ONLINE TRANSACTIONS ARE SAFER, YES OR NO?
If you’ve been following payment news, you’ve heard a lot about data breaches lately. According to idtheftcenter.org, there have been nearly 5,000 high-profile data breaches since 2005, exposing some 633 million records. Because most states only require retailers and payment providers to report data breaches if social security numbers are exposed, the actual number of breaches is likely much higher.
This week, Krebs on Security posted an interview with Brian Krebs about data breaches, including an interesting explanation of why physical debit and credit cards stolen from brick-and-mortar stores are far more valuable to data thieves than card numbers stolen online. According to Brian Krebs, it comes down to how easy the information is to manipulate, sell, and use.
Why Online Payments are Safer
In the interview, Brian speaks at length on the process a cybercriminal must go through to use a card to extract funds. When physical cards are stolen from brick-and-mortar stores, called “dumps,” they can be sold easily on underground “card shops” online for ten times the price of credit card information stolen from online retailers. The reason is that when the actual card is stolen, a criminal may enter a store, buy high-value electronics or other goods, and leave the store before anyone notices anything is wrong. Compare that to the process of using card information that has been stolen online, where, not only does a criminal need to find an online retailer that will ship to a different address than where the card is registered, but must also find a suitable place to mail the goods for the exchange. Because of the effort involved, physical cards are worth more to criminals and are therefore more sought after.
In a perfect world, security marks set up to help guard your identity would function 100% of the time, but sadly, this isn’t the case. Few retailers check to see if a customer has signed the back of their card, or ask for ID for verification. This is why, when major data breaches hit the news, they’re most often in brick-and-mortar stores, such as Target, which recently had a high-profile breach in December.
The majority of brick-and-mortar data breaches come down to one unavoidable issue: human error. As stated above, card security measures are rarely followed in-store. However, when purchases are made online, customers are automatically funneled through checkout security features such as SSL, or Secure Socket Layers. These measures ensure that data submitted by the user is encrypted, and thus protected, against data breaches. When online retailers and payment solution providers, like E-Complish, follow laws mandated by the FTC, customer data security is nearly guaranteed.
To be clear, online data breaches do occur. Though, according to Krebs on Security, they happen at 1/20th of the frequency of traditional brick-and-mortar breaches and expose far less important information. By ensuring your online transactions are funneled through a third-party security partner like E-Complish, which follows all mandated FTC regulations in addition to their own in-house security measures, you and your customers will be far less likely to encounter security risks or fall victim to stolen information.
For more information about E-Complish’s payment solutions, take a look at our page, where you can learn more about how we keep our transactions secure.