Category Archives: Breaking News

Security of Fred’s credit card system compromised

Security of Fred's credit card system compromised

“Fred’s Inc. recently became aware of a potential data security incident and immediately launched an internal investigation to determine the scope of the issue. We retained Mandiant, a leading independent forensics firm, to examine our data security systems.

We want to assure our customers that protecting their information is one of our top priorities and we are taking this potential incident very seriously. Until this investigation is completed, it will be difficult to determine with certainty the scope or nature of any potential incident, but we will continue to work vigilantly to address any potential issues that may affect our customers.”

If you have shopped at any of the Fred’s locations in the Mid-South, your credit card information may be compromised. Fred’s says the best advice is to keep a close eye on your bank statements.

There are few details about which stores are affected, but the possible breach was first reported by cybersecurity journalist Brian Krebs, who has correctly reported dozens of corporate data breaches over the last year.

Fred’s confirmed its investigation to Krebs last week and issued the following statement:

“Fred’s Inc. recently became aware of a potential data security incident and immediately launched an internal investigation to determine the scope of the issue. We retained Mandiant, a leading independent forensics firm, to examine our data security systems.

“We want to assure our customers that protecting their information is one of our top priorities and we are taking this potential incident very seriously. Until this investigation is completed, it will be difficult to determine with certainty the scope or nature of any potential incident, but we will continue to work vigilantly to address any potential issues that may affect our customers.”

The breach seems to have come from malware installed directly on the company’s point-of-sale systems.

Fred’s operates more than 650 locations, primarily in the Southeast.

Image Courtesy

Credit and Debit Cards with chip are here

Credit and Debit Cards with chip are here

Bend bike-store owner T.J. Jordan is ready for the future and the future arrives.

That’s the deadline that major credit card companies have set for merchants to have the equipment available to handle transactions by customers with EMV credit and debit cards.

EMV cards, for Europay, MasterCard and Visa, contain a microchip that encodes each transaction, hopefully to ward off fraud and theft of credit card data. Also known as chip-and-pin cards or smart cards, they are in use across the globe, with the exception of the U.S.

Jordan, owner of The Hub Cyclery, at 1001 NW Wall St., installed an EMV card reader when he opened for business. The devices will soon be mainstream, his merchant services provider told him at the time. So he went ahead and installed one.

The card reader also accommodates the magnetic-stripe cards that most Americans still typically carry. Tourists from Europe and Canada are using EMV cards for all of their transactions, Jordan said. For the past three months, about half of the U.S. cardholders who make purchases in his shop are using smart cards.

High-profile reports of credit card data breaches at big retailers such as Target and Home Depot, a high rate of credit card theft in the U.S. and other factors prompted card companies, the banks that issue them and merchant service companies to adopt EMV technology.

As EMV cards became the norm worldwide, credit card fraud became more difficult to pull off. But it became more commonplace in the U.S., where that technology was not in widespread use, according to a February report in the Wall Street Journal. About half of all the world’s credit card fraud occurs in the U.S., the newspaper reported.

“Fraud does happen. Things like EMV are opportunities to combat that,” said Debbie Amerongen, executive vice president at Bend-based Bank of the Cascades and director of distribution strategies. “Customers need to know that.”

Bank of the Cascades is working with its merchant services provider, Elavon, the company that facilitates credit card transactions for the bank’s merchant account holders, to get the word out. Elavon directly serves more than 1,500 global financial partners, but they are not all banks, said Holly Maddox, a spokeswoman for the company.

Liability for fraud that occurs in a credit card transaction will shift to the party in the transaction that has not adopted EMV technology, whether it’s the bank or other card issuer, the consumer or card holder or the merchant. For example, banks that fail to make EMV cards available or a merchant that fails to acquire a card reader and PIN pad for EMV cards will be liable for the loss that occurs when someone uses a stolen credit card number to make a purchase, said Kim O’Connor, Elavon vice president for new product innovation.

“That’s why the liability shift in October is such an important date for merchants,” she said Thursday.

Amerongen said Bank of the Cascades is reissuing its MasterCard credit and debit cards to 75,000 account holders in two phases, the credit cards this summer and the debit cards later in the year.

One of the largest U.S. banks, Bank of America, started issuing EMV-type credit cards, said bank spokeswoman Betty Riess. It has began issuing chip cards for all its new and reissued debit cards for consumers and small businesses.

“We were the first major bank (in the U.S.) to add the chip to debit cards,” she said.

