Re: Sounds horribly complicated
Worrying about highwaymen and mail coaches is rather apt, Think Russia vs Democrat Party's mail servers.
I go with the 'payment system compromise' option as being the Occam's Razor argument for the most likely explanation with the least number of factors affecting that explanation. Security companies must have been warning Tesco for a good 9 years now that they were heading for a total meltdown in every single one of their online portals. Here's a few examples that I can recall off the top of my head:
- In 2012 they were warned that using IIS6 with .Net1 for the online shopping payments system was not good for security
Likewise, sending customers plaintext emails with their password on 'I have forgotten my password' requests was bad.
Storing customers' credit card details in a plaintext cookie was wrong.
Redirecting customers back to an insecure (non SSL) page for payment conformation, despite showing the confirmation code from the payment portal, was wrong.
Sorry Tesco, but it looks like the vultures (excuse the ElReg pun) may have come home to roost.