Back in September, Home Depot
announced that they may have detected a breach in their card payment data
infrastructure. At first, Home Depot
downplayed it relaying that it was most likely a small breach containing few
compromises in card payment information.
Quickly after that first statement, Home Depot realized that the breach
was bigger than they had originally anticipated and would need to alert all
customers that purchased anything within the time frame of card infringement. Home Depot then released another announcement
informing customers that email addresses had also been compromised.
According
to Home Depot, the files that were stolen contained email addresses but “did
not contain passwords, payment card information, or other sensitive personal
information”. However, as a customer who
received an email on Friday regarding this scandal, I must say I am reluctant
to believe that “personal information” such as card payment information has not
been compromised. The email I received
claimed that there may have been and might be fraudulent charges on my credit
card account. Getting a new card is not
a hassle but in situations such as these, people start to wonder how safe their
credit cards really are.
It is
unbelievably easy to steal the credit card information from a customer. Whether taking the information by just looking
at the card or using a radio frequency identification device to extract the
information, stealing someone’s credit card information is pretty simple. In most cases, a merchant has access to
thousands of accounts with credit card numbers and personal information, such
as emails, addresses, and phone numbers.
Signing up for programs for sales or rewards are usually the options
merchants utilize to link your account and spending habits. The best way to make money is to set a flag
every time a registered customer uses any of his/her credit cards to make a
purchase. Then companies know to send
targeted emails to that customer about other products to purchase. When an account like that is hacked, there
isn’t much information that the hacker does NOT have. The hacker then has access to payment
information, address, email, passwords, log in id, and phone number. A malicious user could use any of that
information to cause harm to customers everywhere. In Home Depot’s case, the hacker can steal
payment information and create fraudulent charges.
To
protect yourself when using a credit card, there are only a few things you can
do other than to stop using credit cards all together. In Europe, credit companies have implemented
a chip along with the magnetic strip on the back of the credit card. The chip implements a new encryption
algorithm every time the credit card is used.
So although online shopping still poses the same risks, using a credit
card in store no longer holds the same threats.
In the case of home depot, the malware that was injected would not have
been effective in securing payment information.
The only information that would have been breached is the information
regarding customer email addresses.
Although
the chip is one of the best ways to secure shopping with a credit card in
stores, there are still risks to shopping online. The chip eliminates many risks regarding in
store credit card purchases but does nothing for interweb shopping. I think implementing the chip in America,
although expensive, will be a great security precaution and will help innovators
in the cybersecurity fields come up with a way to protect online shopping just
as well.
No comments:
Post a Comment