Presentation is loading. Please wait.

Presentation is loading. Please wait.

The rising standards of EU Mobile Payments October 2015 Jeremy King, International Director.

Published byJocelyn Harvey Modified over 9 years ago

Similar presentations

Presentation on theme: "The rising standards of EU Mobile Payments October 2015 Jeremy King, International Director."— Presentation transcript:

1 The rising standards of EU Mobile Payments October 2015 Jeremy King, International Director

2 We live in an increasingly connected world 42 Billion objects by end 2015 100 Billion objects by end 2020

3 About us: Founded in 2006 - Guiding open standards for payment card security Development Management Education Awareness

4 PCI Security Standards Suite Protection of Cardholder Payment Data

5 The UK is now a smartphone society According to Offcom Smartphones overtake laptops as UK internet users’ number one device Two thirds of people now own a smartphone, using it for nearly two hours every day to browse the internet, access social media, bank and shop online. Superfast 4G is helping change the way we shop, bank, watch TV and communicate

6 Mobile Payments However: 54 percent of respondents do not think that security is a benefit of m-payments in-store. More than 87 percent of respondents expressed interest in using m-payments technology if security and fraud protection were guaranteed.

7 Consumers changing the way they interact with their bank 44% confirmed using Mobile Banking App regularly 80% confirmed using Online banking regularly Interestingly is that Telephone banking becoming used much less 46% never use telephone banking TSYS: 2015 U.K. Consumer Mobile Payment Study

8 Understanding Credit Card Fraud is Simple Steal the cardSteal the PINSteal the data

9 Oops…Nearly Forgot Or you steal their phone, or buy their phone when they change it, or just pick it up from the back of the taxi, train carriage, plane or cafe where they dropped it

10 Which is not as strange as you may think In 2014 TFL had 20,309 mobile phones handed in as lost property

11 Security risks and challenges remain

12 OWASP top 10 Mobile risks

13 Mobile Risks: Physical Security Mobile phones have limited if any Physical Security Secure Microprocessors are rarely used and address and data busses are openly available for monitoring and data capture Lost or stolen phones can easily have stored data accessed; this may include personal and card data

14 Incorrect Permissions An app with too many permissions may perform unintended functions Permissions are vulnerable to hijacking by another app which may obtain and transmit customer information Exposed Communications Exposed internal comms allows apps to gather unintended information and inject new information Exposed external comms, (Network, WiFi, Blue tooth, NFC, etc) allows man in the middle attacks Functionality Unintended functions could be performed outside of an Apps normal/ expected activity Mobile Risks: Logical

15 Mobile Risks: Applications A new Trojan called Ghost Push has been wreaking havoc on thousands of Android devices across the world. It hides itself within popular apps and has made its way into various marketplaces, including Google Play Store. It reportedly gains root access and automatically downloads unwanted apps and ads. In addition some devices allow the installation of “unsigned” apps from outside the vendors preferred App store.

16 Mobile Malware

17 Mobile Risk: Criminals conning customers The alarming texts encourage people to call a number or visit a website, often as a matter of urgency. But the phone number or website is actually controlled by a criminal, enabling them to fool customers into handing over security details that can be used to access the victim's bank account and steal money. To make the texts seem authentic, the fraudsters use specialist software, that alters the sender ID on a message so that it appears with the name of a bank as the sender. Fraud warning texts from criminals pretending to be your bank BANK customers who receive text alerts about fraud could actually fall for a scam sent by the very fraudsters warned about in the message, experts have cautioned.

18 Mobile Risk: Open Ports It may be charging but what else is it doing? Hardware ports are not controlled Open USB ports can allow criminals to insert or extract data whilst the phone is charging

19 Mobile Risk : Any old iron Old, unused phones are rarely decommissioned properly. Leaving them full of stored personal information and confidential data 4857 used iPhone 5’s

20 More and more often we are bringing these devices to work

21 What do we know? Mobile phones are not secure Consumers like using their mobile phones Merchants and Banks see mobile phones as a great opportunity Criminals see mobile phones as a greater opportunity

22 Accepting Payments Mobile POS

23 PCI Guidance Documents on Mobile

24 Tokenisation Apple Pay Samsung Pay Mobile Wallets

25 Please visit our website at www.pcisecuritystandards.org

Download ppt "The rising standards of EU Mobile Payments October 2015 Jeremy King, International Director."

Similar presentations

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)
Www.sophos.com/loveyourphone Mobile device security Practical advice on how to keep your mobile device and the data on it safe.

Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.

Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.
Online Holiday Shopping Brings Great Deals – and Fraud This lesson is part of the iKeepCurrent TM Program, provided by iKeepSafe TM.

Online Holiday Shopping Brings Great Deals – and Fraud This lesson is part of the iKeepCurrent TM Program, provided by iKeepSafe TM.
Implications and Security Issues of the Internet By Neelesh Patel.

Implications and Security Issues of the Internet By Neelesh Patel.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
For further information computersecurity.wlu.ca

For further information computersecurity.wlu.ca
1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?

1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Our Eyes are on the watch for you! One Stop Shop Payment Automation: Innovative and Smart platform that: Increase Sales and Merchant Retentions Creates.

Our Eyes are on the watch for you! One Stop Shop Payment Automation: Innovative and Smart platform that: Increase Sales and Merchant Retentions Creates.
Introduction to Depository Institutions Presented by Day 2.

Introduction to Depository Institutions Presented by Day 2.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.

October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
Why Comply with PCI Security Standards?

Why Comply with PCI Security Standards?
Internet Fraud By: Noelle Woodman.

Internet Fraud By: Noelle Woodman.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
ITEC0722: Mobile Business and Implementation: Mobile Applications Suronapee Phoomvuthisarn, Ph.D.

ITEC0722: Mobile Business and Implementation: Mobile Applications Suronapee Phoomvuthisarn, Ph.D.
Rapid Mobile Development Enterprises are having a tough time keeping up with the demand for mobile apps. With these growing demands, businesses are expecting.

Rapid Mobile Development Enterprises are having a tough time keeping up with the demand for mobile apps. With these growing demands, businesses are expecting.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

Similar presentations

Ads by Google