Harrison, ME (PRWEB) November 26, 2014
E-commerce is based on trust – the trust that exists on the part of the merchant that he will be given legitimate credit card information and the trust on the part of the consumer that such information will be securely processed and stored. However, according to a study performed by Lexis Nexis in September 2013, this ideal scenario does not always define reality.
According to this study, approximately 12.6 million adults were victim to identify theft in 2012, costing consumers $ 21 billion and countless hours straightening out their accounts. Half of those polled said they would avoid making a subsequent purchase from the same small online merchant after experiencing such a security breach – in sharp contrast to the only 8% who said they would stop frequenting a large retail chain or the 19% who would stop buying from large, well-known online venues.
The Christmas shopping season, therefore, while it can be the greatest boon of the year to small online merchants, is also a time fraught with risk. In addition to being easier to hack than large businesses, such breaches can be devastating enough to put some enterprises out of business. In addition to lost trust and sales, there may also be significant financial penalties in the form of chargeback fees. Merchants may even have their credit card accounts terminated.
However, small businesses do not have to be helpless victims in the face of credit card theft. And even if the holiday shopping season has already started, it’s not too late to make important changes. By knowing these 5 ways hackers can gain access to customer data, merchants can proactively take steps to protect their customers’ data and their business’ financial footing.
1. Network Weaknesses
Hackers access sensitive data is by entering target computers through weak points in the network. While there is no such thing as a completely secure network, firewalls provide significant levels of protection and are the first line of defense against intruders. Merchants should make sure the firewall they choose is well-respected and regularly updated.
Firewalls by themselves, however, are insufficient. Other potential weaknesses can come through lesser-known channels, such as an unprotected or unencrypted router, unattended network connections that are left idle during holidays, weekends, or vacations, and even printers that are left on, inviting hackers to enter through their web interfaces.
2. Weak passwords
When a hacker does access a computer, he or she is not finished. He then has to access the data, which often requires a password. While this should be an added layer of protection, default passwords, easy-to-guess combinations, or short and simple words are often employed, offering the hacker little more than an inconvenience. To be safe (and PCI-compliant), merchants should change their passwords regularly using hard-to-crack combinations of letters, numbers, and symbols.
3. Unencrypted information
Even if a hacker does access information, it is useless unless it is in a readable form. Using encryption is like putting information in code – only those that have the key can read it, even if they access it. Merchants should encrypt information at every stage of the process and never store unencrypted numbers on their servers.
4. Viruses and trojan horses
Another common hacking technique is to introduce a virus or a trojan horse into a computer or network device to record keystrokes or forward data that passes a certain point. To avoid this surreptitious harvesting, merchants should install and maintain a rigorous anti-virus software, scan their systems regularly, and learn to identify the signs of scam e-mails and virus infections.
5. Locally-stored card numbers
A fifth way hackers find credit card data is by selecting targets that are likely to have the card number stored on the local server. A dedicated server with its own internet connection can not only help reduce the risk of hackers, but also limits the number of people with physical access to the data as well. Small businesses should look for payment providers that store the customer’s credit card information securely on their own servers or on the cloud – never on the local server.
While hackers use many methods to access information, these five represent some of the most commonly-exploited vulnerabilities. By taking the time and effort to secure these methods of entry, merchants can help their customers have a safe and identity theft-free holiday season and protect their own businesses from unnecessary chargebacks, financial risk, and legal liabilities.
About E-Commerce 4 IM:
E-Commerce 4 IM offers credit card processing, web marketing, SSL certificates, and hosting for online merchants. They specialize in helping high-risk vendors, such as nutraceutical, weight loss supplement, e-cigarette, and multi-level marketing vendors, obtain credit card processing solutions that meet their business needs.
ThreatMetrix Predicts Mobile Transactions and Account Takeover Attacks Will be Easy Pickings for Cybercriminals This Holiday Season
San Jose, CA (PRWEB) November 24, 2014
ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced cybercrime predictions for the upcoming surge in consumer spending surrounding Black Friday and Cyber Monday and the rest of the holiday shopping season.
