Menu
RSS
Security / PCI Compliance

The stakes have gotten higher when it comes to protecting consumer data. Some highly publicized, significant data breaches have motivated retailers and solution providers to rethink their approaches to data security. It’s a constant challenge to stay ahead of hackers and other criminals, but it’s also an industry mandate. Find out more about new solutions and how to keep up with PCI compliance here.

Why Retail Is The Hottest Target For Hackers

Five trillion dollars in U.S. retail spending is very attractive to cybercriminals. The large volumes of financial data continuously processed by payment and retail vendors is highly valued and can provide criminals with easy payouts. This is a big cause for concern, as Trustwave’s Global Security Report found that the retail industry was the most compromised sector for a fifth year in a row, and the primary target is payment card data. Payment data is most commonly stolen through point-of-sale (POS) breaches, which make up 64% of all incidents, and a magnetic stripe data attack was the second highest at 33%.

Mastercard Invests In Biometrics Security Firm

Mastercard has named HYPR Corp., an authentication solution provider, to the latest class of Mastercard Start Path — a global initiative designed to support innovative startups in retail, fintech, security and Big Data, and help them achieve scale. In October 2017, HYPR secured an initial $8 million Series A funding round led by RRE Ventures, but Mastercard led an additional $2 million investment in the platform. Total capital raised to date now stands at $13 million.

Mobile Commerce’s Most Dangerous Fraud Tactics And Ways To Stop Them

From 2012 to 2015 mobile commerce grew from $24 billion to $122 billion in the U.S. And with this growth came an increase in fraud and an all new breed of fraud threats. Nearly 40% of merchants surveyed by Kount indicated that mobile fraud had increased, up 17% over the previous year. Criminals have discovered new ways to leverage mobile as a means to commit fraud. Mobile fraud is negatively impacting merchants’ bottom lines. One study from Javelin Strategy found that 16% of chargeback losses stem from mobile transactions, nearly equal to losses stemming from in-store purchases. The same study pointed out that retailers are overly reliant on username and password to authenticate purchases.Unfortunately, these simple identity factors are not enough to stop sophisticated criminals.

The Grinch Who Stole Business: Don’t Let Fraud Derail Your Holiday Peak Season Success

One of the most watched holiday season specials is the cartoon adaptation of Dr. Seuss’ “The Grinch Who Stole Christmas.” While the Grinch that steals from the “Who’s in Whoville” is a figment of literature that eventually sees the error of his ways, the Grinch that impacts retailers — fraudsters — is very real, and their taste for thievery grows significantly every year, especially during holiday peak season. According to global consumer and business credit reporting leader Experian, e-Commerce fraud increased to 33% in 2016 compared to 2015. Much of this fraud originated from the 1,093 data breaches that occurred in 2016 —  up 40% over 2015, according to the Identity Theft Resource Center (ITRC). Predictions for 2017 are for an even higher rate of fraud, based on ITRC’s report that 791 breaches took place in the first half of the year, which set a very dubious half-year record.

75% Of U.S. Shoppers Say Identity Theft Is A Major Holiday Concern

Identity theft during the holiday season worries three quarters of consumers, according to a survey conducted by Generali Global Assistance. An even higher percentage, 84%, say a past data breach would affect their willingness to do business with a retailer. As many as 57% of shoppers believe a data breach of an online merchant will pose the greatest identity theft threat this holiday season, while 22% consider a data breach of a brick-and-mortar POS system to be the most acute risk.

Direct-To-Consumer Focus Motivates IT Upgrade At Tommy Bahama

Strategy sessions held back in 2015 had far-reaching impacts for Tommy Bahama. These meetings were the beginning of what has grown into an ambitious program for upgrading many of the apparel brand’s key business solutions, including order management, warehouse management, retail store operations, analytics, merchandising and its entire e-Commerce ecosystem. The 160-store retailer has a thriving e-Commerce business and also operates restaurants in 18 locations. The IT upgrades, scheduled to take place through summer 2019, will bring an enterprise-wide view in two important strategic areas: order management and analytics. Tommy Bahama anticipates significant benefits, according to Lisa Atwood, EVP of Operations, IT and eCommerce.

Sportswear Retailer Integrates Payment Into VR Experience

The jury may still be out on whether virtual reality (VR) will truly take off as a shopping experience, but one forward-thinking retailer already has made VR transaction processes more seamless. Body Language Sportswear has been testing a VR app that allows shoppers to move from interactive 360-degree views of its products directly to checkout, without needing to take off the VR headset or pull out their wallets. The e-Commerce retailer is offering products via the Payscout app, which introduced a VR commerce capability in June 2017. The app integrates with Visa Checkout (VCO), allowing users to register their payment credentials within the digital wallet or access an existing VCO account. The app currently is available for the Google Cardboard hardware, but there are plans to adapt it for iOS and additional VR platforms.

