|
|
|
|
|
|
by hartez
5057 days ago
|
|
|
In this case it's not as much about keeping it secret (since anyone who sees/handles it might have the number memorized or recorded) as it is reducing the attack surface. If the full number is on a discarded receipt (or on any combination of two receipts) along with my signature, anyone with access to my trash now has a big chunk of the info they need for identity theft. I'm not saying that obfuscating the first 12 digits on a receipt solves the problem; just that it's a very minor adjustment that makes things more difficult for the attacker. But some organizations are still failing at even these most rudimentary steps. |
|
|