70 percent of respondents questioned in a study said that security of customer transactions are at risk with the pressure to migrate to new payment systems.
The “Data Security in the Evolving Payments Ecosystem” study – sponsored by Experian and conducted by Ponemon Institute had nearly 70 percent of individuals say that pressure to migrate to new payment systems means that the security of customer transactions are at risk.
Also, only half of the respondents who were made up of 748 U.S.-based IT, risk management, product development, IT security and other professionals directly involved with the payment systems in their organizations, indicated that they are merely somewhat confident in the security of newly emerging payment systems.
Michael Bruemmer, Vice President of Experian Data Breach Resolution notes that in order to improve confidence and be self-assured, companies should take the time to become familiar with new payment systems, prior to actual implementation of them.
“A few steps companies can take to improve security posture include regular security training for employees, having a well-practiced data breach response plan in place, and support from C-level executives,” Bruemmer said.
Other interesting pointers came up with the study. The fundamental question of ‘who is responsible when it comes to security of payment systems’ had:
- 45 % of respondents say it was the banking institution.
- 40 % looked at the credit card companies
- 33 % of the respondents also pointed to the regulators.
Who is responsible for protecting customer data following a breach?
- A staggering 75 percent said the company that lost the information is to be held responsible.
- 69 percent of the respondents included the banks that issued the payment cards involved in the breach incident.
“[Companies] should invest in enhanced security measures to protect payments information, and be prepared to protect customers with identity theft protection and fraud resolution services in the event a breach does occur,” Bruemmer noted.
More than half of the respondents, at 56 percent said their organization always issues a new payment card after a breach happens. 61 percent of the respondents noted that their companies are somewhat or not effective when it comes to responding to breaches. Optimistically, 69 percent also said that highly publicized breaches have increased awareness of security payment systems.
Highlighting data elements that were deemed most important to protect and safeguard:
- 68 % said passwords or PIN codes.
- 63 % said credit card and security numbers.
- 32 % said Social Security numbers.
- 32 % said usernames.
- 26 % said email addresses and finally,
- 16 % said bank account numbers.
“There is broad consensus around the need for increased collaboration to solve the security issues facing the industry, with 85 percent of respondents believing greater collaboration is important to ensure the security of current and future payments infrastructure,” Bruemmer said.