28 year old Albert Gonzalez has recently been charged with stealing 130 million credit and debit card numbers.

This is on top of the 100 million credit card numbers he stole before. Gonzalez acquired the numbers by breaking into the computers of, amongst others, payment processor Heartland Payment Systems. Add this to the rising number of skimming attacks and other forms of identity theft and it seems that no bank account is safe from crooks.

Always a step behind
Banks, in the meantime, are struggling to keep up. The EMV card, a chip card that is to replace the old magnetic cards which are vulnerable to skimming attacks, has been conceived in 2006 and is scheduled for release in 2011. Traditionally, the people set to secure the computer systems that handle bank transactions are one step behind the criminals breaking into them. And, in the meantime, no real solution for identity theft has been found. It is often up to the customer to notice something is wrong, to notify their bank and undertake appropriate action.

The question is: will we ever win this battle? Or will criminal attacks only increase, both in complexity and numbers, until it will simply become too costly to stop them? Is it realistic to expect that every dollar transacted can be accounted for? Could we perhaps design a less rigid payment method, that focuses on an individual or a company’s inherent worth, which is much harder to steal?