Clicky

The Myth of Smart Cards | Altaware, Inc. Cyber Security Blog

The Myth of Smart Cards

We're being told incorrectly that "new" smart cards would have prevented these data breaches from Neiman Marcus and Target.

Smart cards are a fraud prevention technique. Europe has had them for years now and we probably should seriously consider them. However, we need to treat massive data breaches that lead to identity theft as another matter.

Smart cards are a fraud prevention technique. Europe has had them for years now and we probably should seriously consider them. However, we need to treat massive data breaches that lead to identity theft as another matter.

Having a card create a fraud alert serves the banks and helps minimize their exposure to the risk of fraud. It's a transactional security consideration. However, what leads to identity theft is mass loss of our personal information that includes more than just our name and credit card number. Even if the cards are somehow more secure, the real identity theft issue is how well these entities are protecting the rest of the data they have stored about us. Things like names, addresses, buying habits, financial application data, etc. What we're talking about are the massive databases they have about us. That is separate than the transactional purchase data. As far as transactional data is concerned, even if the card has encrypted data on the card to prevent swipe theft, what about that big database?

If we somehow do better secure the card, what is being done or talked about in terms of our data that can be used to commit identity fraud? It needs to be addressed and once again there are best practices and laws in place. It's not just financial data, we should be very concerned about all our EMR data not for the most part stored in full electronically behind sketchy security.