Just a few short weeks after the Target security breach made national headlines, another United States retailer has succumbed to a cyber attack.
Dallas-based Neiman Marcus announced recently that they too fell prey to a cyber criminal’s attack—one that may leave as many as 20 million customer’s bank accounts in danger.
The method used to glean customers’ personal information—such as credit card numbers, passwords, etc.—is near identical to the Target fiasco.
Anytime a debit or credit card is swiped through a point-of-sales device (POS), the information is ripe for nefarious removal if not properly secured.
Outmoded credit card security measures still in use throughout the United States of America make it too easy for hackers.
In the States, the magnetic strip is still the key point of “security.” Would Target and Nieman Marcus had been as susceptible to breaches had the European Chip and PIN model been in use?
Magentic Strip vs. Chip and PIN
Remember cassette tapes? The magnetic strip on the back of your credit card uses the same basic technology. Current security standards instilled in American cards rely on a swipe of the strip, and a swift signature.
Once the card is swiped, the data is stored and—in most cases—the information is encrypted. With Target and Neiman Marcus, hackers deciphered this base-level security measure, exposing tens of millions of consumers’ private information.
The Chip and PIN method is certainly not full proof, but does make a hacker’s attempt at procuring credit card data more arduous.
Chip and PIN downside
Essentially, the unique chip replaces the magnetic strip, and the personal identification number (PIN) replaces the need for a signature. Yet just as signatures can be forged, PINs can be deciphered.
Visa has announced plans to introduce the Chip and PIN method towards the end of 2015. This gives cyber criminals plenty of time to hone their craft, so this may be too little too late.
EzFIM Can Help
Sure, a Chip and PIN system of security may have helped to offset the total damage done by the most recent retail hacks. Although the European model is clearly more advanced than its American contemporary, it too is far from perfect.
FIM is essential to PCI DSS code compliance, and adds a layer of protection necessary to stop hackers before they can implement thefts such as the aforementioned large-scale breaches. For more information, call an EzFIM Tech Expert today at: 855.393.4666—or send us an email at: firstname.lastname@example.org.