Subscribe to the RSA blogs and podcasts for the latest posts and security updates!
Payment Security Focus is written by RSA’s team of solution engineers, strategists, and technologists who lead our initiatives to help customers secure electronic payments. Our efforts drive our interactions with the entire payments ecosystem: acquirers, associations, processors, standards organizations, financial institutions, technology providers and merchants of all sizes. Our blog presents our insight on the industry, the inventive application of technology to solve problems, and discussions of disruptive forces shaping its future direction. We invite your comments and dialog!
Payment security is back in the public eye with the recent disclosure of a cardholder data breach at a leading US payment processor. While initial reaction to this latest incident has been unfortunately predictable, characterized by plenty of uninformed speculation, outrage, and a general lack of understanding of the workings of the payments industry, the story that is ultimately written about this latest incident might be one that is completely unexpected.
Our team thought it would be interesting to make a few predictions for the upcoming year related to payment security. Some (unfortunately) don’t require a crystal ball, but for many others, the decrypted answer from our secure Magic 8 Ball is probably “outlook not so clear”. I’ll offer five we feel pretty confident about this week, and another five in our next post.
In my last post, I talked about the unique challenges of trying to provide point-to-point encryption for the petroleum merchant. In a nutshell, the petroleum merchant wants to stop skimming attacks where the bad guy puts a skimming device in the chassis of the fuel dispenser*. This is easily solved by encrypting the card data at the mag-head/card reader, but doing so breaks the ability for the merchant to process the special instruction in fleet cards.
If you think about it, I’m sure it would come as no surprise that an average gas station/convenience store conducts more credit card transactions per day then practically any other type of merchant – usually on the order of two or three times as many transactions. And with that many transactions, petrol merchants are prime targets for credit card theft.
