Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gift Card Hacking

Posted by CmdrTaco on from the where-do-I-swipe-it dept.

TheSauce writes "MSNBC has this discussion of how easy it is to hack and jack the contents of those lovely Plastic Gift Cards one sees at most Mass Merchants and Consumer Electronics stores. One retailer notes that the odds of this occuring are about at the level of being pickpocketed."

4 of 264 comments (clear)

  1. Barnes and Noble. by saintlupus · · Score: 5, Insightful

    I worked at Barnes and Noble for a while a couple Christmases ago, and here's how their gift card system worked:

    When you got the card, it was preauthorized with a certain amount of money in a certain account number, like any other debit card. The account number was on the magstrip of the card, was printed on the card, but was _also_ printed on the gift receipt that came with the card.

    Now, all that was necessary to redeem the gift card was that number. But most people just tossed the second receipt. Which meant that a quick swipe through the trash outside the store doors could probably yield a few hundred dollars worth of gift card credit as yet unredeemed.

    Nice, eh? Even when we told people expressly not to do it, they still did. Wonder how many got burned.

    --saint

    1. Re:Barnes and Noble. by JordanH · · Score: 5, Insightful

      Sheesh... Why, oh why, do we need a law to protect people from doing stupid things?

      I could see a law where the vendor had to inform you to protect the numbers, but not allow them to give you a slip of paper with the number on it? That's pretty paternal, don't you think?

      A lot of receipts have credit card numbers on them, too, which is why you should always dispose of receipts carefully. It's a real convenience to have this reference information on a receipt, and I imagine there's a good business case for having the gift card number on the receipt as well. Makes it easier to bring the card back and get it worked out if the magstrip goes bad, for example.

      What we need is a less paternalistic government to train people to be smarter and more responsible for themselves.

      Oh, never mind, most people with a public school education have been trained not to think for so long now that any arguments are useless. OK, I give up... What we NEED is for these gift cards to be implanted in a chip in your wrist so you don't accidentally throw them away. That's the law we REALLY need.

  2. Re:Nondisclosure by swb · · Score: 4, Insightful

    Swell. So there's no significant economic reason for that company to change their policies yet.

    Sure there is, its the internal economic justification of the manager in charge of the gift card program. The boss is likely to hear about this, and when (s)he does (s)he will either change the program or get canned.

    No one wants an easy-to-rip-off gift card system. It invites attack from other fraud artists (if this system is lax, then others likely are too), pisses off customers and ruins loyalty.

    The larger problem is that there's little financial incentive for stores to fix the problem generally (other than being seen as generally lax), since the losses aren't their own, they're someone else's, and even hijacked cards are money made for the store.

  3. Why they don't care by Col.+Klink+(retired) · · Score: 5, Insightful

    I can see why the retailers don't really care. If someone forges a paper gift certificate and redeems it, the store is out the money. The thieves are just printing money.

    But when someone forges a stored-value card, they're stealing from other customers. The "value" has already been paid for, so the store doesn't lose anything.

    --

    -- Don't Tase me, bro!