It seems like a weekly occurrence to hear about another major retailer being compromised by hackers. Home Depot, Target, P.F. Chang’s and most recently Staples – among many other retailers – have acknowledged consumers’ information has been accessed putting credit card information at risk. At Colden Company, we service business entities primarily but the question of personal security is one we are often asked, indicating the level of concern that consumers have about their personal protection. What steps can we, as consumers, take to protect ourselves as these events do not seem to be slowing down?
There are several precautions that can be taken. One step would be to begin taking advantage of services like Google Wallet or Apple Pay. These services take advantage of NFC technology and so-called “tokenized payment processing” on your smart phone and do not expose your credit card directly to the retailer. In the case of Apple Pay, even Apple doesn’t know your credit card number; your card information is securely stored on the secure element in the phone. Therefore, it is important to have a strong security on your phone, since a thief could presumably make payments using your phone if your phone is stolen. (Google Wallet allows you to deactivate your wallet in the event of theft) Apple Pay is a bit more secure than Google Wallet which is to be expected when comparing technology released in 2014 (Apple Pay) vs. 2011 (Google Wallet).
Online purchasing is very convenient and I am willing to bet at least some of your holiday purchases this year were made online. Apple Pay and Google Wallet will work with some online retailers but not all. Obviously the tap and pay feature is not usable for an online purchase. For those instances where you must use your credit card, make sure your credit card is not saved by the site. This decreases convenience but is a prudent step to protect your security. Monitor your credit card activity regularly and perhaps consider taking advantage of services like LifeLock to help protect against fraud and identity theft.
In 2015, the US will finally begin a wider rollout of Chip-and-PIN credit cards. These cards, which have a microchip in the card and require the consumer to enter a PIN and checkout, have been in wide use throughout the world and have cut many forms of card fraud by more than 65%. President Obama announced in October 2014 that cards issued by the federal government will come standard with Chip-and-PIN technology starting in January 2015, and as of October 2015, the cost for fraudulent transactions will shift from banks to merchants if the merchants have not upgraded their point-of-sale equipment to support Chip-and-PIN transactions.
Finally, a step everyone should take is to reconsider the passwords that you use. Strong passwords are a great deterrent to hackers. The problem is remembering those difficult passwords! Services like LastPass and KeePass are nice tools to help with password management and can securely manage your passwords across multiple devices. Change your passwords regularly and make them strong passwords that are not easily hacked. Conveniences like easy-to-remember passwords often put your security as risk.
There is an old saying in security circles that the only truly secure computer system is one that is powered down. The point is that there is a balance between usability and security. In the scenario above, a computer that is turned off may be secure, but there is no usability! There is no magic bullet for securing your assets. Security is done best when done is a layered approach. The more layers of security you can use, the safer you will be. With all the threats out there in the digital world today, it seems like a good time to add a few layers.
While these suggestions are directed at consumers, businesses are just as vulnerable if not more so than individuals. The layered security approach is a must for businesses as well. In need of a few extra layers this winter? Call us at (888) 600-4560 or email us at firstname.lastname@example.org, or see us on Facebook or Twitter to let us help protect your critical assets.