According to the National Retail Federation, this holiday shopping season is expected to see a 4.1 percent increase in sales, climbing to $ 616.9 billion. Unfortunately, cybercriminals will be on high alert for holes in e-commerce sites’ cybersecurity, cashing in on the significant shopping surge. With new in-store technologies like Europay-Mastercard-Visa (EMV) and Apple Pay continuing to build momentum and cutting down point-of-sale fraud in store, e-commerce businesses need to be prepared for such technologies to push more fraud online and put preventative measures in place to protect against those risks.
To help retailers protect themselves and their customers leading up to the busiest days of the 2014 holiday shopping season, ThreatMetrix has outlined several predictions for the busiest shopping days of the year:
Transactions at the Table: Increase in Mobile Shopping Starting Early
Last week, the “ThreatMetrix Cybercrime Report: Q4 2014” found that mobile represents nearly one-third of all activity on The ThreatMetrix® Global Trust Intelligence Network (The Network). Combine that with the fact that Adobe has predicted the season’s lowest prices will pop up on Thanksgiving Day and consumers can expect to see a lot of mobile shopping taking place during their Thanksgiving feasts, spilling over into “Sofa Sunday.” This poses a huge opportunity for fraudsters because mobile users are more likely to store credit card data with retailers, a prime target for account takeover attacks. Another challenge is that retailers are more likely to reduce risk thresholds for mobile devices to avoid false positives.
“Cybercriminals follow the flow of money, and this Thanksgiving, a very high number of transactions will take place through mobile channels,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Unfortunately, it can be difficult for retailers to use IP geo-location data to ensure mobile transactions are authentic. Instead, retailers should try to leverage trust intelligence networks to recognize customers with good mobile purchasing history, and complement this with finer grained authentication intelligence available within a native mobile application. Retailers should also ensure that their mobile applications have not been injected by malware.”
Lump of Coal: Account Takeover in the Wake of High Profile Data Breaches
In the wake of the countless number of data breaches over the past year, hundreds of millions of user accounts have been compromised, from 40 million in the Target breach, to 60 million in the Home Depot breach to a whopping 1.2 billion stolen by a Russian cybercrime ring. These stolen identities will play a major role in the efforts of cybercriminals looking to cash in this holiday season through account takeover attempts.
Retailers must ensure they have a system in place to differentiate between trusted customers and fraudsters in real time by identifying suspicious login patterns, risky or compromised devices or devices disguising their geo-location. Additionally, putting high authentication requirements in place that don’t add friction to the user experience can successfully block cybercriminals without trapping trusted customers in the fraud net.
“Unfortunately, many consumers use the same login credentials across multiple websites, which means that when those credentials fall into the hands of cybercriminals through data breaches or malware, all of their accounts and likely all of their credit cards will be compromised,” said Faulkner. “This sadly means that cybercriminals this year could end up having the merriest holiday season of all.”
Last year, ThreatMetrix screened one in four of all U.S. e-commerce transactions the day after Thanksgiving to help retailers protect their customers from fraudsters through its global data repository, The Network, which analyzes more than 850 million monthly transactions, and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites. The Network is the most comprehensive data repository of its kind, using its real-time analytics to evaluate logins, payments, new account registrations, remote access attempts and other transactions for validity.
Share this news on Twitter: Will you shop on #mobile this Thanksgiving? @ThreatMetrix predicts you will, among other #holidayshopping trends: http://goo.gl/i3HYeM
eBook: ThreatMetrix Cybercrime Report: Q4 2014
Whitepaper: Combatting Cybercrime – A Collective Global Approach
Press Release: ThreatMetrix Announces its ThreatMetrix Global Trust Intelligence Network Has Reached 850 Million Monthly Transactions
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit http://www.threatmetrix.com or call 1-408-200-5755.
Join the cybersecurity conversation by visiting the ThreatMetrix blog, Facebook, LinkedIn and Twitter pages.
© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.
Find More Credit Cards Press Releases