Home    Bloggers    Messages    Resources   
Tw  |  Fb  |  In  |  Rss
Phil Britt

Target Breach May Chill Mobile Payments Use

Phil Britt
Anand
Anand
1/28/2014 1:06:05 AM
User Rank
One Bar
Re: Mobile payments`
It is easy to blame Target, and indeed they do deserve most of the blame, but before you do, remember that the mobile security concerns are a two way traffic. Some responsibility falls on the shoulders of the customers themselves. The attack on Neiman Marcus should have been a wakeup call but looks like people ignored it just as they are going to forget about the Target attack and wait for the next mess-up somewhere else.

50%
50%
Tank
Tank
1/19/2014 7:39:51 PM
User Rank
One Bar
Re: Mobile Payments
Customers in the U.S. have up to 18 months to dispute a charge, so there isn't much reason for a retailor to save receipts past that. 

Part of the problem also is that U.S. retailors are still using old magnetic strip technology vs. chips or other securer methods.  Neither retailors or credit card issues want to foot the bill to increase security.  So maybe it just should be legislated. 

50%
50%
MobileSuze
MobileSuze
1/19/2014 8:54:53 AM
User Rank
One Bar
Re: Mobile Payments
"The fact that three-digit CVV security codes were compromised shows they were being stored."

This is basically everyone's nightmare. Now nobody's accounts are safe. And 110 million customers? That's an astounding figure! Target should do more to make it up to their customers and to make sure that this doesn't happen again.

50%
50%
MobileSuze
MobileSuze
1/19/2014 8:53:46 AM
User Rank
One Bar
Re: Mobile Payments
I share your sentiments. This is really, really bad for Target. Not only does it tarnish their image, but people won't really feel safe to shop there anymore. And it's a big chain. Surely they could have set up better security to make sure that such breaches don't happen.

50%
50%
Netcrawl
Netcrawl
1/19/2014 4:07:44 AM
User Rank
Five Bars
Re: Mobile Payments
@Tank you're right about the figure, its now 110 million users! This is an example of a more highly sophisticated attack, the malware used in the Target attack was written by someone with high degree of skill, they look for the security flaws and most of the victims are department stores. The Target breach may also been a part of a similar attack on Neiman Marcus, another retailer. I think its the same person or group, they got similar pattern.

Neiman Marcus malware attack:

http://www.theverge.com/2014/1/11/5297896/neiman-marcus-hacked-credit-card-data-stolen  

50%
50%
Mobile
Mobile
1/17/2014 1:04:21 AM
User Rank
Five Bars
Re: Mobile Payments

" So this seems to be a case where Target really messed up."  

@Tank    I could not agree more.  A retailer that does the volume that Target does has no excuse for this.  They make millions daily and they cannot safeguard customer information ?   Much of which they badger you for at the check-out counter.  And then it takes four days for the CEO to make a public apology ?

 

Save the apology and cut me a check.  I may never used my card there again.  Target has become the text book case of "retailer data-caretaking apathy(ineptness)".

50%
50%
Tank
Tank
1/16/2014 11:18:18 PM
User Rank
One Bar
Re: Mobile Payments
I'm not sure how the Target hack will affect consumer behavior. It may have affected up to 110 million customers.  That would be more than the population of many countries.  Per the linked article, ""This is a breach that should've never happened," Forrester vice president and principal analyst John Kindervag said in a statement today."The fact that three-digit CVV security codes were compromised shows they were being stored. Storing CVV codes has long been banned by the card brands and the PCI SSC. "  

So this seems to be a case where Target really messed up.  

50%
50%
M.Kudla
M.Kudla
1/15/2014 2:40:00 PM
User Rank
Five Bars
Mobile Payments
Though the target breach doesn't directly relate to mobile payments I think that your recommendations are fairly good.  You should always make sure to keep close tabs on all your statements and I think most people do.

I don't think that mobile payments have much more risk in the processing side than normal authorizations, the systems payment authorization companies have is fairly robust (though obviously not foolproof). 

The real issue with the mobile payment trend is the transmission of the information.  I'm not sure what type of mobile payments you're getting at, but NFC payments have obvious concerns that have been brought up in articles on this forum many times before.  In terms of just submitting payments over cell phones or other mobile devices (anything over wi-fi included) you have to be a lot more concerned about man in the middle attacks and spoofing. 

You gave a couple of broad security suggestions for both industry and then for individual users but there needs to be a much more specific understanding of threats and how devices work if a consumer or a business wants to be more secure.

Personally I don't think that the target breach is going to have any effect on mobile payment growth.

50%
50%
More Blogs from Phil Britt
Infonetics Research says that mobile security needs to grow just as fast as the overall mobile sector -- and even then security is up to the end user.
The interest in funding or investing in the mobile and security sectors has never been greater, but while IPOs are at a 14-year peak, that isn't a clear sign of a bubble.
In light of recent data breaches covered very extensively by the new media, it is refreshing to see some positive movement in the financial health of some mobile security companies.
There are ways to protect your mobile devices against attacks during this shopping season, and ways you can protect your company from the possible threats increased use of mobile shopping brings.
flash poll
follow us on twitter
like us on facebook
The Mobility Hub
About Us     Contact Us     Help     Register     Twitter     Facebook     RSS