Comments on: 60 Minutes "Hi-Tech Heist", an analysis http://tylerhannan.com/2007/11/60-minutes-hi-tech-heist-an-analysis/ reflections from the intersection of technology and payments Thu, 05 Aug 2010 15:02:26 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: tyler hannan http://tylerhannan.com/2007/11/60-minutes-hi-tech-heist-an-analysis/comment-page-1/#comment-14 tyler hannan Wed, 28 Nov 2007 18:12:00 +0000 http://tylerhannan.com/2007/11/60-minutes-hi-tech-heist-an-analysis/#comment-14 @shift4<br/><br/>"The best to secure data is not to store data"<br/><br/>I agree with this completely, and the Shift4 approach of tokenization is one proven methodology to eliminate this insecurity from commerce applications.<br/><br/>With that said, I've never been a huge fan of the FUD (fear, uncertainty, doubt) method of marketing. The story of, and necessity for, secure payment processing should stand alone without having to resort to concerns of funding terrorists. @shift4

“The best to secure data is not to store data”

I agree with this completely, and the Shift4 approach of tokenization is one proven methodology to eliminate this insecurity from commerce applications.

With that said, I’ve never been a huge fan of the FUD (fear, uncertainty, doubt) method of marketing. The story of, and necessity for, secure payment processing should stand alone without having to resort to concerns of funding terrorists.

]]> By: Shift4 http://tylerhannan.com/2007/11/60-minutes-hi-tech-heist-an-analysis/comment-page-1/#comment-13 Shift4 Tue, 27 Nov 2007 21:13:00 +0000 http://tylerhannan.com/2007/11/60-minutes-hi-tech-heist-an-analysis/#comment-13 The recent "60 Minutes" story on credit card data theft is a reminder that merchants are vulnerable to attack when personal credit card data is retained within their computer systems. However, the report failed to mention one of the most serious consequences of credit card data theft: funding terrorists.<br/>The CBS story demonstrated systemic weaknesses, including poor or nonexistent encryption technology. “Encryption alone is not the answer. The best way to secure data is to not store data,” said J. D. Oder II, Vice President/Chief Technology Officer, of Shift4 Corporation, a leading provider of enterprise payment solutions. Shift4 Corporation’s Tokenization technology offers a greater level of security by substituting a unique identifier (a token) for a card number, so sensitive personal card data is never retained in the system. “When there is no useful data in the system, there is nothing for data thieves to access and use,” Oder added.<br/>While the "60 Minutes" piece did mention "bad guys" who steal credit card data, it did not mention that some of the "bad guys" are terrorists. According to Dennis Lormel, a former FBI Section Chief for financial crimes and now Senior Vice President of the consulting firm Corporate Risk International, credit card fraud is a low-risk, high-reward way for terrorists to generate cash or to purchase items such as weapons, bomb-making materials and night-vision goggles. <br/><br/>"They are very adept at exploiting weaknesses in the financial system, such as vulnerable credit card data in computers," Lormel explained. "Since terrorists have become adept at hacking into computer systems to steal card data, technology that removes credit card data from computer systems effectively chokes off this revenue stream." The recent “60 Minutes” story on credit card data theft is a reminder that merchants are vulnerable to attack when personal credit card data is retained within their computer systems. However, the report failed to mention one of the most serious consequences of credit card data theft: funding terrorists.
The CBS story demonstrated systemic weaknesses, including poor or nonexistent encryption technology. “Encryption alone is not the answer. The best way to secure data is to not store data,” said J. D. Oder II, Vice President/Chief Technology Officer, of Shift4 Corporation, a leading provider of enterprise payment solutions. Shift4 Corporation’s Tokenization technology offers a greater level of security by substituting a unique identifier (a token) for a card number, so sensitive personal card data is never retained in the system. “When there is no useful data in the system, there is nothing for data thieves to access and use,” Oder added.
While the “60 Minutes” piece did mention “bad guys” who steal credit card data, it did not mention that some of the “bad guys” are terrorists. According to Dennis Lormel, a former FBI Section Chief for financial crimes and now Senior Vice President of the consulting firm Corporate Risk International, credit card fraud is a low-risk, high-reward way for terrorists to generate cash or to purchase items such as weapons, bomb-making materials and night-vision goggles.

“They are very adept at exploiting weaknesses in the financial system, such as vulnerable credit card data in computers,” Lormel explained. “Since terrorists have become adept at hacking into computer systems to steal card data, technology that removes credit card data from computer systems effectively chokes off this revenue stream.”

]]>