Ever since the Target credit card breach happened, online shoppers around the world have been left in a state of panic. They are not sure where to shop from and which shopping site to trust. For those who are unaware of the Target credit card breach incident; it is a large scale data theft, which happened to an online retail giant called Target. The credit card details of customers who shopped at Target were stolen by certain miscreants, who later on sold it underground to their customers around the world. An investigation which was later on carried out by fraud investigators revealed the presence of a large scale black market, where stolen cards were sold for prices ranging from as low as $20 to more than $100 per card.
According to the reports, a particular “card shop” which sold stolen cards online was behind the Target incident. The cards were sold under particular ‘bases’ in the website of the ‘shop’, in a completely professional manner. And the most disturbing fact is that they went as far as offering money back guarantees for cards which were not functional or cancelled by the original owner. They also provided their customers with ZIP code and city of the store from which the cards were stolen, so that they could make same-state purchases and thus avoid ending up with cards for which out-of-state transactions have been blocked. This shows how organized the crime is and how vulnerable online shoppers are, to getting their card data compromised.
In such a scenario it is very important for shoppers to safeguard themselves from such frauds. But an even important responsibility is with the online merchants to ensure the safety of their customers. Taking into account the security of their customers, various online merchants have already started taking measures to ensure that their credit card details are not compromised. Some of the methods which they use are:
- Adhering to PCI DSS: The first and the most important thing to avoid fraudsters hacking in is by adhering to Payment Card Industry Data Security Standards (PCI DSS), which aims at preventing post purchase frauds. The standards were issued by the Security Standards Council in March 2011, and following them is an effective way to prevent the cards from being hacked.
- Using cloud computing solutions: Through this the entire transaction can be automated, thereby avoiding the hazard of agent con. The information passed through phone calls can be secured to avoid further access. The facility provides users with an interactive voice response option through which their card details can be given securely using the keypad of his/ her phone.
- Utilizing secure payment gateways: Secure gateways such as Amazon Payments, PayPal etc will ensure safe transaction.
- Insisting upon cards with security codes: Retailers ensure that the transactions take place through credit cards with private security codes. In such cases, only the holder of the real physical card will be aware of the code. Even if the password of the card is compromised, the security code will prevent the card from being misused.
Such measures, if followed strictly during online transactions can go a great way in preventing the credit card details of innocent customers from being misused.