What Is A Currency Rounding Attack?

Keeping track of the many different types of attacks in this day and age is a hard thing to do. We all use so many different types of software packages that it is hard to be able to keep up.

And then you add to that the many different types of web sites that you visit and the security flaws in them then you can start to truly see how hard of a job security really is. Even attacks that are considered older tend to get overlooked over time.

So while the number of attacks can be overwhelming, you have to remember that there are even border line legal attacks going out over the web. These are attacks that are not quite illegal but are considered to be dubious at best. One of these types of attacks happens to different banks all of the time. It is called currency rounding and is something that has been around for almost a decade.

What Is A Currency Rounding Attack?

It is pretty amazing that online banks are as secure as they are. If you think about it, there is no bigger target to go after than someone’s bank account. And while they do get penetrated, the attack to success ratio is pretty good in favor of the banks. But like we said, currency rounding is one attack that does not get a lot of attention but you see it a lot.

Currency rounding is the ability to take a flaw in computer code and make the rounding effort of the software work in the favor of the attacker. This happens when there is a conversion in currency between two countries. The conversion of the US dollar to Euros is a good example. There is always a trail of numbers behind the decimal point when you are dealing with conversions like this. Instead of dealing with that trail of numbers, the bank will usually round either up or down to complete the conversion. The rounding happens to the nearest number. People who do a currency rounding attack are able to figure out how to make this rounding error go in their favor. So they end up making money by doing this attack thousands of times.

So when you are dealing with the banks when it comes to the conversion of money, make sure that you do not run into this type of attack.

If you would like to know more about currency rounding attacks then there is an excellent article on the topic over at Help Net Security.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind

*