Ingenico hardware attack
It seems as though every few months, we hear about a major data breach of a large company that leaves the personal information of thousands, even millions of consumers, exposed and vulnerable. You might recall hackings in recent years of household names including eBay, JPMorgan Chase, Home Depot and Target. Just at the start of this year, Wendy’s was the victim of a widespread breach that has potentially stretched to what could be considerably more than the 300 North American restaurant locations originally reported.
According to the Identity Theft Resource Center (ITRC), the total number of breaches to date in the U.S., captured in the 2016 ITRC Breach Report, has reached 489. This is an increase of 19.8 percent compared to this time last year. Since 2005, an alarming total of 6, 300 breaches have been recorded and the trend is on the rise.
This brings us to a very obvious, yet necessary, point of discussion: better security. While hackers are moving quickly to outsmart companies and their systems, the increased acceptance of EMV technology throughout the country has been heralded as the only saving grace, an assumption which is just not the case. While EMV is an effective measure for reducing card-present fraud, chip cards in no way thwart potential hackers from carrying out a harmful data breach. So what else should be done? How do we protect customer credit card information no matter the payment method?
The straightforward answer is a combination of point-to-point encryption and tokenization — a level of protection that not only keeps customer information safe, but can significantly reduce PCI’s regulatory mandates (and costs) for businesses.
Let’s talk about what this combination really means. Point-to-Point Encryption (P2PE) is a payment security solution that guarantees the strongest encryption protection for card-present transactions, like those completed with terminals and mobile devices, as well as key entry transactions. To ensure cardholder data is truly being protected from the point of entry at a store, all the way to the bank, it’s important to use a For example, CardConnect developed a P2PE-validated solution that is compatible with Ingenico devices. For more information on P2PE, from the PCI Council.