For anyone that knows me well, it comes as no surprise that I find the attached video riveting. In it, Steven Pinker, a world-renowned, cognitive scientist, linguist and a brilliant person, describes several aspects involved in the evolution of language.

While watching this video, I was reminded of interview training I attended a few years ago where the instructor reminded everyone that people chose the words they do for a particular reason. (Seems obvious, I know). That is, for any two sentences that equally convey the same general point, there are subtleties there (as Pinker argues) that the interviewee or a speaker subconsciously chooses.

While Pinker’s talk is meant to focus on the evolution of language in terms of communication, I found it interesting to consider the possibilities this might play when interviewing someone in a fraud investigation. That is, the effects this language evolution has on answers in a stressful environment and conversely, how this might influence popular culture and communication.

Technorati Tags: Communications

I was driven to post something about health care fraud recently after a discussion with an acquaintance regarding alternative medicine.

Often people seek alternative forms of medicine out of desperation; conventional science having done nothing to improve their situation, they become more willing to try out slightly more unconventional methods to solve the problem.

While some may mock alternative medicine, modern science is currently having difficulty developing drugs to combat cancer which are more effective than the placebo effect. That is to say that the placebo effect is so strong that even some alternative, conventional or even bogus remedies can appear to work.

Back to my conversation with my acquaintance....

The conversation started off involving a pet whisperer. Now, I've seen people train horses as well as dogs without the spoken word. And then there's Cesar Millan and his techniques with pooches. But what I was about to hear was something completely different.

My acquaintance, we'll call him Jim, was so concerned about his dog's health, he brought him to a dog whisperer, or moreso a canine spiritual interpreter. Wonky, I know. But to Jim it made sense. After so many horrendous vet fees where his beloved friend never got any better, this 'alternative' form of healing seemed appropriate.
A hefty fee was spent and a 5 page report on how the dog felt (this dog apparently had complex emotions) was delivered. When I found out this 'interpreter' did their work, not in person, but by viewing a picture of Fido, I realised that Jim, had become comfortable with such a scheme out of desperation.

That brings me to the 60 Minutes story that aired this past Sunday regarding bogus stem cell therapies going on in the US and abroad.

The patients seeking this treatment, in this case those with debilitating and deadly ALS, sought alternative forms of medicine out of desperation. And while some forms of alternative medicine may help to heal, the stem cell therapies described herein do not exist in most cases, have no medical proof that they do anything, make false claims of 'cures' and are being performed by people posing to be doctor's with fake diplomas. And yes, they're bilking these clients out of hundreds of thousands of dollars for a full 'treatment'.

Technorati Tags: Fraud Prevention Health Care Fraud

It was literally the night before this article came out that my friends and I were discussing the effects of the transitions from mag stripe credit cards to the infamous and highly touted chip cards.

My friends (a bunch of brilliant code monkeys--commonly referred to as geeks... although one would rather think of himself as a rapping gangster...) touted the high degree of encryption and the exponentially greater amount of data able to be stored on the chip.

Impervious due to its new encryption?, questioned one.

But of course, nothing is forever secure, remarked the other. Eventually someone will break it. But how.... If the encryption was so strong?

Much like Houdini, or the spies of the Cold War, the answer was there in front of us the whole time.... We just couldn't see it.

That is, we were focusing on the strength of the encryption while someone else took advantage of a split-second transmission of data off the chip--whether or not to verify the transaction via PIN.

Check out the rest of the article to learn how Python was used to hack 'Chip and PIN'.

SECURITY THREATS TOOLKIT: Chip and PIN is broken, say researchers
ZDNet - February 11, 2010, 17:01 GMT
Chip-and-PIN readers can be tricked into accepting transactions without a valid personal identification number, opening the door to fraud, researchers have found.
Researchers at Cambridge University have found a fundamental flaw in the EMV -- Europay, MasterCard, Visa -- protocol that underlies chip-and-PIN validation for debit and credit cards.

As a consequence, a device can be created to modify and intercept communications between a card and a point-of-sale terminal, and fool the terminal into accepting that a PIN verification has succeeded.

"Chip and PIN is fundamentally broken," Professor Ross Anderson of Cambridge University told ZDNet UK. "Banks and merchants rely on the words 'Verified by PIN' on receipts, but they don't mean anything."

The researchers conducted an attack that succeeded in tricking a card reader into authenticating a transaction, even though no valid PIN was entered. In a later test, they managed to authenticate transactions, without the correct PIN, with valid cards from six different card issuers. Those issuers were Barclaycard, Co-operative Bank, Halifax, Bank of Scotland, HSBC and John Lewis.

Continue to the rest of the ZDNet article.

Technorati Tags: Counterfeit Credit Card Fraud Hacking