GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

Oct. 1, 2011: D-Day for debit cards?


Industry Update

New Visa, MasterCard rates take effect

Heartland offers Durbin impact insights

Operation Swiper succeeds, cyber theft continues

World payments growing in recession

Trade Association News


An interview with Douglas Bergeron

Ken Musante
Eureka Payments LLC

Underbanked in America

Patti Murphy
ProScribes Inc.

Research Rundown

Helping to expand services while minimizing costs

Square versus the payments world

Tim McWeeney

Payroll and gen Y

Excelling at social media marketing

Selling Prepaid

Prepaid in brief

First Data powers prepaid for Google Wallet

Prepaid spot-on for incentives


Merchants lack focus, fraud eats profits

Patti Murphy
ProScribes Inc.


Street SmartsSM:
Vertical market tradeshows hold many helpful surprises

Bill Pirtle
MPCT Publishing Co.

Fraud's twists and turns in 2011

Nicholas Cucci
Network Merchants Inc.

Customer longevity in the new commerce chain

Dale S. Laszig
Castles Technology Co. Ltd.

Steps toward efficient IRS 1099-K reporting

Troy Thibodeau
Convey Compliance Systems Inc.

Company Profile

Lead Source Call Center

New Products

A complete online payment center

Transaction Express
TransFirst LLC

Cloud-based POS comes in three flavors

Moneris Solutions Inc.


It really is about you



Resource Guide


A Bigger Thing

The Green Sheet Online Edition

October 24, 2011  •  Issue 11:10:02

previous next

Operation Swiper succeeds, cyber theft continues

On Oct. 7, 2011, the Queens, N.Y., District Attorney Richard Brown indicated a credit card fraud and identity theft investigation dubbed Operation Swiper yielded 111 arrests and 10 indictments in Queens County, N.Y. The thieves allegedly stole more than $13 million in their 16 months of operation and were reportedly members of five credit card forgery and identity theft rings operating in the United States, Europe, Asia, Africa and the Middle East.

"This is by far the largest - and certainly among the most sophisticated - identity theft/credit card fraud cases that law enforcement has come across," Brown said.

According to the indictment, the thieves acquired stolen credit card information in various ways - among them, direct theft from cards, insider theft of card information, and purchasing stolen card data from underground websites selling data breach information. The stolen information was transmitted to a factory where bogus cards were forged using the information.

The newly minted fraudulent cards were then distributed to a network of gangs that would spread out to malls across the United States to buy high end electronics, clothing and other popular items with the phony cards. These items were then sold at discount to fencing operations that resold the goods to shady retailers.

Cyber crime still thriving

Unfortunately, some industry experts believe the arrests will have little effect on global cyber crime because hundreds of similarly sophisticated cyber theft gangs are still operating undetected around the world.

In talking about the case, Randy Vanderhoof, Executive Director of the Smart Card Alliance, a nonprofit organization working for adoption of smart card technology, said, "It is extraordinary law enforcement officials were able to catch up to and arrest as many as they did. There are actually few cases that are successfully investigated and the criminals rounded up. This is one of hundreds of cases. Most cases either go undetected or, because there are limited resources, law enforcement lets the hard task of cyber security go by while they focus on bigger and easier targets."

Vanderhoof believes a large part of the problem lies with the magnetic stripe technology used on most credit cards in the United States. He noted that the European Payments Council is drafting recommendations for the elimination of magnetic stripe cards there because of security concerns. "Mag stripe is the easiest point of attack," he said. "It is a static form of card information holder and not protected in any way."

Vanderhoof said while the Payment Card Industry (PCI) Data Security Standard (DSS) hardens the payment network for mag stripe data, it is not 100 percent effective. "Investment in PCI has not stopped fraud entirely," he said. "All it has done is slow it down."

Cyber security strategies

Mark Bower, Vice President at Voltage Security Inc. in Cupertino, Calif., said, "It's interesting to have a story like this surface because what it shows is, while law enforcement did a good job finding and arresting these people, [the criminals] still operated for 16 months converting stolen information into cash.

"It was also interesting to see there were apparently a number of criminal organizations coordinating to achieve this kind of heist of information not protected in the system's ecosystem. Clearly, the promise of $13 million can create a sophisticated network."

Bower believes end-to-end encryption, a solution his company sells, is at least part of the answer to building a healthy and secure payment network. "The vast majority of merchants shouldn't have to worry about security," he said. "They want transparency, security, and plug-in and play."

Bower anticipates cyber theft will continue at unprecedented rates. "You don't need to rob banks these days to get access to information and convert it to cash," he said. "The bottom line at the end of the day is if you are in a system that hasn't taken steps to protect the information it stores it's a matter of time, not a matter of if you are going to get hacked."

For additional news stories, please visit and click on "Read the Entire Story" in the center column below the latest news story excerpt. This will take you to the full text of that story, followed by all other news stories posted online.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Simpay | USAePay | Impact Paysystems | Board Studios