To be honest I could care less whether or not the cashier checks for a signature because it is a worthless action. At the initial transaction level a simple 5 digit pin would be a huge step as it provides something you have (the card) with something you know (the pin). This is simple and fairly easy security (as long as they dont embed the pin on the card so it can be cloned easily...)
But that being said is not even near the real problem! The real problem is the security of card and personal information in digital form and the utter negligence of companies and individuals who put this information on mobile devices and/or media and don't even bother to use simple encryption to protect it. Once this card information is stolen, sold and cloned you most likely will be seeing a lot of online purchases. Alot of the places even keep the 3 digit verification number stored although they aren't supposed to according to PCI DSS!
And the figures are probably off because it really depends on what kind of store/industry loses the data. If your bank loses your data you might switch banks more quickly then you would totally stop shopping at Walmart... These studies can be fairly useless as ppl are going to say they are going to do the right thing like stop buying from a store, but in reality most ppl can't keep up a boycott for very long... Sad fact, but true.
But that being said is not even near the real problem! The real problem is the security of card and personal information in digital form and the utter negligence of companies and individuals who put this information on mobile devices and/or media and don't even bother to use simple encryption to protect it. Once this card information is stolen, sold and cloned you most likely will be seeing a lot of online purchases. Alot of the places even keep the 3 digit verification number stored although they aren't supposed to according to PCI DSS!
And the figures are probably off because it really depends on what kind of store/industry loses the data. If your bank loses your data you might switch banks more quickly then you would totally stop shopping at Walmart... These studies can be fairly useless as ppl are going to say they are going to do the right thing like stop buying from a store, but in reality most ppl can't keep up a boycott for very long... Sad fact, but true.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/481/1887#1887