Even though you’ve done everything you can to protect yourself from becoming a victim of identity theft, many banks and other companies that are dealing with your credit card information are not as careful as they could be according to an investigation by Associated Press.
The problem is, each time you make a transaction using your credit card, the information on your credit card has to go through a number of computer networks for the transaction to take place leaving it open to hackers along with way. The problem isn’t as bad in Europe as it is in the USA since the advent of chip and pin.
Even companies with the so called PCI seal of approval for computer security have been the victims of massive credit card frauds, Heartland Payment Systems and RBS WorldPay to name only two.
PCI was formed in 2006 by major card brands in order to create standard rules for merchants but it hasn’t solved the problem, just take a look at the number of security breaches there have been over the past couple of years.
Either the hackers are getting smarter or the security on card processing systems is appallingly weak. Perhaps it’s a bit of both but there isn’t a great deal of auditing to ensure continued compliance with PCI.
Those companies and retailers who are not PCI compliant can be fined of course. Large organisations will have to stump up $25,000 for each month they are not compliant and smaller companies $5,000. Even though, they are still able to carry on processing payments.
Another issue is the fact that credit card companies want the transactions to continue, that is their business after all so it seems they are willing to put up with fraud as an inevitable part of their service. In other words, they don’t appear to mind too much.
“If they did mind, they have immense resources and could really change things,” said Ed Skoudis, co-founder of security consultancy InGuardians Inc. and an instructor with the SANS Institute, a computer-security training organization. Skoudis also carries out investigations into retail breaches in support of government investigations in the USA.
“But they don’t want to strangle the goose that laid the golden egg by making it too hard to accept credit cards, because that’s bad for everybody” says Skoudis.
Perhaps the solution is to levy fines for each and every individual card that is subject to a breach of security. That might make them sit up and take notice.
If you want to find out all the latest news on tech why not subscribe to our RSS feed?
Leave a Reply