Wells Fargo bank began issuing EMV credit cards in November and plans on rolling out chip-enabled debit cards later this year, said bank spokesman Tom Unger.

“Any customer can always call if their credit card is not up for renewal and they want a chip-enabled credit card,” he said Friday.

Wells Fargo has already supplied thousands of merchants with EMV-capable terminals, Unger said.

Elavon began its campaign to supply the merchants it serves with EMV card readers, O’Connor said. In October, it upgraded the software.

A random check of about 10 businesses in Bend on Thursday found managers and employees with a wide range of familiarity with the coming switch to EMV chip cards, from a vague knowledge of EMV to having contacted Elavon about acquiring an EMV card reader. Only Jordan, at The Hub Cyclery, among those contacted, had a working EMV terminal.

Wendy Sexton, of Trivia Antiques and Appraisals, 106 NW Minnesota Ave., said she expects to acquire a terminal soon. .

“I’m not entirely convinced” of any technology’s ability to stem all fraud, she said. “And don’t know that I ever will be.”

According to Elavon, the EMV chip card works in two ways. One, during each purchase it generates a code specific to that transaction. Two, it creates a new three-digit card security code for each transaction. Magnetic-stripe swipe cards carry just one three-digit code, printed on the back, as an added security measure against fraud on all transactions. The EMV cards, however, offer no better protection than magnetic-swipe cards against data theft or fraud during online purchases or those made over the phone, bank representatives said.

Cardholders will have an option to use either a personal identification number, or PIN, or a signature with their new EMV cards, O’Connor said. Small purchases, such as drive-thru food or coffee, will probably require neither a PIN nor a signature, she said.

“It really helps reduce fraud because the card can’t be duplicated,” O’Connor said, “the way a magnetic-stripe card can.”

Image Courtesy

 

GE Planning to Come up With IPO for Credit Card Unit

GE Planning to Come up With IPO for Credit Card Unit

General Electric Co’s credit card unit filed for an initial public offering on Thursday, the first step in the conglomerate’s long-awaited plan to exit retail finance and reduce its dependence on its financing arm.

GE announced plans in November to spin off the North American retail finance business into a publicly traded company, which bankers estimated could be worth roughly $16 billion to $18 billion.

GE will look to raise as much as $3.5 billion from the IPO and seek a valuation of $20 billion to $25 billion for the unit, Bloomberg reported, citing people with knowledge of the matter.

A spokesman for the company declined to comment on the report.

GE has been reducing its reliance on GE Capital, its financing arm, which at one point accounted for almost half of the company’s profit. The unit’s rising funding costs during the 2008 financial crisis nearly sank the entire company.

With the spinout of the retail lending business, GE hopes to focus on its industrial divisions and better compete with rivals such as Honeywell International Inc and United Technologies Corp, which have smaller financing arms.

“We see the exit from North America retail finance as a net positive for GE over time, provided the price is right and capital is deployed wisely,” Sanford C. Bernstein analyst Steven Winoker wrote in a note.

The unit, which makes credit card loans to consumers in the United States and Canada, will operate under the name Synchrony Financial, GE said in a statement.

Synchrony will use proceeds from the offering to repay debt, increase capital and invest in liquid assets, according to the IPO filing. (r.reuters.com/hez57v)

“MUSEUM PIECE”

GE said in November that it would float up to 20 percent of the credit card business through the IPO, with a target to complete the exit in 2015.

The business traces its roots to 1932 when GE began providing financing to consumers to help meet demand for its appliances.

It is now the largest provider of private label credit cards in the United States based on purchase volume and receivables, according to the filing.

The cards are offered through major retailers and brands including Wal-Mart Stores Inc, Lowe’s Cos Inc and Ethan Allen Interiors Inc.

The business had 62 million active accounts, financed about $94 billion of sales and reported net earnings of $2 billion for 2013, according to the filing.

“(The IPO) will be a museum piece for the institutions that invest in it,” said John Fitzgibbon, founder of IPO-tracking website IPOScoop.com.

Investors will view the IPO favorably, given the business is well-established and profitable, Fitzgibbon said.

Spanish lender Banco Santander SA took its U.S. consumer-finance arm Santander USA Holding Inc public in January, with shares rising as much as 10 percent in their debut.

Goldman Sachs & Co, JP Morgan, Citigroup and Morgan Stanley are lead underwriters for the IPO, according to the filing.

Synchrony, which filed a $100 million placeholder with the regulator on Thursday, said it expects to list its stock under the symbol “SYF” on the New York Stock Exchange.

