Tag Archives: credit card security

Immediate Vault Immediate Access

Mitigating Payment Fraud Risks

Posted on by

For businesses that thrive on person-to-person transactions, cash is quickly being replaced by cards, as well as tap-to-pay systems, mobile wallets and QR-based payment systems. These technologies will continue to dominate the market in the near future, but the long-term future of the payment card industry will likely be shaped by the impact of blockchain and artificial intelligence. These developments will eventually also impact risk management, marketing and financial planning, as they present opportunities for serious risks, including fraud. Hence, it is imperative for risk management professionals to plan for these short- and long-term changes in the industry.

Strong risk monitoring requires proactively assessing threats and planning mitigation measures to minimize risk impact on the company or organization. To help mitigate payment fraud risks, businesses can take the following steps:

Train your Employees Regularly

The more regularly you train your employees, the more likely are they to spot suspicious behavior, no matter what payment technology the business uses. Repeated and regular trainings are essential because employees tend to forget what they have learned with time. These training workshops should teach the workers to never accept damaged cards from customers, confirm customer identities, and never enter a card number manually.

Use Contactless and EMV-Enabled Terminals

As payment technology changes, businesses must evaluate what options are safest and least prone to fraud. Currently, businesses should use EMV (short for Europay, Mastercard and Visa), which involves chips embedded into payment cards—a significant step in making transactions safer. The introduction and adoption of EMV-enabled secure terminals, particularly when using PIN and EMV security together, has helped merchants and customers prevent fraudulent transactions.

Contactless smartcards such as chip and magnetic stripe cards use contactless payment, which can present another secure way to process transactions. Most EMV terminals are also enabled with contactless payment. At such terminals, a fast and secure transaction is possible using Near Field Communication (NFC) or Radio-Frequency Identification (RFID) via smartcard or smartphone. If a merchant chooses to use contactless payment without PIN, they can put a limit to the amount spent on each contactless transaction to further minimize risk.

Beware Uncommon Transactions

Transactions that involve unusually large purchases could be a sign of potential fraud. Businesses should examine such transactions closely and confirm the identity of the customer. Similarly, if several purchases are made with a card in a short timeframe, it could indicate that the card was stolen and being used by someone other than the owner.

Maintain Online Security

As merchants and consumers shift to contactless and EMV-enabled point of sale terminals, risk has shifted towards online transactions. To mitigate this risk, it is important for online businesses to use the Address Verification Service (AVS), which verifies that the billing information matches the one registered with the card issuer. Vendors should also ask for Card Verification Value 2 (CVV2) to verify that the user has the card in hand when placing the order. Another important check is to put a limit on an IP address for the number of cards it can use for online transactions.

Prevent Employee Fraud

Employee fraud is always a major concern for risk management professionals.  Businesses should remember to keep an eye on credit card activity, particularly returns, as employee theft often shows up in fake discounts or returns. Companies should create alerts that set limits on returns at stores and notify management any time those limits are exceeded.

Home Depot Confirms Massive Data Breach

Posted on by

Home Depot Data Breach

On Monday, Home Depot confirmed that a breach of its payment data systems may have exposed customer card data across the United States and Canada. The breach appears to have begun in April, allowing hackers to steal an untold amount of shopper information including credit card numbers.

online pharmacy ocuflox with best prices today in the USA

The home improvement giant disclosed on Sept. 2 that it was investigating reports of “unusual activity” and, a week later, determined that any customers who used a card in the U.S. or Canada is at risk, though the breach does not appear to impact shoppers online or at retail stores in Mexico. In an official statement, the company assured that no one would be held responsible for fraudulent charges and offered free identity protection services, including credit monitoring, to anyone who has shopped at one of its locations since April.

As with the massive Target data breach, the Home Depot news was first broken by cybersecurity journalist Brian Krebs. The data went up for sale on rescator. So, the same underground store that sold credit card information from the Target and P.

online pharmacy zoloft with best prices today in the USA

F. Chang’s breaches, and may have been stolen by the same group of hackers. Krebs reported, “In what can only be interpreted as intended retribution for U.S. and European sanctions against Russia for its aggressive actions in Ukraine, this crime shop has named its newest batch of cards ‘American Sanctions.’ Stolen cards issued by European banks that were used in compromised U.S. store locations are being sold under a new batch of cards labeled ‘European Sanctions.'”

Given the five-month duration, this breach may be many times larger than the Target attack, which exposed 40 million credit and debit cards and the personal data of 70 million customers in three weeks. The Target breach led to the resignation of its CEO and cost the company almost $150 million in the second quarter alone, according to the New York Times. In fact, the toll may reach ever higher. “I don’t see how they’re getting out of this for under a billion, over time,” John Kindervag, the vice president and principal analyst with Forrester Research, told the Times, adding, “$150 million in a quarter seems almost like a bargain.” Beyond the company itself, Javelin Strategy and Research reported at the time that total damage to banks and retailers could surpass billion, and consumers could be liable for more than billion in uncovered losses and other costs.

online pharmacy clomid with best prices today in the USA

One of the most promising ways to increase point-of-sale security is through the adaptation of EMV chip technology, as discussed in the March issue of Risk Management. In Europe, 81% of cards have EMV chips, and countries that have adopted the technology saw sharp declines in credit card fraud. In England, for example, the amount of fraud per transaction has dropped 57% since 2002, while it has risen almost 70% in the United States over the same period, according to consulting firm Celent. As part of its breach response, Home Depot announced plans to escalate adoption of EMV, installing “chip and PIN” checkout terminals throughout its U.S. stores by the end of the year. Target made a similar move in April, saying that it will issue its branded REDcard credit, debit and co-branded credit cards with MasterCard chip technology beginning next year.