Solstice Roundup: EMV Transitions, Watch Your Samsung, and… Emojis!
Summer solstice will be here before we can even get next week’s blog post up! on EMV Transitions. So even though temperatures here in AVPS’ neighborhood are already hitting triple digits, let’s officially welcome the season of beach-going, travel adventures, and more.
Samsung Galaxy Security Flaw
All that movement usually means more payments-on-the-go, whether by phone and mobile payments, or with the plastic in your wallet — or the nylon pocket of your swim trunks.
But if you’re going to pay via an app on a Samsung Galaxy phone, you may want to doublecheck its security. CNN Money, among other sources, is reporting “Every Samsung Galaxy device — from the S3 to the latest S6 — has a significant flaw that lets in hackers, researchers have discovered.”
Unfortunately, the vulnerability resides in the keyboard software of Samsung Galaxy phones, making it impossible to remove. This flaw potentially enables hackers to spy on users, regardless of whether they are connected to public Wi-Fi or insecure networks. Researchers discovered this flaw last November but made it public due to the perceived delayed response from Samsung. While the hack itself is not easy or inexpensive to execute, it poses a significant threat to sensitive targets such as business executives or government officials, compromising their devices completely.
Emojis as a More Secure Alternative
To combat the constant stream of news regarding hacks and security breaches, it is reassuring to discover that emojis, the modern successors to ASCII art, are emerging as a more secure alternative to traditional pin numbers.
According to a Guardian article, reporting on the new security protocols offered by a UK start-up, emojis really are more secure than pin numbers. Why? “ The traditional four-digit pin, commonly used for authentication, is an incredibly weak system with only 10,000 possible combinations. This number decreases even further when considering that certain common combinations, like 9999, are typically disallowed by banks. That’s why ATMs eat your bank card if you guess the pin wrong too many times..even a slow typist could access a stolen card in less than a day.
The emoji codes, on the other hand, “offer a choice of 44 emoji, and four slots, offering 3.8 million different passcodes (because 444 = 3,748,096). It’s not quite the 480 times more secure that the company promised, because they assume that you won’t use the same emoji or digit twice in any one passcode, but it’s still a significant improvement.”
No word yet on whether banks will be rushing to embrace the change. But this does remind us to remind you: Have you changed or updated the passwords around your own business yet?
Transition to EMV Cards
And finally, though it may be less “fun” than an emoji, the transition to EMV cards is of course coming this fall, which should make card transactions more secure.
AP is running a series of tips for small business owners on making the transition as easy as possible.
Among them:
—Companies whose credit card payment systems are combined with inventory management and other systems might want to separate the payment part. That would make their computers less vulnerable to hackers, who have been able to gain access to customer and other information at companies like Target by invading another part of an integrated computer system.
—Your payment processor or bank should be able to answer questions about the transition and what you’ll need to do
Hey! Payment processor! That’s us! And yes, we’ll be happy to answer any questions you have, even if you’re calling us from the beach. On a Samsung phone!
Meanwhile, goodbye to spring — see you in summer!