Devil in disguise

Sarah El Sirgany
7 Min Read

CAIRO: With the increase in credit card usage, shopping is getting easier. But as the bill reaches a new high every month, card owners are also paying the even higher price of compromising their financial safety, especially if they are fans of Internet shopping.

Legal systems around the world, and especially in Egypt, are still adapting laws to criminalize credit card and electronic monetary thefts.

Less than two decades back, only tangibles crimes like stealing money were punishable. But when credit cards gradually forced themselves on the scene as practical alternatives to cash, money turned from paper to ones and zeros that only computers can understand.

Years passed before legal systems began recognizing electronic monetary theft as a punishable crime.

But this was only the beginning. At one point, the crime of forgery was only applicable to tangible information; i.e. forging the numbers displayed on a card. According to Dr. Gamil Abel Baky El Saghir, criminal law professor at Ain Shams University, the law didn t recognize forgery of electronic information saved on credit cards, although it now does.

Meanwhile, credit card and software companies are always in a race to catch up with the continuous innovations of cyber thieves. On their tails, legal systems are gradually recognizing this new type of crime, where at times the definition of what constitutes a criminal in the field varies.

People can commit these crimes while they are sitting at home and the credit card is still in the owner s pocket, says Judge Ahmed Amin Hassan. El Saghir points to a range of crimes that fall under this category. While some thieves steal the actual cards, others simply steal the card numbers and use them.

The original owners of credit cards can also use them illegitimately, whether by conspiring with others to use a card while claiming it was stolen or by drawing more money than their accounts permit. El Saghir adds that sometimes the merchants who are usually on the receiving end of the electronic transactions may also be guilty. For example, he continues, they sometimes conspire with owners of expired credit cards using the old version of manual machines.

Hassan says there are new terms in the law that fit the changing times. But like the worldwide scene, laws are still being developed to establish the nature of these crimes. For example, El Saghir explains, when a man steals an ATM card with the password and he tries to use it, the machine locks the card in. Should this man be tried for committing a crime or for attempting to commit one? What would the crime be, theft or fraud?

These questions and more were under discussion in a seminar held by the Egyptian Association for Prevention of Information and Internet Crimes. Speakers and attendees varied from computer science professors and students, representatives of local banks, and lawyers and law professors.

Before the seminar began, a number of computer science students were discussing how easy it is to rip off credit card numbers over the Internet. But, as figures in a presentation by Visa International later verified, Egypt sustains a relatively low number of these crimes. In fact, the region of Central and East Europe, Middle East and Africa contain one percent of all credit card crimes worldwide.

Credit card numbers are susceptible to being ripped off at different stages of Internet shopping, says Dr. Noha Abdel Sabour, computer science professor. One way these thefts are carried out is by conspiring with employees at credit card companies to obtain privileged information; these companies are the securest stage of monetary transactions.

Some programs generate random numbers on shopping Web sites, coming up with real numbers in the process. Some programs spy on keyboard strokes and save numbers and passwords in the process. Spoofing, she adds, involves directing the information entered by users to different Web sites in addition to the ones intended. Some illegitimate Web sites pose as legit ones and take the information directly from users.

Awareness, however, has helped in one type of information theft. Abdel Sabour notes that before people used to give out their credit card numbers to e-mails promising a prize. Now people know better, she adds.

Some software programs can have security holes that hackers use to gain personal information. But software companies work on fixing such holes as soon as they are discovered. Microsoft is one of these companies, she notes.

Programs have been developed over the years to counter the new methods continuously acquired by hackers.

To help guard against theft, users can check the security of the Web sites they are using. Secure Sockets Layers (SSL) is a type of security certification by Verisign that users should look for, Abdel Sabour explains, adding that if the Web address starts with https instead of http, it is secure. The same applies if it ends with shtml instead of html. Furthermore, lock-shaped icons indicate secure Web sites.

We want to ensure people that credit cards are the only alternatives to money and the transactions are not as dangerous as imagined, says Hisham Saleh, deputy director of credit cards at Misr Bank.

Mohamed Abdel Hamid, executive director of Visa International in Libya, notes the various security and awareness measures credit card companies take. In cooperation with banks, Visa offers awareness programs for both card owners and salespeople. It also cooperates with security authorities to curb violations.

Besides giving out advice, banks also have a role in minimizing electronic thefts, especially through the Internet. Banks now issue cards specifically for Internet and telephone shopping. In case theft occurs, these cards only have access to the intended account. Some banks offer prepaid cards and others offer cards that expire after a short period of time.

The smart chips, inserted in credit cards, are the newest addition. According to Saleh, these chips can t be forged, at least for now.

TAGGED:
Share This Article