Security Is in the Smart Cards
To help retain trust in e-commerce, credit card companies should promote smart cards.Arent we smarter than this? News that a hacker recently accessed as many as 8 million Visa and MasterCard accounts would have been shocking if we werent becoming so disturbingly numb to such break-ins. We really cant go on this way if retail e-commerce is to become a permanent, trusted part of our lives. How did we get here? Credit card companies and online retailers bent over backward to make consumers feel secure about their transactions. Seeing to it that credit card numbers cant be lifted via communications over the wire or over the air was an important step.
But what of the credit card data once its in the hands of the online retailer or the transaction processing company? In the instance above, Data Processing International, which services mostly television and catalog sales by phone, was the target. At a minimum, that data should be stored in encrypted form, preferably encrypted with the credit card vendors public key so that the data is inaccessible to anyone but the vendor. But even better, it should not be stored at all.
Most Recent Security Stories:
Most Recent eWEEK Editorials: