Community
Conventional wisdom says that if merchants will just comply with PCI (payment card industry data security standard), then crooks will not steal card data from merchants. Under this wisdom, the US Federal Trade Commission has been punishing merchants like TJX. However, I don't see how PCI compliance would have stopped this POS terminal hack. The terminals showed no external evidence of tampering! Given how sophisticated the crooks are becoming, my suspicion is the credit card system must change entirely, so that it relies much less on protection of secrets like card number + PIN and more on multiple channels of communication with users (e.g., when I use card, I instantly get phone text message, to which I must reply). --Ben
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Nkiru Uwaje Chief Operating Officer at Mansa
12 September
Dirk Labuschagne Chief Information Security Officer at Direct Transact
Alexander Boehm Chief Executive Officer at PayRate42
Hugo Chamberlain COO at smartKYC
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.