The filing did not reveal how many shares its parent would sell and the price.

LAST MAJOR ACTION

GE Capital posted revenue of about $44 billion last year. It was named a systemically risky financial institution last July by the U.S. Financial Stability Oversight Council.

The designation, commonly known as “Too Big To Fail”, in effect guaranteed more regulatory oversight of GE Capital.

GE has said the spinoff would be the “last major action” in its efforts to reduce GE Capital’s share of the company’s profit to 30 percent.

“We think that provided management keeps their share buyback promises, investors will favor the higher industrial earnings weighting over time,” Bernstein’s Winoker wrote in the note.

The amount of money a company says it plans to raise in its first IPO filings is used to calculate registration fees. The final size of the IPO could be different.

GE shares were down 1.2 percent at $25.44 in afternoon trading on the New York Stock Exchange.

 

Courtesy

Image Source

Wal-Mart Drags Visa to Court on the Charges of Fixing Card Transaction Fee

Wal-Mart Drags Visa to Court on the Charges of Fixing Card Transaction FeeWal-Mart Stores Inc. sued Visa (V) Inc. for allegedly conspiring with banks to fix transaction fees, the latest salvo of a multiyear legal fight between retailers and card issuers.

The world’s biggest retailer seeks at least $5 billion in damages for what it claims are violations of federal antitrust laws that could triple that sum.

Wal-Mart, one of dozens of large merchants that dropped out of a nationwide, multibillion dollar antitrust settlement with Visa and MasterCard Inc. (MA) to pursue their own lawsuits, filed its complaint in federal court in Fayetteville, Arkansas, on March 25.

“Visa’s monopoly power has enabled it to dictate price and inhibit competition,” Wal-Mart said in its complaint.

The settlement Wal-Mart withdrew from, initially valued at $7.25 billion, was approved by a Brooklyn, New York, federal judge in December. It’s now worth about $5.7 billion after reductions for the merchants that bowed out.

Visa sued the Bentonville, Arkansas-based retailer in June to try to stop it from bringing its own case, saying in a complaint filed in Brooklyn that it sought to prevent “the continuation of endless, wasteful litigation between the parties.”

Paul Cohen, a spokesman for Visa, declined to comment on the Wal-Mart complaint.

`Enormous Damage’

Wal-Mart claims the card company’s conduct caused it to suffer “enormous damage” from January 2004 to late November 2012. No banks are named as defendants in the case.

Wal-Mart objects to the requirement that retailers who want to accept any payments via Visa honor all issuers’ Visa-branded cards.

“There is no competition because merchants are prevented from realizing the price-reducing benefits that would result if issuers competed” over the fees they charged retailers who agreed to accept their cards for payment, according to Wal-Mart’s complaint.

The settlement of the case in Brooklyn followed years of tension over interchange fees that amount to as much as 2 percent of a sale paid for with a credit card. Retailers and trade associations opposed to the accord contended it didn’t pay enough in damages and unfairly blocked all U.S. merchants from suing over fees in the future.

Major League Baseball’s Minnesota Twins also dropped out of the settlement with Visa and MasterCard.

`Bloated Prices’

The team and other Minnesota businesses filed their own complaint against the credit card firms in February, claiming they “insulated themselves and their members from competition that would drive down the bloated prices plaintiffs have paid to accept Visa and MasterCard payment cards.”

Fees charged by MasterCard and Visa are “far in excess” of associated network and bank costs for processing the underlying transactions, the team alleged.

The U.S. Court of Appeals for the District of Columbia on March 21 rejected a challenge by Wal-Mart, Target Corp. and other retailers to federal rules governing how much banks can collect for debit card transactions, leaving in place an October 2011 rule capping the average swipe fee at about 24 cents per transaction.

While banks had objected to the limit, retailers contended that if the Federal Reserve, which set the rate, had followed the law the fees they paid on each swipe of a customer’s card would have been cut more and network competition enhanced.

 

Courtesy

Image Source

Credit Card Security Company Trustwave Negates Responsibility in Target Data Breach

Credit Card Security Company Trustwave Negates Responsibility in Target Data BreachTrustwave Holdings, the leading credit card security firm has hunted down allegations related to the massive data breach that occurred at Target and has made it very clear that it is not responsible for the security loopholes that lead to hacking of information. It made this statement after it was named in a lawsuit along with the third-largest US retailer chain.

Trustwave Holdings claimed that its relationship with the retailer chain was not represented properly. The credit card security firm also denied the allegations made in the lawsuit that it had processed card data for the retailer chain or had handled security of the information of card holders.

