Library Technology – Reviews, Tips, Giveaways, Freeware

Financial Data Protection: What Companies and Consumers Need to Know

Posted In Business, Security - By Techtiplib on Wednesday, March 26th, 2014 With No Comments »

Recent data breaches at Target, Michaels and Neiman Marcus have highlighted the security weaknesses of today’s magnetic-stripe credit and debit cards. Additionally, the breaches have highlighted the importance of both protecting customer data and responding quickly to a data breach in progress.

In today’s world, attackers have grown more persistent and intrepid than ever before. Customers have to deal with the fallout of identity theft, and businesses have to deal with lawsuits and government penalties. In addition to deploying enterprise data protection solutions, both companies and consumers need to know how to guard their financial data.

Financial Data Protection for Consumers  Consumers who discover that they are potential victims of a data breach should take advantage of services offered by retailers.

The Problem With Magstripe Cards

The magnetic stripe (magstripe) on the back of credit cards, which contains all information required to make a purchase, was invented at the same time as the Ford Pinto and about a year before the floppy disk. Magstripes are vulnerable because they’re easy to duplicate. For example, an attacker could take one Target customer’s information, press the information into a new magstripe on the back of any plastic card and then use the new card to make purchases anywhere in the U.S.

Most developed countries with the exception of the U.S. have switched to chip-and-PIN cards. Chip-and-PIN cards store financial information on an embedded microchip. Then, the customer enters a PIN into a reader to complete the purchase. Chip-and-PIN technology couldn’t have kept attackers from stealing Target’s customer data, but it could have prevented criminals from making new credit cards with the data. Until chip-and-PIN is more widely accepted in America, merchants and consumers have to protect data despite the weakness of the magstripe card.

Financial Data Protection for Merchants

On one hand, accepting credit cards helps small businesses to be more competitive. On the other hand, small and medium-sized merchants may not have deep enough pockets to absorb the costs of data breaches. For businesses of any size, protecting customers’ financial data starts with a few easy steps:

  1. Review records carefully. Make sure to keep a close eye on company financial records and customer data. Monitoring data two to three times per week can help businesses to notice suspicious activity more quickly. In some cases, banks can offer monitoring services and can help small businesses design their own security solutions.
  2. Minimize the number of payment terminals that you use. Small businesses may be able to skip bulky POS systems altogether and use secure mobile payment solutions like PayPal Here and Square. Both programs feature encrypted card readers as well as end-to-end data protection. Companies that need standalone POS terminals should use only as many registers as necessary. They should also take registers offline when they aren’t in use and should enforce strong employee password policies.
  3. Patch and update immediately. Companies of all sizes should regularly download software updates and security patches. Even if updating slightly disrupts business, it will pay for itself tenfold by preventing data loss.
  4. Implement PCI security standards. Although PCI standards are voluntary, implementing them provides significant liability protection. Learn more by visiting the PCI Security Standards Council website.

Financial Data Protection for Consumers

Consumers who discover that they are potential victims of a data breach should take advantage of services offered by retailers. For example, Target is offering a full year of free credit monitoring for customers whose data was stolen, and its website gave Red Card holders the opportunity to change their PINs.

Additionally, consumers should use credit cards instead of debit cards as often as possible. Credit cards are safer than debit cards in many cases because credit card companies don’t hold consumers liable for money lost to fraud. When debit card information is stolen, consumers can be liable for as much as the full balance of their bank accounts. Consumers who want to pay with debit cards should avoid entering their PINs and use their debit cards as credit cards at POS terminals.

Finally, consumers should never offer their financial data, login or password information in response to an unsolicited e-mail, text message or phone call. Instead of clicking on links or calling a number left in an unsolicited voicemail, consumers should find the official contact numbers of their banks and confirm whether or not requests for data are legitimate.

About - Hey, this blog belongs to me! I am the founder of TechTipLib and managing editor right now. And I love to hear what do you think about this article, leave comment below! Thank you so much...