OPINION PAPER: July 2020 By D. Bruno | 1.92 MB

Download

By David Bruno

Every day, millions of monetary transactions are intercepted or exploited fraudulently. Credit card details and online banking access details are compromised at a staggering pace, and attackers often sell this information online, for a price less than that of an average meal [1].

The attacks have either remain constant or witnessed a surge, despite the measures to secure the payments. In September 2006, payment giants such as MasterCard, American Express, Visa, JCB International, and Discover Financial Services congregated to establish the Payment Card Industry (PCI) Security Standards Council, a body that oversees the protection standards of debit and credit card issued, globally.

The PCI Data Security Standard (PCI-DSS) is now a global benchmark the nearly every merchant, card issuer, financial institution, and intermediary needs to comply with. Despite this, the payment information falls through the cracks and the global costs were estimated at $22.8 billion [2] in 2016 alone (and still elevating).

With this in mind, it is astonishing that the personal information and data is subject to even less scrutiny than the payment information. In case of a compromised credit card, the bank refunds the misappropriated funds and immediately issues a replacement of the card. However, one cannot change his/her own date of birth, eye color, medical history, social insurance number or mother’s maiden name.

The above-mentioned critical pieces of personal information can be mis-used resulting in theft of one’s identity and in turn used for legally questionable purposes. Despite the risk, technological organizations and social media platforms treat personal data irresponsibly, and reports indicate sharing of personal information with third parties and storing it on online public forums where, it is nearly impossible to expunge.

About the author(s)

David Bruno

David Bruno, is a technical-policy analyst for Global Foundation for Cyber Studies and Research, USA. He is the founder and CEO of Secure Swiss Data (now SafeSwiss®) a global cybersecurity firm, that specializes in anti-fraud and anti-corporate espionage systems, worldwide. His firm focuses on the digital and interactive financial sector, FINTECH solutions. For over 20 years, he has been meticulously working in designing solutions that offer digital security to the masses including free E2EE encrypted email server. He is a contributor and a member of the Electronic Frontier Foundation (EFF) an establishment that strongly advocates the defense of digital civil liberties. He is also a contributor to the Northern Policy Institute, dedicated to educating the public on the surveillance of email in general, and the importance of encryption, especially for vulnerable populations like refugees.