In a letter addressed to business partners and customers, Robert McCullen, the CEO of Trustwave, stated, “Contrary to the misstated allegations in the plaintiffs’ complaints, Target did not outsource its data security or IT obligations to Trustwave. Trustwave did not monitor Target’s network, nor did Trustwave process cardholder data for Target.” He added, “These claims against Trustwave are without merit.”

In the recent past, two US banks Green Bank N.A. and Trustmark National Bank filed a lawsuit against both Trustwave and Target in the US District Court in Chicago. In the lawsuit, the complainants have mentioned that both the firms together should take up the responsibility of the massive credit and debit card data breach that took place at the point-of-sale of the retailer chain during the holiday season in the month of November and December last year. at least 40 million cards were stolen and personal credentials of more than 70 million customers was compromised.

The lawsuit says that,”Trustwave failed to timely discover and report the data breach to Target or the public.”

In the lawsuit, the complainants have sought damages of at least $5million. The filing further said that the overall financial losses could cross $1 billion mark if losses suffered by several card issuers is considered. The banks stated in the lawsuit that they had to suffer financial burden by alerting their customers about the breach, reissuing cards, and reimbursing fraudulent charges.

Target Corporation is facing numerous lawsuits in relation to the data hacking event.

 

Image Source

Credit Suisse Keeps Millions Aside to Cope Up With Legal Expenditure

Credit Suisse Keeps Millions Aside to Cope Up With Legal ExpenditureThe legal costs keep piling up for Credit Suisse.

On Thursday, the Swiss bank revised its results again to reflect an additional charge of 468 million Swiss francs, or about $528 million, in increased legal provisions primarily related to a continuing investigation into Americans who secretly held assets in Swiss accounts.

As a result, Credit Suisse reported a fourth-quarter loss of 476 million francs.

In February, the bank initially reported a profit of 267 million francs for the last three months of 2013. Its quarterly results initially reflected 514 million francs in legal provisions related to mortgage litigation and the tax inquiry.

In recent weeks, however, the bank has revised its results downward to reflect an $885 million settlement to resolve claims that it had sold questionable loans to the mortgage finance giants Fannie Mae and Freddie Mac in the run-up to the financial crisis, and has now made additional provisions related to the tax investigation.

The latest provision comes on the heels of a two-year investigation by the United States, which found that Credit Suisse had actively helped American citizens hide billions of dollars from the tax authorities.

Credit Suisse executives, including Brady W. Dougan, the chief executive, were questioned on the findings at a Senate committee hearing in Washington in February.

The United States Department of Justice is investigating more than a dozen Swiss financial institutions and has prosecuted dozens of Americans who failed to pay taxes on income-generating accounts they held in Switzerland and had not disclosed to the American government. A Credit Suisse spokesman declined to comment Thursday on whether a settlement with Washington was close.

The banks have been reluctant to share client information for fear of breaching bank secrecy laws in Switzerland.

In 2009, the Swiss bank UBS paid a $780 million fine and entered a deferred-prosecution agreement with the United States government. As part of the agreement, it turned over the names of more than 4,000 Americans with UBS accounts.

Last year, Wegelin & Company, the oldest bank in Switzerland, pleaded guilty to a criminal conspiracy charge and was ordered to pay $74 million. Wegelin, which was founded in 1741, has sold off its assets and plans to close its doors once it resolves legal issues related to the American investigation.

For 2013, Credit Suisse reported net income of 2.33 billion francs, compared with 1.35 billion francs a year earlier.

Mr. Dougan remained the highest-paid executive at Credit Suisse in 2013, with a 26 percent increase in total compensation, to 9.79 million francs. He received total compensation of 7.77 million francs in 2012.

 

Courtesy

Image Source

PNC Issues New Credit Cards to Its Customers Who Shopped at Target Store during the Breach

PNC Issues New Credit Cards to Its Customers Who Shopped at Target Store during the BreachPNC Bank has started sending letters to its credit card users urging them to replace their cards as soon as possible if they have used it at Target outlets during the recent holiday season of November 27 to December 15. The cards will be replaced by the bank with new ones.

Larry Smith of Mt. Washington said that, “I think they should replace them. They are a lot of criminals out there, might use your information, so I think it’s a good thing.” In the month of December last year, the US retailer chain Target Corporation had given a confirmation that its point-of-sales system was under attack and sensitive credit card information of at least 70 million buyers was compromised. Moreover, credit cards of at least 40 million shoppers were stolen by the hackers. And the worst thing is many of these cards are active and available for sale in the black market.

