Feeds

Reg readers crack case of the $23 quadrillion overcharge

<empty field> + binhex = Visa FAIL

Top 5 reasons to deploy VMware with Tegile

It seems an empty amount field is the culprit in the programming glitch that caused some 13,000 holders of prepaid Visa cards to receive warnings that their accounts were overdrawn by more than $23 quadrillion.

At least, that's the theory advanced by several Register readers, who posit an 8-byte blank field was converted to binary format, giving it a value of 0x2020202020202020. Converted to an integer decimal, that translates to 2,314,885,530,818,453,536, an amount that's not far off from the number of cents these customers were charged for a wide variety of purchases.

To recap from Wednesday, Visa sent about 13,000 customers statements claiming their accounts were overdrawn because of a charge for exactly $23,148,855,308,184,500.00. The company quickly identified the problem, which it blamed on a "temporary programming error," and corrected the charges.

Of course, Visa didn't detail the programming error, and that made some of you curious. In a comment titled "Visa deserves glitchslapping?," an anonymous coward pointed out that the incorrect charges, which applied to purchases for cigarettes, gasoline, and sundry other items and services, came to exactly 2,314,885,530,818,450,000 cents, which when converted to binhex comes to 2020202020201250.

"It looks to me like somebody blank-filled a field, plopped the actual charged amount into the end (hex 1250, decimal 4688, likely amount $46.88), and then interpreted the entire field as a hex number," AC wrote. "If so, this is the kind of bug that would have been caught in even the most cursory testing, in which case the 'technical glitch' Visa talks about was not really in the software--bugs happen--but in their own shoddy procedures that allowed untested software to go live."

This still doesn't explain how 13,000 people could all be charged precisely the same amount for purchases whose real-world value were vastly different. Reg reader Stuart McConnachie, who also forwarded the binhex theory, guesses the identical overcharge is the result of a rounding error. When converting to a real number, only the first 15 digits were included, he said. The remainder were converted to zero.

While several of you were astonished that such an elementary mistake could have made it into Visa's live production, at least one reader was impressed that the company's computing system was robust enough to handle the error without crashing.

"I'm impressed at their systems' coders who wrote a system capable of coping with figures like that, and not falling over!" NogginTheNog wrote. "I mean I've heard of inflation-proofing, but really..." ®

Security for virtualized datacentres

More from The Register

next story
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
Mozilla shutters Labs, tells nobody it's been dead for five months
Staffer's blog reveals all as projects languish on GitHub
'People have forgotten just how late the first iPhone arrived ...'
Plus: 'Google's IDEALISM is an injudicious justification for inappropriate biz practices'
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
Not fit for purpose on day of launch, says Cupertino
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.