POS Attacks May Be Declining (But…); Consumers Turning to Prepaid?

Certainly good news would be welcome on the internet and data security fronts these days. Technology website CRN may have some, in a story whose headline proclaims that “despite Prominent Retail Breaches, POS System Attacks Decline.”

The article cites a 2014 Verizon Data Breach Investigations Report “which analyzed more than 1,300 confirmed data breaches and tens of thousands of security incidents.”  (Of course, one of those incidents also includes the recent report of another breach against the chain of Michaels craft stores, imperiling the data of some 3 million customers.)

The Verizon report “contained 198 confirmed data breaches in 2013 at businesses in the retail, accommodation and food industries. Fewer large-scale attacks are being carried out against small businesses.”

That would seem good, except that “attackers increasingly are turning to web application attacks to steal credit card data accepted by merchants on the Internet, said Christopher Porter, a managing principal at Verizon. They are targeting vulnerabilities in web applications.”

“They are just scanning network ranges and trying to find the wide open remote desktops; they’re not spending that much time trying to target organizations specifically,” he continues in the article.

Wide open desktops? Yes. “Breach investigators found systems with outdated antivirus installations or no AV protection at all. In some cases, employees were found checking email, browsing the web and playing video games on some POS systems, increasing the likelihood of an attack,” Porter went on.

“Breach investigators also had  found poorly implemented and maintained remote access software. Systems were left open to the Internet with weak or default passwords. Therefore, automated tools can carry out brute force attacks in seconds, giving cybercriminals unfettered access to the system.”

So even the basics of software upgrades and password updates (along with separate passwords for each application and service!) could help make a big dent in the current “cyber security” landscape.

If you have any questions, or need any advice, be sure to contact AVPS as well!

Meanwhile, consumers may be devising their own strategies to keep their information more secure. The Pymnts.com website has a piece asking whether Prepaid Cards Are “the future of personal financial management.

 The article references a study that touts the usefulness of such cards in terms of helping consumers stick to a planned budget. “Technology that allows for the creation of separate ‘purses’ on prepaid cards makes it possible for a consumer to set a budget and activate controls around these amounts.  These features, along with real-time account alerts, allow for an easier adoption of budgeting and increase the effectiveness of prepaid cards, according to the report.”

“This,” the report continues, “is welcome news for issuers who are looking for new features to make prepaid products more attractive to their customers. The cards impose welcome constraints – making overspending impossible since credit is not an option. They are also accessible, easy to activate and use, and widely accepted.” 

Additionally, with all the security and data  lapses making news, prepaid cards offer another attraction: They can protect customers’ basic bank account info, and limit potential damage, even if they’re “breached.” Customers can decide to only have pre-designated amounts “exposed,” when shopping online, for instance.

When added up, it becomes increasingly clear that your own business should consider a prepaid card offering to your customers, if you don’t already. AVPS can help on that score too.

Get in touch — just consider us your roadmap for the “payment terrain” ahead!

Leave a Reply

Your email address will not be published. Required fields are marked *