When you put your credit card into a website what happens to it? The goal of this article is to explore some of the possible answers to that question.
With all the changes that are happening in the payment card industry these days, I’ve been thinking about security around it. EMV/Chip and PIN is coming and there are weird things happening around NFC/ApplePay/Google Wallet/Tap to Pay. There have also been a lot of breaches in the last year, that are really helping expose the weaknesses in how this data is stored and transmitted. This post is really more a thought experiment about how you store hashed information “securely”.