Page 24 - GS170701
P. 24
Views
Data breaches cause major pain
Insider’sreport Despite the uptick in activity, card skimming is not as big or
on payments: costly a problem as outright data breaches. Just ask Target
Corp., which paid out $18.5 million in fines to 47 states
for a 2013 data breach that affected more than 40 million
cardholders. That's on top of more than $200 million in
legal fees the retailer reportedly incurred because of the
breach.
Target's costs stemming from this breach don't begin to
Getting serious describe just how expensive, and serious, card data breaches
can be. Juniper Research Ltd., a U.K.-based research and
analysis firm, recently warned that, globally, retailers stand
about fighting fraud to lose $71 billion from fraudulent card transactions over
the next five years. This is attributed to increased criminal
By Patti Murphy migration to card-not-present transactions concurrent with
U.S. implementation of EMV.
ProScribes Inc.
While Juniper did not provide a breakdown, a recent
raud threatens the integrity of the payments sys- report by the cybersecurity firm Trustwave Holdings
tem. And by extension, it threatens the livelihood Inc. suggests North American retailers are particularly
of every company and individual in the pay- vulnerable. Trustwave publishes a yearly report on global
F ments stream: banks, acquirers, merchants, ISOs cybercrime, data breaches and other security threat trends.
and the feet on the street. Yet I can't help but think we, as a The latest report, published in June and covering hundreds
society, are becoming inured to the perils of fraud. of breach investigations conducted in 2016, revealed that
North American businesses, particularly retailers, are more
Seemingly every week brings news of hacks, breaches of vulnerable than those in any other region, accounting for
card data and subsequent payouts by breached companies, nearly half (49 percent) of all breaches investigated by the
and revivals of old-school schemes like card skimming. company.
This is despite ongoing efforts to protect credit and debit
card data with enhanced security protocols like EMV The largest single share of breaches (22 percent) occurred
(Europay, Mastercard and Visa). at retail establishments, followed closely by the food and
beverage industry at nearly 20 percent. Breaches directed
Fraudsters are savvy. They understand, for example, that at POS systems represented 31 percent of all breaches
the proliferation of EMV cards and card readers eliminates investigated, Trustwave reported, up from 22 percent
opportunities for fraud like card skimming, so they're in 2015. And more than half of all incidents investigated
focusing on unattended terminal locales, like gas stations, targeted payment card data, the firm said.
which are not required to be EMV compliant until October
2020. "As our data breach investigation and threat intelligence
show, attackers continue to evolve their tactics and focus
Recent reporting by the Sun Sentinel, a South Florida on extreme paydays," said Robert J. McCullen, Trustwave's
newspaper, found that more than 400 card skimmers have President and Chief Executive Officer. "Meanwhile,
been found at gas stations across Florida since 2015; more security skills and talent remain scarce. As an industry we
than half of those (251) were discovered this year alone. must continue to focus on key areas like threat detection
Three Florida counties, in particular, seem to be hotbeds and response, security scanning and testing, and cloud
of card-skimming activity: Broward, Palm Beach and services that provide meaningful layers of protection from
Miami-Dade. Skimmers are small electronic devices that constantly evolving threats."
surreptitiously record data from the magnetic stripes on
credit and debit cards. Retailers need to do more
Meanwhile, the news out of fraud solution provider Kount
As of June, 46 skimmers had been discovered in Broward Inc. is that mobile payment fraud is on the rise. The share
County, the Sun Sentinel reported, citing state records. of merchants who could definitively state they are seeing
That's up from 40 in 2016 and 34 in 2015. In Palm Beach more fraud in the mobile channel reached 40 percent in
County, 52 skimmers were found as of early June, up from 2017, up from 23 percent last year, according to Kount's Fifth
22 in 2016 and 19 in 2015. And in Miami-Dade County, the Annual Mobile Payments & Fraud Report. Forty-two percent
tally as of June was 22, up from nine in 2016 and 17 the year said they weren't sure.
before.
24
