October is Cyber Security awareness month , and I’ve been writing (read here, here, and here) that you must protect yourself from hackers and scammers. Today The Wall Street Journal published an article warning about the dangers of “no-card-present” online transactions that could drain your credit card balance. After a massive industry undertaking to secure point of sale transactions with chip enabled credit cards, hackers have moved to the one place where there are still no chip readers, the internet.
Robin Sidel writes for the Journal:
As a result, online merchants and the card industry are scrambling to create products and procedures that can quickly identify fraudulent transactions when an unseen customer taps card information into a computer or mobile device. “In card-not-present transactions, there are so many different kinds of merchants and the fraud manifests in so many different ways that there really isn’t a one-size-fits-all solution,” says Julie Conroy, an analyst at Aite.
Among other solutions, the card industry is touting technology called tokenization. This replaces cardholder information such as account numbers and expiration dates with a unique series of numbers that validates the customer’s identity. That way, hackers can’t steal actual card data if a merchant’s payment system is breached.
And Tuesday, the industry introduced new standards for card issuers to put technology in place that will accept additional data from merchants who want to authenticate transactions. The move will allow merchants to send information such as the customer email address, billing and shipping details to the banks as additional tools to verify that the purchase is authentic.