By Samuel Greengard
The ripples and ramifications from the recent Target and Neiman Marcus security breaches continue to slam consumers…and other businesses. According to new data from Javelin Strategy and Research, a consumer had about a 10 percent chance of seeing their stolen credit card data used three years ago. Now the figure stands at about 33 percent. Debit cards have hit 46 percent.
In addition to the financial risk—particularly on unprotected debit cards—there’s the hassle factor. I know. One of my credit cards was entangled in the Target debacle and, consequently, my bank sent me a new card. That meant venturing online and calling merchants to update my payment information. Right now, I’m at about 45 minutes and counting. Multiply this by the 40 million Target shoppers and 1.1 million Neiman Marcus shoppers and we’re talking about far more than a minor inconvenience.
I’ll admit it, I’m boiling mad. As a result, I’m avoiding Target stores for the foreseeable future. The way I see it, Target, Neiman Marcus and others have a responsibility to provide a transaction system consumers can trust. I don’t want to hear excuses.
Alas, most retailers don’t seem to be getting the message. Another study conducted by password manager vendor Dashlane found that, among top 100 e-commerce sites, more than half accept weak passwords, such as “password” or “123456″; 51 percent do not block wrong entries, even after 10 failed attempts; and many send requested password information with minimal verification.
The worst offenders? 1-800-Flowers, J. Crew, Toys “R” Us, MLB.com, Dick’s Sporting Goods, Amazon, Wal-Mart and Victoria’s Secret. In fact, only about 10 percent of the sites Dashline studied met the firm’s criteria for enforcing strong passwords and protections. Just one in 10 businesses—that’s a jaw dropper.
A fundamental problem with today’s authentication systems is that they’re based on what Steve Schwartz, president of ID
Bron: Linux and Unix Nieuws Lees het complete artikel hier: http://www.channelinsider.com/blogs/security/retailers-failing-to-protect-consumer-data.html/