FBI has now posted a revised version of the warning about vulnerabilities with new chip-embedded credit cards. Full details are available here.
Many merchants as well as banks, have already adapted the new EMV terminals as well as replaced hundreds of millions of traditional cards. While the EMV cards are meant to offer higher security, the FBI warns that no technology is safe or eliminates fraud completely. As technology advances, so does the the criminal mind who will continue to look for ways to exploit vulnerabilities with new technology and steal payment information.
As stated on their website:
"Although EMV cards provide greater security than traditional magnetic strip cards, an EMV chip does not stop lost and stolen cards from being used in stores, or for online or telephone purchases when the chip is not physically provided to the merchant, referred to as a card-not-present transaction. Additionally, the data on the magnetic strip of an EMV card can still be stolen if the merchant has not upgraded to an EMV terminal and it becomes infected with data-capturing malware. Consumers are urged to use the EMV feature of their new card wherever merchants accept it to limit the exposure of their sensitive payment data.
Consumers should closely safeguard the security of their EMV cards and PINs. This includes being vigilant in handling, signing, and activating a card as soon as it arrives in the mail, reviewing statements for irregularities, and promptly reporting lost or stolen credit cards to the issuing bank. Consumers should also shield the keypad from bystanders when entering a PIN, as PINs are vulnerable to cybercriminals who work to steal these numbers to commit ATM and cash-back crimes."
In conclusion, FBI asks for all merchants who currently offer ability to accept EMV cards, to use same precautions as they use with Mag Stripe Cards. If you are a merchant who accepts sales over the phone or online, you are encouraged to use additional security measures. For online payments, the information should be encrypted, and always make sure your server is as secured as possible of any potential security risks. One of the most common ways hackers have been utilizing lately to gain access to your server is from Brute Force Attack. The best way to prevent Brute Force Attack, is to make sure you always use a long string of random letters and numbers for your password and not use something easy that a computer system can guess. Also make sure to update all your passwords every 30-60 days.
Whether you’ve been terminated, recently declined, operate a high-risk business, or have credit issues, let Netcom PaySystem High Risk experts get your merchant account approved today! Feel free to apply online, call us at 800-875-6680 or email us at email@example.com