Tuesday, February 9, 2010

Consumers also responsible for credit card security

Credit card users need not do anything wrong to fall victim to security breaches like those at Heartland Payment Systems and TJMaxx parent company TJX; they simply need to have a card.

Their credit card information is protected by the Payment Card Industry (PCI) Security Standards Council, which was formed in 2006. The council sets 12 specific goals to build and maintain secure networks, but those may not always be enough, according to general manager Bob Russo.

"Consumers need to take a little bit of responsibility now. You can watch your credit card activity online," Russo said in an interview with CNET News. "You really should be monitoring your credit card statements. If you have to, do it when the statement comes in the mail."

Payment card data was stolen in 84 percent of the 285 million security breaches recorded last year, according to the 2009 Verizon Business Data Breach Report. Medical information was targeted least often, accounting for 3 percent of breaches.

Compliance with PCI standards is mandatory for all companies storing or processing payment card identification. Heartland executives originally said they were compliant, but later disclosed that assessors incorrectly informed the company. Breaches like this may drive myriad consumers away from merchants involved, Russo said.

"If you're a merchant you really have to be careful because consumers are getting smarter and smarter and if they find out you are not protecting their data, credit card data or personal data, they're going to walk away," he said. "And that's going to be the downfall of your business." creditnews

No comments:

Post a Comment