PNC also cleared that it has seen no signs of fraud among its card users as a result of the massive data breach. Also, it will not disclose the number of new cards it is likely to issue as a replacement to the old ones. The bank cleared that it is taking such steps just to be safe. Also, the replacement will be applicable only for credit card users and not any debit card users.

Lucinda Beattie of East End commented with regards to the replacement that, “On the surface, it makes sense to me.” Mike Loftis of South Side stated, “Luckily, I don’t shop at Target, so I should be all right. Yeah, that’s probably smart. They’re the first ones doing that to cancel the credit cards.”

NexTier Bank was the first local bank to respond to the data breach by initializing replacement of its customers’ cards as early as December 2014. The same response is expected from other banks as well.

The bank has clarified that the victimized customers will get a replacement for their old card within 7 to 10 days after they request for such replacement to the bank. Also, the new cards must be activated on or before April 30. After this date, their old cards will not be valid.

 

Image Source

US Households Credit Card Debts in 2013 Highest Since 2008

US Households Credit Card Debts in 2013 Highest Since 2008Credit card debt for U.S. households in 2013 swelled at the fastest rate since the start of the 2008 recession, but whether Americans’ renewed willingness to put purchases on plastic is a good sign or a bad one for the U.S. economy is a question that confuses even the economists who study the numbers for a living.

For the households taking on new credit card debt, however, there is sure to be trouble ahead.

The total credit card debt of American consumers last year inflated to a staggering $856.5 billion, according to a recent report by the Federal Reserve. Just as a point of comparison, the American Recovery and Reinvestment Act of 2009, better known as the “stimulus” package, allocated $787 billion toward pulling the country out if its then-spiraling economic crisis.

The amount of household credit card debt also far exceeds the U.S. military budget for 2014, which is set at $671.9 billion.

Credit card debt rose 1.3 percent in 2013. In 2012 and 2011 it rose less than one percent, and fell precipitously in the two years before that.

The average amount of credit card debt per American household, as of the end of last year, stands at $7,115. However, it should be noted that the figure is pushed higher by a smaller number of households that have taken on crippling levels of debt.

For all indebted households, the average credit card debt total is more than twice that for all households — $15,252.

The question is, why are Americans now taking on such extraordinary levels of revolving credit card debt? A recent poll showed that only 51 percent of Americans say they have more in emergency savings than they have in credit card debt, while 28 percent say that what they owe on plastic is more than the total amount of money they have saved, if any.

People between the ages of 30 and 64 are especially debt prone. That group represents the largest segment of Americans with more debt than savings.

“This is a reflection of the stagnant incomes, long-term unemployment and high household expenses that are hampering the financial progress of many Americans,” said Greg McBride of Bakrate.com, which conducted the survey.

While some analysts say that the rise in credit card borrowing reflects a renewed optimism about the U.S. economy — most of the new credit card debt comes from people with better-than-average credit scores — others aren’t so sure.

“The problem is you’re not seeing job growth; you’re not seeing wage growth,” said David Strasser, analyst at Janney Montgomery Scott. “We’re still overleveraged by any historical measure.”

So, is the increase in credit card borrowing a good sign or a bad sign. Not even the Federal Reserve is sure.

“Good or bad, it’s hard to say,” shrugged Wilbert van der Klaauw, senior vice president and economist at the New York Federal Reserve, which put together the credit card debt report.

 

Courtesy

Image Source

McAfee Tells the Story Behind Massive Target Credit Card Data Breach

McAfee Tells the Story Behind Massive Target Credit Card Data BreachAmerican multi-national cyber security expert McAfee has come up with valuable opinions on what may have caused the massive Target credit card data breach last December. The breach was so big that payment cards of at least 70 million customers got breached. Around 40 million cards got stolen and a major volume of them were made available in black market.

In its quarterly report released on Monday, the security expert said that the hacking gives indications of “coming-of-age” for black-market business that supports identity stealers and non-ethical hackers. This black-market industry enabled the hackers to not just plant a custom-made malware in the point-of-sales terminal of the retailer but also helped them to instantly sell the stolen credit card data of the victims. Such data was sold through “dark web”, an online back channel used by identity thieves to do illegal activities online.

McAfee’s chief technology officer Mike Fey said, “Retailers in general took this as a wake-up call. They saw an essentially off-the-shelf … piece of malware modified for a unique environment, which was Target. A lot of retailers assumed that if they don’t have a standard point-of-sale system, they were somehow safe. And I think Target showed them that’s not the case.”

