Imagine not being able to use cash for even the smallest purchases because your bank—still shaking from news of the recent retail data breach that affected at least 110 million accounts—has decided to block all customer transactions. This actually happened.
In many recent interviews I have been asked the question numerous times “Is it time to go back to cash?” The answer is NO, but consumers should definitely have cash on hand. Not having cash will severely limit consumers in the event of a massive power outage and we are seeing that massive data breaches have big time negative effects too.
Large banks, in response to that 110-million-account breach, may be putting limits on card usage, and can have cards replaced relatively quickly. But smaller financial institutions do not have the means to replace cards quickly. They also lack budgets to cover potential breach incidents.
As a result, a customer may learn that their card is blocked from transactions that don’t involve a PIN. Many consumers got stung by this during the holidays. One customer reported he had to contact his bank first to confirm any online purchases. His card then gets unblocked for an hour, but then blocked again. Supposedly this ban has since been lifted.
In a litigious society, don’t bet against the possibility of consumers suing retailers for these kinds of consequences; it’s already begun happening. One woman filed a class-action lawsuit on Dec. 23, 2013, citing a giant retailer’s alleged failure to secure its data, leading to the massive breach.
Tips for Businesses
- Always update. Your software should always be up to date. Thieves can easily overcome old software and invade your sensitive data.
- Control access. Who has access to your servers? Do you know? Make sure that only trusted users/administrators have access.
- App testing. If a custom application code is running on your servers, it should be tested for the top 10 security issues regarding web applications.
- Be alert. Keep a tight rein on your server, and your cloud provider’s bill. A traffic surge that you don’t expect can signal a spam attack.
Don’t pass the buck. Business owners, and consumers as well, have been playing key roles in cyber crimes—though not with malicious intentions, but rather, being uninformed as well as not wanting to step up to the plate.
Stepping up to the plate is the only option retailers have in order to survive. The time to show your customers you are serious about preventing credit card fraud and the lengths you’ll go to protect their identities is right now.
Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.