Hacking takes seconds, say experts at Newcastle University

Hacking can take less than six seconds say experts at Newcastle University Credit: Dino Stanin/PIXSELL/Pixsell/PA Images

Criminals can hack a bank account in as little as six seconds, according to research by Newcastle University.

Working out the card number, expiry date and security code of any Visa credit or debit card is 'frighteningly easy' according to the experts at Newcastle University, and requires nothing but guesswork, a laptop and an internet connection.

Using Distributed Guessing Attack, fraudsters are able to break through all of the security features put in place to protect online payments from fraud.

By process of elimination, hackers are able to verify all of the necessary security data required to get in to an account.

Investigators believe this guessing attack method is the likely cause of the recent Tesco cyberattack which defrauded customers of £2.5m.

Visa, however, told ITV News Tyne Tees the research does not take into account the multiple layers of fraud prevention that exist in the 'real world.'

Visa debit and credit cards can be hacked in six seconds Credit: Chris Radburn/PA

The team from Newcastle University found neither the network nor the banks were able to detect attackers making multiple, invalid attempts to get payment card data.

And they say the risk is greatest at this time of year when so many of us are purchasing Christmas presents online.

Mohammed Ali, PhD student at Newcastle University and lead author on the paper explains:

So how do we keep safe from cyber crime? Newcastle University’s Dr Martin Emms, co-author on the paper advises:

A spokesman for Visa said: "Visa is committed to keeping fraud at low levels and works closely with card issuers and acquirers to make it very difficult to obtain and use cardholder data illegally.

"We provide issuers with the necessary data to make informed decisions on the risk of transactions. There are also steps that merchants and issuers can take to thwart brute force attempts.

"For consumers, the most important thing to remember is that if their card number is used fraudulently, the cardholder is protected from liability.

"Visa welcomes industry and academic efforts to identify and address perceived vulnerabilities in the payment system. Along with our own internal monitoring and testing, this enables Visa and the payments industry to make payments ever more secure."