Top Five Causes of Data Compromise

Posted by ryuzaki0 on Monday September 18, 2006 @09:18AM from the it's-the-data-stripe-stupid dept.

Steve writes, "In a key step to help businesses better understand and protect themselves against the risks of fraud, Visa USA and the U.S. Chamber of Commerce announced the five leading causes of data breaches and offered specific prevention strategies. The report states that the most common cause of data compromise is a merchant's or a service provider's encoding of sensitive information on the card's magnetic stripe in violation of the PCI Data Security Standard. The other four are related to IT security, which can be improved simply by following common-sense guidelines." Here is the report on the U.S. Chamber of Commerce site (PDF).

1 of 106 comments (clear)

Min score:

Reason:

Sort:

Chip & PIN by celardore · 2006-09-18 09:58 · Score: 5, Interesting

Perhaps slightly OT, but the article is slashdotted and the header mentioned VISA and breaches.

I think one of the greatest mistakes the credit/debit card companies/banks (certainly here in the UK) made was the compulsary PIN entering (as opposed to a signature) at point-of-sale. Now all you need to do is stand behind me and see my PIN, or if you work at the store - have the security camera trained at the keypad then either lift my wallet or clone my card. All you need is that four digit number, and you've pretty much got my bank account.

My point is, companies make fundamental security errors, and will continue to do so.