Buying products or services online always comes with a measure of risk. Does the business properly secure and store credit card data? Does it take steps to protect against cyberfraud?
This isn’t a new threat. Back in 2015, Dutch researcher Willem de Groot reported these online skimming tactics at more than 3,500 stores. But despite his warning, the situation hasn’t improved. The total number of affected stores has nearly doubled, and of the 3,500 originals, 750 are still putting customer credit card data at risk.
Laying Down the Law
In addition, companies need to consider the use of reliable third-party monitoring and detection tools that can alert them to possible avenues of compromise and help limit their total risk — an essential step given the increasing regulation of personal data storage, transmission and security.
Better consumer data protection will also demand more active involvement from big players in the online space. As noted by Fox Business, for example, search giant Google is rolling out a new policy as of January 2017: Any HTTP site that transmits credit card information or passwords will be considered insecure by the company’s Chrome browser.
Right now, HTTPS sites are displayed as secure and HTTP sites as neutral. Raising the threat profile on HTTP-only checkout processes should improve customer awareness and prompt greater demand for secure checkout options.
It’s a reminder that there’s no resting on one’s laurels here, since even HTTPS is of no use if cybercriminals infect the servers directly. Companies, third parties and dominant online entities need to collectively tackle these sneaky swipers head on.