Increase in data breaches should have retailers concerned
November 21, 2014

The sudden changes in the payments industry in North America have been dramatic, with security being the primary reason. The Target and Home Depot data breaches were the starting point, many stores are worried that they may be next. With the holiday shopping season fast approaching, the main concern is that security will become increasingly vulnerable, as the high transaction volume will make them ripe targets for hackers and cybercriminals. As a consequence, the movement toward more secure solutions is necessary through a combination of integrated payments systems, PCI compliance and tokenization.

Another day, another breach
The severity of breaches just keeps adding up. Bank Info Security reported that office retailer Staples confirmed the presence of malware in its systems, which led to a data breach in at least several stores in the northeastern United States. The attacks occurred in the summer between July 2 and Sept. 14. The hackers in question used so-called "command-and-control" infrastructure to take over the systems and remove the data. Security expert Brian Krebs reported that around 100 stores were hit with the malware, something that the merchant did not confirm.

The need for more cards
Given that the Target breach occurred in the 2013 holiday shopping season, many retailers are legitimately worried that it will happen to them as well. The situation seems unlikely to let up anytime soon, despite a massive increase in supply, as reported by Trend Micro. The average cost of credit card details has gone down to about $1 per card in 2014. This downward pressure on price will possibly spur cybercriminals to harvest even more cards and sell more data to break even. The cybersecurity firm predicts that attacks will expand to mobile devices in 2015.

The best way to counteract this is through integrated payments systems. With software continually updating, vendors can supply quick fixes to any vulnerabilities that could appear in the system. In addition, certain mechanisms can be put in place to develop stronger security measures, such as PCI-DSS compliance. A store will be capable of better isolating problems before they greatly affect business. In addition, measures such as tokenization, which encrypts customer data into indecipherable tokens, may be implemented easily, providing an extra layer of protection for stores and consumers. All of these features can be integrated at the point of sale level through mobile devices.

Nexus: G-WEBCD2