Why You Shouldn't Use Microsoft Windows11.

...

LMDE5 - Linux Mint Debian.

LMDE5 - Linux Mint...

Why Should I Not Use Windows10?

Here are a...

Pix App The Brazilian instant payment leaked data three times

English

Pix App The Brazilian instant payment leaked data three times

It is a payment method created by the Central Bank (BC) in which funds are transferred between accounts in a few seconds, at any time or day.

Pix was created to be a complete payment method. Any payment or transfer that today is made using different means (TED, card, bank slip, etc.), can be made with Pix, simply using a cell phone.

Using Pix, you don't need to know where the other person has an account. You carry out the transfer from, for example, a phone in your contact list, using the Pix Key.

Another difference is that Pix has no time limit or day of the week and resources are made available to the recipient in a few seconds. Pix works 24/7 between any banks.

Pix transfers can be carried out from a checking account, savings account or prepaid payment accounts.

Pix has the potential to:

  • leverage market competitiveness and efficiency
  • lower cost, increase security and improve customer experience
  • encourage the electronicization of the retail payments market
  • promote financial inclusion and fill a series of gaps in the basket of payment instruments currently available to the population.

It's practical, fast but is it safe?

The Central Bank (BC) has confirmed to CNN that there were three leaks of data from users using Pix.

The bank claims that no vulnerability was exploited, that is, access to sensitive data, on any system and Pix has several mechanisms that allow the protection and monitoring of the app.

Information from a total of 576,785 keys was exposed from three different leaks, the latest one in Feb 03 - 2022.

The leaked data is restricted to user identification information, such as full name and CPF, as well as account number, bank branch number and Pix key type.

What happens is that when the Pix key is entered to make a transfer or payment, some recipient data that should not appear at the time of the transaction are being exposed, such as bank account data or the complete CPF number (when this is not the Pix key).

The bank claims that the leaked information is personal but not sensitive, but they admit it could eventually facilitate some type of fraud.

Hackers could use this available information, to socially engineer the person, calling the person or sending an email, posing as the bank in order to capture their password.

The Central Bank recommends users that uses a Pix key to always be suspicious of SMS messages or in applications sent by unknown numbers and never click on links sent by such numbers.

Because banks in Brazil in fact calls people up, it makes it more difficult to know when receiving calls, if it is people impersonating banks or not. Thus never provide sensitive information, codes received via SMS or bank passwords, nor authorize remote access to the application or internet banking.

The bank states that people who had their registration data obtained from the incidents will be notified exclusively through the application.

My personal opinion is this:

Seeing as Android is almost never updated by the manufacturers ( usually you get 2 updates ),plus it is one of the most attacked operating systems besides Windows, so using a smartphone for banking isn't very clever. Almost every app you install requires full access to everything on your phone and there are plenty of Malware for Android.

It is a big risk to take to facilitate for the government and banks to have full control over your dealings with other people.

PIX - Banco central

 

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.

Disclaimer

All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.

 

Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.