Due Diligence: Slow EMV adoption; Fed Calls For Coordinated Security

It is a constant tussle, struggle — pick your word — for merchants and consumers striving for digital safety in their daily rounds of charge card and debit use. And with the constant news of data breaches and new malware discoveries, it sometimes seems such relative “safety” is a grail that will always be just out of reach.

For example, a week after we reported on the Samsung Galaxy security flaw, comes news that Android operating systems make up the vast bulk of mobile malware incidents: “Typically,” says the Inquirer tech news website, “Android has proven the biggest victim of mobile malware, with the report noting that the operating system currently accounts for 97 percent of all mobile malware.

“This rise in malware should put enterprises on guard, with Pulse Secure noting that firms might want to think twice before introducing bring your own device (BYOD) policies, and regularly review them if they decide to go ahead,” the article continues.

In other words, one of the biggest “weak links” in your own business’ various firewalls and protection schemes may be when someone plugs in a device they brought from home, in your network.

Similarly, when your POS device is part of a larger internet-accessible network, rather than being a “dedicated” device, more virtual intrusion becomes possible — especially if material from the internet is being downloaded on the same system.

But all is not lost. At a recent gathering on payment security, Federal Reserve governor Jerome Powell said “‘at a minimum, banks, merchants, and other institutions that process or store sensitive financial information need to keep their hardware and software current to the latest industry standards,’ pointing to the adoption of chip-based EMV technology as a good example,” according to the ABA Banking Journal.

And as we’ve been (rather constantly) noting, that switchover to EMV comes right at summer’s end — this October. However, as Payments Source and other outlets note, “a new Javelin Strategy & Research report is projecting as many as 75% of all merchants will not make the deadline.”

“The majority of small merchants are not only not ready for EMV,” the report continued, “they are not even aware of EMV.”

“’There are entities that are waiting for merchants to self-educate,” the article continues. “‘It’s a cheap strategy.’ On a more positive incentive, some merchants—after they have missed the October deadline—may be persuaded to upgrade to EMV so they can get related goodies, such as newer systems will almost certainly also support NFC.”

Of course, you don’t have to wait for those goodies. Due diligence, as the Fed’s remarks just reminded us, can pay dividends right now. So contact your AVPS rep for any security or payment upgrades you need.

That’s not you, of course, since you’re a regular reader of AVPS’ newsletter and blog.  But you can pass the word along: Your fellow business owners (and even the Fed!) will thank you.

Tags: , ,

No comments yet.

Leave a Reply

You must be logged in to post a comment.