Card issuers like MasterCard, Visa, and American Express set a deadline for October 1, 2015, for businesses to install payment processors able to accept EMV chip-based cards and almost six months later, we’re still seeing businesses lack urgency in transitioning to a more secure means of payment.

The implementation of the EMV chipped card was to help better protect personal information by creating a unique transaction code every time an EMV card is used for payment. While this technology will not prevent all data breaches, it’s a step in the right direction to help secure consumers personal credentials. Since the banks' deadline has passed to implement new payment terminals, the merchants and retailers are now held liable for fraudulent charges.

According to an identity fraud study conducted by Javelin Strategy & Research, in 2016 the number of identity fraud victims increased by three percent, roughly 13.1 million consumers in just the U.S. alone, totaling out at $15 billion for the year.

Even though the Chip & PIN implementation has lowered fraud over the last decade in Europe, U.S. banks still favor using chip cards with signatures, saying PINS provide little to no benefit in combating the $7 billion in annual U.S. card fraud.

The banking industry feels that PINS would only provide extra fraud protection when criminals try to use lost/stolen cards, a situation that accounts for only 14% of fraud. They instead feel that a more effective approach would be for retailers to embrace tokenization & encryption of credit cards.

A large number of retailers have not even begun to use the chip technology on credit cards and instead, continue to rely on the magnetic strip. Some retailers are even questioning why they should spend billions of dollars to enhance their POS systems if banks refuse to add chip-and-PIN technology.

Those businesses who have not installed EMV card compatible terminals are not breaking any laws or facing any penalties for non-compliance.

The state of the payment card industry’s security is in shambles with finger pointing by the banks and retail industry and it seems both industries have forgotten the most important thing: it’s up to you to protect your consumer’s information. Combatting fraud is not an easy task, but with EMV Terminals in place and instructing employees to verify customer ID’s, you can help eliminate your chance of fraud. But that’s not all- with the implementation of EMV terminals comes the increase in card-not-present fraud. This comes from criminals using stolen card numbers of e-commerce sites. That means that retailers need to be on the lookout for a spiked increase in fraudulent online charges.

One thing will remain the same- criminals will always want to steal your financial information. As cyber criminals grow in sophistication each year, so should your IT environment. POS terminals have been proven to be easy targets for criminals and simply too sensitive to leave them without defense measures implemented. When will you take action?

Start with the implementation of a hardened build standard with precision change detection, coupled with breach detection technology will ensure that, even if a breach is successful, you’ll at least be alerted to the fact immediately and be in a position to take action to prevent any card data loss. In addition to abiding by the PCI DSS compliance standards and adopting the latest EMV terminals, companies need to implement true end-to-end encryption and that also includes encrypting any data in the memory.

 

 

The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.