/b/ - Random

only the dead can know peace from this FUN


New Reply[×]
Name
Email
Subject
Message
Files Max 5 files32MB total
Tegaki
Password
Flag
[New Reply]

 Dress to impress!
[Index] [Catalog] [Banners] [Logs] [Archive]
No.322193
3d_brain_scan_may_cause_cancer.jpg
[Hide] (18.6KB, 512x288) Reverse
What is 3D Authentication, and How Doesn't It Work?

3D Authentication sounds like some hyperbiometric quantum device in your iPhone that captures a cube of the area in your room including your head, and transfers it to your bank so they can confirm it's you making a purchase. However, it actually refers to 3 "domains" - the authentication is done using 3 different entities. These are, the issuer of your card, the merchant's bank, and the payment platform. This probably sounds familiar. That's because it is. It's the same thing as done in the 90's but with a 0.05% improvement gained by implementing some tiny new variation that all you "security geeks" were nerdsniped over.

Amanda Walgrove, a writer on renound brands, summarizes the new "feature" in a Gaypal article[1]:

>When it comes to online shopping, a business normally can't verify a customer's identity in person. To help prevent fraudulent transactions and ensure payments are secure, they may use additional safety measures like 3D Secure.
This is something a password or a key could solve. But nevermind that, it's admitted that without one of those things, the bank indeed cannot tell if it is you making the purchase. But fear not: whatever the tiny new variation of the 90's procedure 3D Authentication adds (it is not stated) fixes this!

>Individuals lost nearly $8.8 billion to fraud in 2022 — a 30% increase from 2021. With significant losses, creating payment safety is top priority. That's where 3D Secure may help.
>That's where 3D Secure may help.
>may
In other words, it doesn't.

In closing, a customer having to unironically use a password or a key would be too hard and lose consumers' business, and companies like Gaypal and banks provide a solution that "may" (translation: doesn't) help.

Any more questions?

Here's a look at how the 3DS payment process can't work:
>    A shopper starts the checkout process.
>    They enter their payment details on the checkout page.
>    Before the payment can go through, the site redirects the shopper to their card issuer's 3D security page.
>    The shopper enters the password for their online banking account.
Translation: the customer becomes accustomed to typing his 2 digit password when a random website on the internet causes a password dialog to be shown on his screen.
>    The bank sends a one-time passcode to the shopper's phone number or email address, or the shopper is asked to answer a security question.
Translation: the bank secretly considers random trivia that shouldn't matter, such as email address, phone number, and IP address, as authentication criteria, and the customer is not told, and is therefore eventually locked out of his bank account.
>    If the shopper's information is correct, the bank will verify the transaction.
>    The shopper is redirected back to the website where they can complete their checkout process.


1. https://www.gaypal.com/us/money-hub/article/3d-secure-authentication
Replies: >>322272
No.322265
scream_1996__5-h_2020-compressed.webp
[Hide] (26.2KB, 740x417) Reverse
what do you want?
Replies: >>322266
No.322266
scream-4-1200x676-e1563825628927.webp
[Hide] (12.1KB, 800x489) Reverse
>>322265
to see what your insides look like
No.322272
Phon.png
[Hide] (553KB, 888x600) Reverse
With_a_phone,_you_can_call_ANYWHERE.jpg
[Hide] (242.6KB, 960x640) Reverse
Defensive_Linux_Security.jpg
[Hide] (251.8KB, 1334x1356) Reverse
linux_offensive_security.jpg
[Hide] (270.9KB, 1310x1332) Reverse
>>322193 (OP) 
The more you learn about programming and look into online, and even IRL, "Security", the more you realize that 90%+++ is simply security through Obscurity.
Even doorlocks and padlocks are merely there to keep the honest, honest.
I fucking jealously guarded my e-Identity, and hardcopy info since well before 2009, even though people I tried to warn about "just how bad things really are" would look at me as if I'd grown a second head right in from of them.
I was an avid reader of 2600, and watcher of the DEFCON YT uploads, even though I'm not a Dev and my skillz are barely a ¼step from script-kiddie.

All it took was ONE fucking time going to the Emergency room at a local hospital, and *SNAP* just like that, my data was all stolen from a massive data-breach.
the Settlement that I had to wait for 3 years to get was a paltry $18 and "Free Subscription" to a cut-rate Darkweb monitoring service.
*(also a bullshit trap-"Sure Igor, I'll give you all my private Info so you can run the same searches I can. Certainly ''that" won't ever be a problem.)

I still get pushback from overzealous cashiers who can't into off-script when I reply to their question: 
>"What's your PHONE NUMBER?"
with 
>"No thankyou, I don't do that."
It amazes me just how retarded people are. 
Seroiusly, go to a store sometime and "Fully browse" through the impulse buys on the endcaps. Listen to just how much crucial info is rattled off by customers just for that 25¢ off their can of creamed corn.
Now imagine a bad actor doing the same with an RFID scraper on a KALI platformed burner with a dongle.
...Just standing there...Scrapin' and a Scrapin'

I 'member back in 2004 being refused a job because I wouldn't put my SS# on my Application for Enslavement.
That Same fucking company got caught just throwing all those applications into the dumpster,(a common practice then,) with all their applicants' personal information nicely collected on a single page.

These days, it makes more sense to LET your ID get stolen and have several illegals use your SS# so you always have plausible deniability.

That does come with some sacrifice in lifestyle, but the alternative is having your comfy little corpo-McJob wages, your bank accounts,  your home, and your HIGHHOLYCREDITSCORE!!  compromised, plummeting you into the financial abyss.
Next time your are in a public place, say as loudly as you can get away with:
>Alexa! SIRI! How do I make Tannerite?
or
>Alexa! SIRI! Look up DRAGON DILDOES!

Fuck this ghey version of Pre-Cyberpunk, and fuck the retards for enabling and enforcing it.
[New Reply]
[Index] [Catalog] [Banners] [Logs] [Archive]
3 replies | 7 files
Connecting...
Show Post Actions

Actions:

Captcha:

Select the solid/filled icons
- news - rules - faq -
jschan 1.7.3