Christmas and New Year mark the arrival of a festive season which means most of the people are seen performing one common activity called ‘Shopping’, but have you ever wondered, how safe the Safe-Plastic-Money is.
Trustwave, a company that helps businesses in reducing security susceptibility, securing data and knock-down cybercrime, deploys their researchers across retail outlets to find out flaws in the technology so that the customers or users are safeguarded against any credit card data theft. Hackers love to make the holiday season Grinchy.
Mike Park, a security researcher from Trustwave deployed at a retail outlet, tells “As I swipe the credit card on the machine and make a selection in the system on which I have logged onto wirelessly, I will get all the credit card data right here, in my system. I have stolen the credit data, in real time”. Once the “Pay” button is clicked the transaction is processed and the customer gets the receipt. The risk started when the cash register is bypassed and card is swiped on a smartphone.
On further digging on the information from Mike Park he explained that it doesn’t matter if the retailers use an iPhone or an iPod, the breach can also work well in an iPad. The commencement of the frailty starts when the shopper, who goes to an outlet and makes purchases, hands over the card to the employee on the floor. Once the credit card is run-through, the hackers steal the credit card data before it is encypted. The openness to the web-attack is reduced if the data is being encrypted onto the hardware as the time lag between swipe and encryption is the most crucial, where hackers are able to steal the data.
The problem is not with the credit card swiper attached to the phone, it is with the software which is used by retailers to process the payments. In many a cases it has been observed that the software doesn’t encrypts the Personal Information of the credit card holder which makes it an easy-fish-caught by the hacking community. They alter the device in such a manner allowing them to track the software activity, like punching in the credit card numbers.
Often it is seen that the security lags behind in cases of Technology advancement, shares Charles Henderson of Trustwave, who encourage ethical hacking, which means they measure the vulnerability of the systems’ security of the retailers to find out the leakage points from where the data can flow out.
It is very important for the customers to keep a watch on their credit card transactions during the festive season; although, it’s the prime responsibility of the retailers and banks to keep the customer protected but better safe than sorry. Enderson of Trustwave shares, if the credit card data is being fed into the system manually, it is sure that it can be encrypted in no way.
When asked by a correspondent that how much time will it take if one wishes to hack and steal data of millions of customer, the reply from Enderson was mind boggling, he maintained, the same amount of time the compromised employees, at multiple points of sales, will take to give it out.
Could be possible the high-tech villains are targeting the next door retail outlet you wish to visit today, it would be better if you are more cautious than your retailer, or in best case scenario use CASH.
