So here's a question: Scammers are always trying to get people to buy gift cards and then read them the code, so that they can get their money launderer to redeem them online or something?
And there's be some sort of hash function or whatever used to generate the voucher codes to stop people just trying to guess them sequentially?
Sort of like activation codes on software? So why has nobody written apple_gift_card_keygen.exe?
@uastronomer Interesting question. I guess it’s more than a (bad) hash of a sequence number and a secret. If you don’t want to check against a full database of all cards at least a part of the code needs to point into the direction of the expected content that was hashed.
And the cards are activated at POS, so they are worthless if stolen from the store - at least in my area.
@chris Okay, so the real problem is generating codes that match cards which are already sold but not yet redeemed.
That'll be it then. Presumably the number of valid codes is enough orders of magnitude higher than the number of active, unredeemed codes that this sort of brute-forcing wouldn't be practical, and probably attract a lot of attention.
Add comment