* Posts by robb

4 posts • joined 25 Jan 2011

TalkTalk offers customer £30.20 'final settlement' after crims nick £3,500


Re: Tokenised?

Tony S - yes, though any set up that has been properly designed won't allow access to the 'real' secure data using the tokens without additional authentication and/or IP based filters. I used to use a tokenised payment gateway in a previous life and getting the tokens from us would have been only one part of a pretty extensive hack. Nothing is impossible, but the tokens alone shouldn't be the keys to the castle.

Hard to comment on whether TT have done things properly, of course...


Re: Tokenised?

Tokenisation is a mechanism by which the secure data (in this case, and usually, the CC number, etc.) are passed to a separate part of the infrastructure (or a 3rd party) and a token is returned as a reference. The token has no intrinsic value, but can be used to utilise the secure data.

The obvious advantage of this is that a breech doesn't give out credit card info in any form, encrypted or otherwise. If someone gets access to the tokens then the part of the infrastructure (or the 3rd party, if one is being used) should only allow access to the secured data for a valid token from a valid source using some properly secured mechanism, making it relatively easy to secure the confidential info e.g. by having the secure data stored on a private, possibly non-Internet accessible network that is only accessible from the company's sites (or more likely, very specific servers at said sites).

This is a pretty common approach as part of gaining PCI compliance for companies that process CC info, but of course it is mostly only used for the credit card data, not the rest of the personal data so if the personal data other than the CC info allows people to be conned out of cash (or have their money taken directly through some route other than their CC) then it isn't a panacea.

Apple 'iWatch' trademark filing hints Cook's make-or-break moment looms


Mr B

Kreyos (http://igg.me/at/kreyos/x/3803346) are already trying to be innovative in this space - can Apple beat them to it (and if they do, will it be good news or bad news for Kreyos and Pebble) ?

I do wonder how many devices I am supposed to carry. iPhone, iPad (or Android tablet, having both), laptop. a smart watch might replace my normal watch (or might not) but it's yet another device to keep charged.

Gates, Woz, and the last 2,000 years of computing


Atari 800?

I had many 8bit systems over the years, including a couple of Atari 800 variants, and they competed pretty well with the C64. In fact the Amiga was the decendant of the Atari 800, both being designed by Jay Miner (and you could kinda tell, IMO, if you knew the innards of the graphics hardware on both).


Biting the hand that feeds IT © 1998–2019