A group of researchers has created a new tool that can guess credit card information in just a few seconds. The experiment was to show how easy it is to breach credit card security. The group also comes with a solution how to further prevent such circumstances from happening.

A group of security experts from the University of Newcastle has demonstrated using their new tool that a lot of websites is easy prey for a lot of hackers. These websites are usually online stores, even the most popular retailers.

The tool is a credit card querying system that sends out payment requests to different types all at the same time. Using the system, they started with the six digits of the card followed by the expiry date and security code. Within seconds, the group got all the information it needs, enough to create a copy of the credit card using the information they acquired.

Mohammed Aamir Ali, a Ph.D. student at Newcastle and the leader of the research, said that it is easier to breach credit card security because they use different types of processes to verify the ownership and identity of the cardholder. They got these fragmented pieces of information to build the security information.

With this process of validation, they said that online retailers are aiding the hackers in getting all the necessary credit card security information to create an online transaction.

The team said that their tool was able to run a hundred of queries in different websites without being detected or triggering an alarm to the sites' payment system. The team also added that although this method is being used to steal credit card security information but it shows the possibility and practicality of such attacks.

After demonstrating the possibility of the attack, the team made some recommendation to avoid this. They said that centralization and standardization are two methods that can prove effective against such attacks.

With standardization, all online retailers will have a uniform payment interface to prevent the attack from scaling. This limits the information floated around the Internet. Centralization, on the other hand, provides different payment networks which have a "full view over all payment attempts associated with its network."