Hackers can now break into previously secure systems on the Internet and could use Barclaycard’s new interactive electronic magazine to reach confidential information on the magazine’s users as well as business data used by Barclays Bank.
They can subvert a defensive system called a “firewall”, which is designed to keep out hackers by distinguishing between a computer which is electronically “trusted” by a service on the Internet and others which are not.
Hackers can “impersonate” the trusted computer through copying the electronic “handshake” to gain access beyond points available to legitimate users.
Last month Barclaycard launched its Netlink interactive electronic magazine (MW January 13) – the first UK credit card to offer services on the Internet. Barclaycard has installed a firewall preventing Internet users reaching files other than those designed for public access.
Barclaycard says Internet hackers could not gain access to accounts since the account number is never used on the Internet. But they could gain access to customer e-mail with the credit card service as well business information used by its Emerging Markets Unit, which is on the Internet, and Barclaycard Netlink may now be vulnerable.
This development must also set back any plans which Barclaycard and other credit card services have to offer on-line payment services on the Internet.
“Lack of security is one of the reasons we are not offering services like this. Nor do we encourage people to give credit card numbers over the Internet since these are numbers of active, live accounts,” says a spokeswoman.
On-line payment may become a feature when card numbers can be securely encrypted on the system.