Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network.

Published byKatrina Terry Modified over 8 years ago

Similar presentations

Presentation on theme: "Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network."— Presentation transcript:

1 Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network

2 Agenda What’s HappeningWhat’s ChangingPayment Security MythsIndustry ProtectionsNew ChallengesEmerging Risks

3 What’s Happening

4 PhishingVishing Smishing Data Compromises You don’t need to teach an old dog new tricks!

5 What’s Happening You get the phone call, text, or email Yes it still works! New sunglasses Insurance payment Facebook virtual money Transactions submitted in seconds

6 What’s Happening Data Theft Phishing Vishing Smishing Consumer provides card or account data Data feed to counterfeiters real time Initial test transactions begin simultaneously in different countries Based on data compromised, target is most likely card-not- present

7 Source Verizon 2014 Data Breach Investigations Report What’s Happening Most skimming occurred on ATMs and gas pumps due to how relatively easy they can be approached and tampered with. Nearly all victims are U.S. organizations. Industries most commonly affected by POS intrusions are restaurants, hotels, grocery stores, and other brick-and-mortar retailers. Most skimming occurred on ATMs and gas pumps due to how relatively easy they can be approached and tampered with. While phishing numbers are slightly lower in 2013, 8 percent of users will click an attachment and fill out a web form. Most are skeptical of clicking an attachment, but 18 percent will visit a link within a phishing email.

8 What’s Changing

9 Payment credentials compromised Small dollar test transactions — slow flowing, wanting the 3 digit code on the back of the card More significant purchases, transactions escalate Fraud Goals High valueMerchandise Approach Low velocityValidation Compromise PhishingSmishing

10 Payment Security Myths

11 Technology Investment If I invest in the latest security technology can I get rid of other security technologies? Technology Integration I have a firewall, IDS, IPS, logging servers, and a SEIM, do I just plug them in and they work? Human Resources How many technologies can a security department manage, train, and become experts on? If I invest in this technology can I reduce the need to add more positions? The Ripple Effect

12 Industry Protections

13 Perimeter Defenses: Neural Engines: Data Protection: Consumer Account Bank/Debit/Credit WAPS Malware Detection Document Inspection SEIMS Velocity GeographicDevice Usability Encryption Tokenization Dual Control

14 New Challenges

15 Mobile devices Cloud computing and personal usage exploding Alternative payment apps Intelligence vs. stupidity

16 Emerging Risks

17 Compromises are no longer about the immediate theft and use of the data Thieves are installing key loggers, malware, and rats, among other items and letting them simmer for months before using There’s not a single security approach or technology that’ll prevent or mitigate the value of stealing account and card data as long as transactions can occur without authentication

18 Emerging Risks Silver Bullet? EMV Tokenization Layered Defenses No Fraudulent Transactions EMV prevented? Yes – counterfeit No – Internet Target Breach EMV prevented?No

19 Thank you! QUESTIONS? 515-558-7502 tdooley@shazam.net

Download ppt "Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network."

Similar presentations

Current Fraud Trends Kathy Druckenmiller, CFCI, CIRM, ACT Specialist April 29, 2014 4/29/2014.

Current Fraud Trends Kathy Druckenmiller, CFCI, CIRM, ACT Specialist April 29, /29/2014.
HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?

1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
AmadeusCybersecurity: the essentials12 th November 2014 Alex van Someren Family Office Forum 12 th November 2014, Zurich Cybersecurity: the essentials.

AmadeusCybersecurity: the essentials12 th November 2014 Alex van Someren Family Office Forum 12 th November 2014, Zurich Cybersecurity: the essentials.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Identity Security Time to Share Nicolas Popp VeriSign MM/DD/YY - Session Code: 22 pt Arial.

Identity Security Time to Share Nicolas Popp VeriSign MM/DD/YY - Session Code: 22 pt Arial.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.

Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.
Why Comply with PCI Security Standards?

Why Comply with PCI Security Standards?

Similar presentations

Ads by Google