As consumers demand greater access to information, offers and payment functionality—anytime, anywhere—the lines between in-store commerce, eCommerce and mobile commerce are blurring. In this emerging Universal Commerce environment, it is therefore crucial to accurately identify potential new vulnerabilities and build effective defenses to stay ahead of data thieves. This short quiz will help us explore some of the myths and realities of security in the age of Universal Commerce.
Fact or Fiction: Fraudsters will actively look to siphon account information from phones and EMV cards.
Answer: Fact AND Fiction.
For passive devices like contactless cards, this is technically possible for criminals to do by picking a consumer’s pocket and attempting to circumvent the devices’ security features. However, it is practically unlikely and has compensating controls to prevent it from being an efficient method of data theft. For active devices (e.g., smartphones, tablets) with secure elements, remote data removal and encryptions, this is unlikely, and to reach the information, it would require a device-level “hack” to penetrate the layers of security. (more…)