Sony Assures Credit Card Data Was Encrypted

[Krion_Vark]

Sony, look down.

See the fire? That's coming from your pants.

In all seriousness, I am just glad that I don't own a PS3. I really hope no ones data gets stolen.

The thing about encrypted files is that you can still take them its just they are useless unless you unencrypt them. If someone wanted the CC numbers they would take them encrypted or not and try and unencrypt them. It might be a while but someone will unencrypt them.

 

[Frizzle]

Did everyone miss the quote in this article where Sony said they have no evidence that credit card info was stolen? Only where you live? Not trying to be mean, but it seems like everyone is focusing on certain words, and not the entire sentence...

The Q&A states: "While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility...."

 

[faefrost]

So wait, we shouldn't worry because the CC data was encrypted???

UMMM???

Wasn't the console and the PSN network encrypted as well? how well has that worked out?

 

[Wicky_42]

Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network."

So I guess that you requesting it every time I want to buy something from the Playstation Store doesn't count? Don't lie, Sony.

In their defence, the fact that you need to re-input the code every time shows that it's not being stored, just used per transaction, so I think on that count they are in the clear.

That said, wasn't their console encrypted? What's the bet that they made the same damn mistake with their credit card encryption that they did with their DRM system and have it all open-able by a single key?

 

[wooty]

I'm glad I got my old, non-functioning credit card entered in my PSN.

Hmmm, you may have just relieved some worry from my own mind there, I dont think I've used my new card on PSN since getting it issued a few months ago. I only wish I could access the network to find out now

If you go through your e-mail, it should tell you. I got an e-mail confirmation every time I put money into the wallet (then another e-mail because I buying something). Look though, it should be from [email protected] and the subject should be 'PlayStation(R)Network Wallet Funding'. That tells you what card you have (type and the last 4 numbers, of course XD

You utterly wonderful person, thank you for this info, just checked it now and it is my old cancelled/destroyed card. Well thats one worry off my mind for now.

 

[beema]

What about this:
http://www.destructoid.com/sony-didn-t-need-your-cc-security-code-except-it-did--199973.phtml

hmmm

 

[Aardvark Soup]

so the hackers that were able to steal pretty much everything from a major corporation will be utterly thwarted by Sony's encryption? sounds sketchy.

Unless they use a practically infallible encryption method like 3DES or RSA with an acceptable key size, like almost everyone in the world does these days. And with practically infallible I mean completely unbreakable without the aid of a quantum computer, time machine or algorithm that mathematicians and computer scientists have been unsuccessfully looking for for about 40 years (that highly probably doesn't exist).

 

[erztez]

so the hackers that were able to steal pretty much everything from a major corporation will be utterly thwarted by Sony's encryption? sounds sketchy.

Unless they use a practically infallible encryption method like 3DES or RSA with an acceptable key size, like almost everyone in the world does these days. And with practically infallible I mean completely unbreakable without the aid of a quantum computer, time machine or algorithm that mathematicians and computer scientists have been unsuccessfully looking for for about 40 years (that highly probably doesn't exist).

You are talking about people who stored unhashed passwords...
Nuff said.

 

[Aardvark Soup]

so the hackers that were able to steal pretty much everything from a major corporation will be utterly thwarted by Sony's encryption? sounds sketchy.

Unless they use a practically infallible encryption method like 3DES or RSA with an acceptable key size, like almost everyone in the world does these days. And with practically infallible I mean completely unbreakable without the aid of a quantum computer, time machine or algorithm that mathematicians and computer scientists have been unsuccessfully looking for for about 40 years (that highly probably doesn't exist).

You are talking about people who stored unhashed passwords...
Nuff said.

Wait... what?! Okay, that's just awful. Forget what I said, I just had the idea Sony was at least somewhat competent in this area...