Cyber Security; Its Your Right To Ask Questions

canstockphoto8662069As an African-American consumer you should not shy away from asking the tough questions when it comes to cyber security. You’re banking online, shopping online, even ordering dinner online. All these things require you to expose your bank account or credit card online. You need to know who is protecting you and how. For example; Microsoft stopped supporting Windows XP about a month ago. They no longer offer security updates or other technical support for that operating system. Did you know that 95% of all  ATMs  use Windows XP? That’s right your ATM machine is using outdated software and not many banks have switched to another software. You are vulnerable. Some banks have cut a deal with Microsoft to get extended support but that’s just temporary.

Now my question is has your bank notified you?  Probably not. Why? Because replacing the operating systems on ATMs is a major project that is extremely expensive. In the United States alone there are 210,500 bank affiliated ATMs. Roughly 200,000  run Windows XP according to the London based Retail Banking Research.  According to the National ATM Council there are over 400,000 ATM machines in the U.S. and about  half are owned by Independent ATM Deployers or IADs. That means there are probably a helluva lot more ATMs running the outdated XP operating system. The problem is that banks and IADs must upgrade the software one ATM at a time. And many of them require that the  entire computer inside be replaced.  Add in the cost of the labor and the price could add up to between $1,000 to $3,500 per ATM. Banks are not eager to pay out that much money so they keep quiet. But it’s your right to ask, no demand, answers. Don’t shy away from this because if you happen to get ripped off the bank is not going to replace your money easily.So ask them, what are they doing about the Windows XP issue?

If you have been reading my blog I wrote about the Heartbleed bug.  Federal Regulators warned banks to patch the bug in their servers. Has you bank done so? Have you asked?

You have the right to protect yourself. Those you do business with have an obligation to inform customers how they are going to protect your financial information and your money. That is, if they want to keep you as a customer. So ask questions.

I also suggest you do the occasional web search for information about your bank, credit card company or any merchant you do business with. There is a lot of information about companies especially from consumers. Try Angie’s List or Yelp.com. You can search social media like Facebook. Try www.companynamesucks.com. Believe it or not it usually works and you will see what dissatisfied consumers are saying.

What to ask is probably your first question. Here are a few questions you need to ask your bank, credit card company or online merchant;

1. Does my bank have a plan to update their ATM operating systems? When?

2. Has my bank patched the Heartbleed vulnerability?

3. What level of encryption does my bank use online? The answer should be 128 bit encryption.

4. If there is a security breach when will my bank/credit card company/online merchant inform me? What is the policy?

5. Ask your credit card company when (not if) they will adopt the PIN and chip cards? Any later than October 2015 is the wrong answer.

These are just a few simple questions to ask. The answers should be in writing. Many banks will mail you pamphlets or a letter stating their policies. They may also direct you to their customer service department or website. That’s fine but whatever they tell you make sure you can find it in writing. If you can’t find it then demand it in writing. This is the best way to protect yourself. If something should happen you know exactly what to do and you know what your bank/credit card company/merchant is supposed to be doing.  Don’t take a chance with this. Make sure you know your rights as a cyber consumer. Remember 40 million people had their information stolen in the Target data breach. And I’ll bet that not many knew what to do or what Target was doing. Don’t let that happen to you.