Chester Wisniewski of Sophos Talks About Secure Credit Card Transactions

Chester Wisniewski's nakedsecurity describes Wisniewski's specialty thus: "He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics." So he's obviously someone who might know a little about preventing future Target-style security debacles. We've also interviewed tech journalist Wayne Rash about this topic, and will probably interview another security expert or two. Many Slashdot users may find all this credit card security talk boring, but for those who handle security matters for a living, especially for retailers, it's vital information. So here's Tim Lord talking with Chet, who is a recognized security expert for Sophos, one of the big dogs in the IT security field, when Chet was in Texas for the latest iteration of Security B-Sides in Austin. (Alternate video link.)

Broken by design

[Tailhook]

Until transactions are performed through a bank run broker such that the retailer NEVER GETS THEIR PAWS ON ACCOUNT CREDENTIALS, it's all a waste of time. I blame the banks; Target episodes are inevitable as long as the banks fail to provide an alternative to having retailers schlep around account credentials.