Sunday, November 9, 2014

Because You Know It's All About That Chip...

Back in September, Home Depot announced that they may have detected a breach in their card payment data infrastructure.  At first, Home Depot downplayed it relaying that it was most likely a small breach containing few compromises in card payment information.  Quickly after that first statement, Home Depot realized that the breach was bigger than they had originally anticipated and would need to alert all customers that purchased anything within the time frame of card infringement.  Home Depot then released another announcement informing customers that email addresses had also been compromised.
                According to Home Depot, the files that were stolen contained email addresses but “did not contain passwords, payment card information, or other sensitive personal information”.  However, as a customer who received an email on Friday regarding this scandal, I must say I am reluctant to believe that “personal information” such as card payment information has not been compromised.  The email I received claimed that there may have been and might be fraudulent charges on my credit card account.  Getting a new card is not a hassle but in situations such as these, people start to wonder how safe their credit cards really are.
                It is unbelievably easy to steal the credit card information from a customer.  Whether taking the information by just looking at the card or using a radio frequency identification device to extract the information, stealing someone’s credit card information is pretty simple.  In most cases, a merchant has access to thousands of accounts with credit card numbers and personal information, such as emails, addresses, and phone numbers.  Signing up for programs for sales or rewards are usually the options merchants utilize to link your account and spending habits.  The best way to make money is to set a flag every time a registered customer uses any of his/her credit cards to make a purchase.   Then companies know to send targeted emails to that customer about other products to purchase.  When an account like that is hacked, there isn’t much information that the hacker does NOT have.  The hacker then has access to payment information, address, email, passwords, log in id, and phone number.  A malicious user could use any of that information to cause harm to customers everywhere.  In Home Depot’s case, the hacker can steal payment information and create fraudulent charges.
                To protect yourself when using a credit card, there are only a few things you can do other than to stop using credit cards all together.  In Europe, credit companies have implemented a chip along with the magnetic strip on the back of the credit card.  The chip implements a new encryption algorithm every time the credit card is used.  So although online shopping still poses the same risks, using a credit card in store no longer holds the same threats.  In the case of home depot, the malware that was injected would not have been effective in securing payment information.  The only information that would have been breached is the information regarding customer email addresses.

                Although the chip is one of the best ways to secure shopping with a credit card in stores, there are still risks to shopping online.  The chip eliminates many risks regarding in store credit card purchases but does nothing for interweb shopping.  I think implementing the chip in America, although expensive, will be a great security precaution and will help innovators in the cybersecurity fields come up with a way to protect online shopping just as well.

No comments:

Post a Comment