ITWire

Home Business IT Security Melbourne's Myki leaks credit card info

Melbourne's Myki leaks credit card info

Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


Another problem has come to light concerning Melbourne's much-criticised Myki public transport fares system, with credit card information being exposed.

We recently saw how a partial credit card number exposed by Amazon was used to gain fraudulent access to an individual's iCloud and ultimately to other online accounts.

Now we learn that receipts for payment card based self-service top-ups of Myki cards include more details of the card used than ASIC recommends.

The cardholder's name, nine digits of the card number (not the usual last four or five that suffice to give the cardholder a record of which card was used) and its expiry date are all shown on the receipt.
ASIC guidelines say the expiry date should not appear on receipts, and in any case there is no good reason for it to be included.

Yes, the imprinters that were previously used for card transactions generated a receipt with the full card number, expiry date and a copy of the cardholder's signature, but we've moved on from there.

The sting in the tail with the Myki machines is that they reportedly issue a receipt even when the customer indicates they don't want one.

Furthermore, if a receipt is requested. a two copies are printed. This makes it likely that at least one receipt will be left behind.

Why it has taken so long for the issue to come to light is a mystery.

For privacy reasons, some travellers decline to register their cards on the Myki web site and only top up with cash.

ITWIRE SERIES - BUSINESS INTELLIGENCE WEBINAR

Looking to successfully deploy Business Intelligence & Analytics?

Discover the “real-world state of the BI market” – the knowledge you need to ensure Business Intelligence (BI) and analytics success.

Join Yellowfin for a free Webinar!

We dissect the results of 2013’s Wisdom of Crowds Business Intelligence Market Study – the BI industry’s most in-depth research report into major implementation, usage and technology trends and developments.

REGISTER NOW!

ITWIRE SERIES - BUSINESS COLLABORATION SUMMIT

Collaboration, Contact Centre and the Cloud - this is one you cannot afford to miss!

Considering the Cloud? Next generation Contact Centre? Do you understand your Customer Conversations? Are you really Collaborating?

The event will be showcasing traditional Unified Communications, Contact Centre and Workforce Optimisation themes, with an emphasis on the Australian market and cloud-based applications.

VENUE DOLTONE HOUSE HYDE PARK - SYDNEY 24th JULY

REGISTER NOW

ITWIRE SERIES - CIO SUMMIT GOLD COAST

For CIOs & Senior IT Management Summit on the Gold Coast!

This event has been personally vetted by the iTWire CEO who has attended four of these conferences in the past and is an event you cannot afford to miss!

We can guarantee that this conference is of great value. Network with fellow CIOs and IT Mgrs and hear Glenn Archer CIO, Australian Government Information Management Office (AGIMO), Matt Barrie, Award-winning Entrepreneur to provide insights on Navigating Your Entrepreneurial Initiatives in a Hyper-connected New World, Stephen Tame, CIO & Head of Group Information Technology, Jetstar, Tim Thurman, CIO, Australian Securities Exchange (ASX).

LIMITED PLACES REGISTER NOW

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences, a PhD in Industrial and Business Studies, and is a senior member of the Australian Computer Society.

More in this category: « LogMeIn Central gains AV management Video of the police raid on Kim Dotcom in New Zealand »
back to top


Services

Company

Community

Connect

http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=5460041&PluID=0&ord=[2000]&rtu=-1