McAfee is looking deeply into the dark web malware industry that triggered one of the biggest data breaches in the history of the United States of America. The security company also said that the hackers bought the malicious software from a community supporting cybercrimes. The malware was a kind of unsophisticated technology tailor-made especially to Target the retailer chain. The identity thieves had a good knowledge of the loopholes in the payment system of the retailer and took advantage of the same to realize the hacking attack.

The researchers at the security firm also discovered that the hackers not just breached the data but also put on sale the stolen credit cards. They sold the cards in the batches of one million to 4 million. Mr. Fey added that Target could have avoided the blunder had it adopted cost-effective security technology of today. He stated, “You take a look at the Target attack. That was defendable by technology that has been around. It didn’t require a new silver bullet.”

The chief information officer of the retailer chain resigned last week as the company has initiated steps to improve its defense against such attacks in future.

 

Image Source

US Lawmakers Urge for Accelerating Adoption Process of Chip-and-PIN Credit Cards

US Lawmakers Urge for Accelerating Adoption Process of Chip-and-PIN Credit CardsThe U.S. Congress should mandate that banks, retailers and payment card processors adopt new security standards to protect against widespread data breaches, some lawmakers said Wednesday.

In the wake of several high-profile retail data breaches, some members of the U.S. House of Representatives Financial Services Committee called for new cybersecurity mandates, with Representative David Scott, a Georgia Democrat, asking if Congress should require the U.S. financial industry to adopt new card security measures used in other countries.

The U.S. payments and financial system makes “things easy for fraudsters” by relying on magnetic-strip credit and debit cards instead of moving to EMV cards that contain integrated computer chips and require customers to enter PINs at the point of purchase, Scott said.

Congress is “anxious” to take action to stop data breaches, Scott said. During Wednesday’s hearing, several lawmakers noted the data breach at retailer Target affecting up to 110 million U.S. residents. “Is there any reason Congress shouldn’t mandate that payment card security standards use the most effective technology in the marketplace?” asked Scott. “I think this is a problem of soaring magnitude, and we’re going to be in trouble if we don’t get a handle on this.”

Congress should mandate higher standards, but lawmakers shouldn’t mandate specific technologies, said Edmund Mierzwinski, consumer program director at consumer group U.S. PIRG (Public Interest Research Group).

“We are still using a 40- or 50-year-old magnetic stripe obsolete technology,” Mierzwinski said. “We are now starting to move slowly” to new technologies.

Banks and payment processors have said that moving to a chip-and-PIN card system will be expensive, requiring new card-reading machines at all retailers. Visa, MasterCard and others have announced plans to move to chip-based cards by late 2015.

Some lawmakers and witnesses called for a national data breach notification law, to supersede the 45-plus state laws now on the books. A national breach notification law would make it simpler for companies to comply with the requirements and simpler for consumers to understand the notifications, some representatives of the financial industry said.

But a national data breach law shouldn’t preempt tough state laws, Mierzwinski said. And it shouldn’t, as some backers of a national law have suggested, allow companies to avoid reporting a data breach if they don’t believe thieves have gained access to personal information.

“Force companies that lost your information to tell us about it,” he said.

Other witnesses called for security standards to come from private industry. The PCI Security Standards Council, an organization that develops payment security standards, already has payment processing standards in place, including a standard for using chipped payment cards, said Troy Leach, CTO at the council.

The U.S. government should focus on prosecuting cybercriminals and on encouraging threat information-sharing between businesses and government, Leach said.

The development of payment card standards is “something we are uniquely qualified to do,” he said. “The recent breaches underscore the complex nature of payment card security. The multifaceted problem cannot be solved by a single technology, mandate or regulation.”

Other lawmakers pressed representatives of the U.S. Secret Service and the U.S. Department of Homeland Security to more aggressively prosecute cybercrime. Representative Carolyn Maloney, a New York Democrat, questioned if the U.S. government was collecting enough information about the extent of cyber and payments processing crime.

“Who’s keeping the data on how big of a problem it is in the United States?” she said. “It’s huge, in terms of national security, financial security and economic security of our country.”

The DHS is collecting as much information as it can, but businesses are not required to report data breaches, said Larry Zelvin, director of the DHS National Cybersecurity and Communications Integration Center.

“We still don’t have the visibility on everything,” he said. “It is still just a snapshot.”

 

Courtesy

Image Source

Newsletter Powered By : XYZScripts.com