The Logic Group Blog

Following recent news that more than two-thirds of companies have been hit by data breaches over the past year, the report featured in Computer Weekly is an interesting, if not alarming, confirmation that fraud is on the rise. Although person-present payments have improved security measures due to developments in global security standards like PCI DSS; cyber attacks still continue to be an area of vulnerability for businesses across the UK.

In many cases executive IT and security professionals trust their Information Security departments to provide adequate security to protect employees while operating in their business environment. However it is rare for users to extrapolate this security to a home environment.

 

What does this mean in practical terms? Well, an enterprise will normally provide a risk analysis of a security threat and then provide adequate controls to mitigate that risk to an acceptable level. And users need to consider the same things when at home. So what are the considerations which IT directors should take into account when looking at cyber security provisions for mobile workers?

As more brands adopt contactless technology, how many consumers and staff at the check-out really understand its benefits and how to use it?

 

Last month Neira Jones, Head of the Payment Security Team at Barclaycard, reported in an interview with Grocery Trader that there are now around eight million cards with contactless functionality across the Barclaycard Group, she also confirmed that Barclaycard “see contactless being as safe as cash, if not more so.”

According to the January 2010 report from the National Fraud Authority, fraud now costs the UK an eye watering £30 billion a year. 58% of fraud is committed in the private sector with tax fraud hitting £15.2 billion, and, in the private sector, financial services companies and organisations are said to suffer yearly losses of £3.8 billion through crimes including mortgage and insurance fraud, online banking, cheque and card fraud.

100% security doesn’t exist.

 

The frustrating truth is that almost every organisation will suffer a security breach at some point. Whether it is the defacing of a website, loss of data through a Trojan horse or the corruption of a system by a virus or worm, most companies will experience some form of data breach. This includes merchants who have diligently put measures in place to prevent fraud by implementing the correct security processes and procedures, enlisted specialist third-party anti-fraud services, adhered to appropriate industry initiatives such as 3D Secure and CV2, and complied with PCI DSS to protect their infrastructure against attack.

PIN Entry Devices - Marketing campaigns at a consumer level

 

It’s been a while since I have been reminded to “insert my card into the chip and pin reader” by a retail assistant. Industry regulations have shaped consumer behaviour, and by now, many of us instinctively hover over the reader waiting for the moment of payment. Pin Entry Devices are becoming increasingly part of a retailer’s image, and price is not the only factor in device selection. PIN Pads must enable chip and pin transactions of course, but this is a commodity. What else can the PIN Pad do to convince a store that it merits the investment?

In the fast changing technology landscape a week does not pass by without a new Game-changing social media app, a new service in the cloud or some other provocative evolution. What chance does a regulator, such as PCI SSC have in setting a standard that applies to all the technologies employed in payments? Two years since PCIDSS 1.2, PCI DSS 2.0 is now upon us and this was one of topics discussed at a recent QSA roundtable...