In seems that no matter where you look in the news, we are seeing yet another retail store having private data scraped from their systems. This problem is becoming more and more of a concern as would be thieves try to make some easy money instead of making an honest living. It all started out with Target right around the busy holiday shopping period.
Since then, the problem has spread to several other notable retailers including Michaels. The big question is how is this Malware getting into these secure systems? These systems are monitored constantly by company security so it is disturbing to think that someone has learned an easy way to breach these systems.
The method that is used is called ram scraping. With a POS system, the ram is where the card numbers are stored right after swiping and just before they are encrypted and sent to the retailer. This fraction of a second when the numbers are being encrypted is when the information is stolen. With today’s systems, it is not possible to never have the card number on the system. Retailers are going to have to take a stand and do more frequent checks and updates on their systems to ensure they are not infected or the software is out of date.
Several things are going to have to happen in order to stop this non-sense from happening to every retailer on the planet. Security experts are going to have to find how these systems are getting infected and find a way to block this Malware from getting into the POS software. In addition, we might have to start thinking about how we pay for our purchases.
One way to avoid becoming a statistic is to pay with good old-fashioned cash. Years ago, credit cards were not as popular and cash and checks were the main means of purchasing. Back in those days we are actually buying things with money that we really had. Many folks that use credit cards are using virtual money that has to be paid back and this is why so many are in debt. So paying with cash or check solves two problems at once.
One thing that was suggested was to use pre-paid cards for your transactions. This way, if a thief does capture your credit card numbers, who cares because they are not going to be able to charge much from an almost empty card. Another option would be for credit card companies to come out with a card that changes the number after each use. This would not allow a would be thief to be able to access the card even if he did get the numbers.
Even with all the safeguards, we live in a world where people do not want to make an honest living. They would rather steal from others instead of providing for themselves. This type of activity is only going to accelerate over the years and credit card companies are going to be faced with some huge challenges.
Posted by, Ross A Deprey
Leave a Reply