"Organizations are putting in layers of security and tools to safeguard information and assets, however, the fraudsters are attacking our weakest link, the consumer," says Anthony Vitale of Patelco Credit Union.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
"It's time to stop shifting the security burden onto retailers and restaurants like Margarita's," says Gartner analyst Avivah Litan on the latest payment card breach. "In fact, it was time for that over five years ago."
The Fed's ruling on interchange, mandated by the Durbin amendment, offers financial incentives for fraud-prevention investments and could fuel a U.S. move toward new card-payment technologies, like EMV.
Some 200 people have reported fraudulent debit and credit transactions hitting their accounts after dining at Margarita's Mexican Restaurant in Texas. Investigators believe a third-party vendor may have been hacked.
From the exposure of thousands of Citi cardholders to the Michaels debit breach, fraud continues to impact card issuers. Involving the consumer in prevention is a step financial institutions must take, says Javelin's Phil Blank.
Social media, mobility and cloud computing are new areas of risk for organizations, and risk managers need to go back to the fundamentals of understanding the information they are protecting, says Robert Stroud, ISACA's international vice president.
Despite increased incidents, major U.S. card issuers receive poor marks for card fraud prevention, according to a new study from Javelin Strategy & Research. The biggest area of concern: card-not-present fraud.