Security Realities In Light Of EMV
By Gregory Grant, Senior Director of Sales and Business Development, Phoenix Managed Networks
As a security professional, I work with companies of all sizes helping them sort through the realities of how best to protect payment information and themselves from a security breach. It never ceases to amaze me that so many companies look only to meet their compliance requirements (Payment Card Industry [PCI] for example) and never consider that their networks remain highly vulnerable to compromise. Enter EMV technology, and once again, so many business owners are already thinking that this will absolve them from having to do little more than implement the new technology and they’ll have met all of their security needs and compliance requirements.
Good security measures require a layered approach and to date, no security technology or services company has come up with “the” silver bullet. There are simply too many ways a hacker can compromise a system. As it relates to EMV and the mandate to implement new readers and systems, every business needs to understand a few harsh realities before concluding they are safe from attack.
To provide some perspective, consider that the U.S. is late to the game in implementing EMV. EMV has been used in Europe, Asia, and other parts of the world for many years now and still, the rate at which business of all sizes are being hacked hasn’t changed much. Although the transaction is authenticated with a certificate by way of the chip, the data is still transmitted in plain text, offering rich reward to hackers who get to the data by compromising other devices or services running on the business network. EMV won’t do much to prevent a cyberattack. It will make it a bit harder to use the card holder data that’s gathered, but certainly not impossible. Since gathering the cardholder data is not labor intensive, the rate of attacks will likely remain steady, if not increase.
Sign in to read more.
Get unlimited access to:
Enter your credentials below to log in. Not yet a member of VAR Insights? Subscribe today.