5 Things Retailers Need To Know About The Impending TLS Deadline

In the war against increasingly sophisticated hackers, retailers continue to find themselves on the front lines, grappling with the unfortunate reality that there is no easy fix for their difficult security problems. It’s truly a race for retailers — especially as more and more businesses migrate online and to Internet-connected terminals — to find and implement the best security protections. Take, for example, the aftershock the industry felt after two high-profile bugs, Heartbleed and Poodle, rocked the security world. According to the Payment Card Industry Security Standards Council (PCI SSC), 18 months after the Heartbleed vulnerability was announced there were reportedly still 200,000+ vulnerable devices on the Internet. These vulnerabilities served as a painful reminder that security is only as strong as its weakest link.

Data Breaches Are A Big Problem For Small Retailers: Be Prepared

Don’t think for a minute that the “little guys” are safe. Small and medium sized businesses are in fact often preyed upon by cybercriminals, who view them as having fewer resources to manage cybersecurity. Making matters worse, attacks against SMBs are increasing, despite the Chip and PIN payment technology, as smaller vendors can be slower to adopt the new system. With the threats continuing to increase and SMBs being an attractive target for attack, it’s not a matter of if but when a company will experience a security incident. It is critical that small retailers are up to speed on how to best prepare for and mitigate the fallout of a major security incident. The following are key areas of consideration to keep in mind when managing this major risk.

Exclusive Q&A: How The Equifax Security Breach Will Impact Retail Businesses

On Sept. 7, Equifax revealed that it had suffered a security breach that could impact as many as 143 million consumers in the U.S., the UK and Canada. But consumers aren’t the only ones that could be affected by the breach, which occurred from mid-May through July 2017 — retailers also are facing a considerable risk. Credit card fraud attempts increased 15% year-over-year during August 2017, a period that does not typically see such jumps in activity, according to data from Forter, an e-Commerce fraud prevention solution provider. In an exclusive Q&A, Michael Reitblat, CEO of Forter, notes that false account creation and account takeovers are the biggest issues retailers will have to tackle in the wake of the breach.

First Data Unveils Fraud Detect Solution

First Data has launched Fraud Detect, a solution designed to leverage AI and machine learning, fraud scoring, cybersecurity intelligence and information from the “Dark Web,” to enable merchants to detect fraudulent transactions in-store, at the pump, online, mobile and in-app — before they occur. Fraud Detect evaluates every transaction using a prevention engine and an extensive payments history database to provide an Accept, Review or Decline recommendation.

Getting Retail Cybersecurity Programs Future-Ready

Retailers worldwide are attacked more than any other industry — three times more than the financial industry1 — yet seem unwilling to step up their infrastructure and security programs to meet not only current but future threats in cybersecurity looming on the horizon. Perhaps the paltry 19% of consumers that say they’ll avoid the brand after a cyberattack isn’t enough of an incentive. Maybe it’s executive fatigue — 55% admitted that they haven’t invested any capital funds in cybersecurity protection over the past 12 months, according to a recent KPMG study.2 According to public sources, Target was compromised via a third-party supplier in 2013 (40 million credit card records were stolen); Sony Pictures Entertainment was allegedly hacked by a nation-state, resulting in the release of one unreleased film, the postponement of another and terabytes of sensitive data leaked. Then there’s the examples of the Home Depot, Yahoo and Sears data breaches affecting millions of people. Breaches are now becoming a more common occurrence, but the companies themselves appear unaffected and their boards and CEOs do not seem to be visibly impacted financially. Do retailers not worry about their customer’s PII or their longer-term brand and reputational impact?

Payment Network Integrates Bitcoin Into eWallet

Payza, a global payments platform, has fully incorporated the cryptocurrency Bitcoin into its eWallet offering. Merchants using Payza to process online payments will have the option to receive Bitcoin as payment. Previously Bitcoin payments were automatically converted to fiat (government-issued) currencies such as the U.S. dollar or euros. Online merchants…
Read more...

Ransomware And Retail

Imagine turning on your smartphone and finding that it has been completely locked out by a stranger demanding payment, a cybercriminal. If you have ever lost access to your phone for other reasons, you know the frustration of not being able to get to your contacts, emails, calendar or any communication convenience. Now imagine this frustration applied to your entire retail operation — blocking all transactions and disrupting your connection to the customer. This is what ransomware can do to your enterprise. The persistent need for transactions within retail makes it a highly targeted industry. Everyone is painfully aware of the Target breach and the various data breaches at multiple retailers that followed. On the periphery are smaller POS skimmer attacks at specific stores, as well as the ever-present mass proliferation of online product counterfeiting, knockoffs and diversion. However, something much worse is coming: the power to completely stop your business for hours, even days.
Subscribe to this RSS feed