-party app, an once it was installed it sends all the users data to remote server.

 Cisco researchers hit Hacking economy big time 

This is one good news for the security industry. The researchers of Cisco disrupted the $30 to $60 Million a year hacking operation, where hackers demand ransom after taking the users system hostage. Tech firm said criminals had used the notorious Angler Exploit malware tool to target tens of thousands of users every day. The users who are effected on daily basis with this operation is believed to be around 90,000.

Chinese Hackers breached LoopPay - Samsung subsidiary 

A group of Chinese hackers breached the LoopPay servers which has raised many question on the security of newly introduced Samsung's pay system. The security researchers around the world are very concerned with the breach of LoopPay servers. The news that Chinese Hackers Breached LoopPay, the core of Samsung Pay system, has been provided by the The New York Times and has been confirmed by Samsung with an official statement.

Iranian Hackers targets LinkedIn users 

Another big giant has been on the top of news this week, when a secret operation of Iranian Hackers is reveled. This group of hackers are targeting LinkedIn users through 25 fake profiles, which looks pretty valid when you see them first time. Their target was telecommunication and defense sector of Middle East and Asia. LinkedIn has taken down those accounts immediately but has not released any statement.

General Motors asks Hackers to report vulnerabilities 

Self-driving cars has been vulnerable to hackers like we saw previously. This week in an interview a General Motors representative he asks security researchers to report any Vulnerability they find in their new cars to them directly.  This is the first time any motor manufacturer has asks hackers to report vulnerabilities directly to them. Cadillac's ELR is one of the GM vehicles potentially vulnerable to hacking. 

  

Read more

by Malik korrich ~ vendredi 9 octobre 2015 0 commentaires