The importance of providing adequate credit card security for your customer base can't be over-emphasised. In 2013, US retailer Target was compromised, when one of the world's biggest security breaches impacted 40 million customers, by exposing their financial information to hackers. This credit card security breach was precipitated when malware was introduced to the POS systems in-store.
More than 1800 stores were affected by this credit card security breach. Encrypted debit card PIN cards were compromised as part of the attack. This is one of five major credit card security breaches to occur across industry. In a 2014 breach of Kmart security, customers were compromised by internal malware. In November of 2014, it was reported by that the new 'chip-in' PIN cards which will be instated in the US widely in 2015, contain a potentially critical flaw. The contactless card on these cards and those developed by Visa in the UK does not recognise any transaction made in non-UK currencies, which means it may be duped into accepting a transaction up to 999,999.99 in another currency.
Since these types of contactless cards need only be in the vicinity of an appropriate card reader, a thief using such a machine could be nearby and obtain the details of such a card from a wallet or handbag. This type of device can be constructed using a basic mobile phone.
Security Standards for Credit Card payments
In 2013 more than 800 personal and financial records were breached worldwide, which translates into 2164 separate incidents of data loss. According to a Verizon report, 31.3% of European organisations are compliant with approximately 80% of DSS 2.0 controls, lagging North America at just over half and Asia Pacific at 75.0%. These figures indicate that UK businesses need to become far more pro-active about credit card security to avoid becoming targets for hacking and malware. Clearly credit card security needs to be of the utmost importance to small and medium business owners as well as the much larger retailers and industries. 72% of credit card security breaches were internal, but a staggering 25% were internal hacking incidents. When it comes to credit card security, PCI-DSS control should be, at the very least, a minimum standard which a business can embrace to ensure the safety and security of their own and their customers personal and financial information.
The Future of Credit Card Safety Standards
Clearly, as mobile credit card security systems continue to be used and get more sophisticated, improving the methods of protecting customer information will need to become a priority around the world. As contactless cards become the norm, new ways to protect the data of personal and financial information must become critical. As a small to medium or larger industry a portion of that responsibility lies with you. Customers trust companies to be a secure location for credit and debit card purchases and every business needs to make credit card security a priority for their customers.