Tag Archives: MasterCard

Breach Brief – Macy’s, Adidas

Macy’s department stores has reported a data breach of customer data. The breach affects Macy’s online customers and exposed names, addresses, phone numbers, email addresses, birthdays, and credit and debit card numbers with expiration dates. Macy’s pointed out that it does not store credit verification values (CVV) or Social Security numbers in its online customer profiles. Macy’s has reported the data breach and exposed card numbers to payment processors Visa, MasterCard, American Express and Discover. Macy’s has not said how many customers are impacted.

According to Macy’s the breach took place between April 26 and June 12. The company reported that an “unauthorized third party” had obtained usernames and passwords and were able to log into Macy’s and subsidiary’s Bloomingdale’s shopper’s online profiles. It is not known how the hackers got the information. Macy’s reported the breach in a letter to the New Hampshire Attorney General’s Office on July 2nd.

Macy’s has frozen any customer profiles with suspicious activity until the customers change their passwords.

“We have investigated the matter thoroughly, addressed the cause and, as a precaution, have implemented additional security measures,” the company said in a statement. “Macy’s, Inc. will provide consumer protection services at no cost to those customers. We have contacted potentially impacted customers with more information about these services.”

 

Adidas

Adidas, maker of sportswear and equipment, issued a warning to online shoppers in the U.S. that their personal information may have been compromised as a result a suspected data breach.  Adidas first became aware of the incident on June 26 and analysts are saying that potentially millions of customers could be affected.

A preliminary investigation revealed that the hacker may have stolen customer’s contact information, usernames and encrypted passwords. Adidas does not believe any credit card or health and fitness information was compromised.

A statement on Adidas’ website read; “According to the preliminary investigation, the limited data includes contact information, usernames and encrypted passwords. Adidas has no reason to believe that any credit card or fitness information of those consumers was impacted.” The company is in the process of notifying affected customers.

Breach Brief – Verifone

Verifonethe largest maker of payment terminals, reported it is investigating a data breach of its systems. The company provides terminals and services to merchants that allow consumers to swipe credit and debit card. The terminals can be found at a variety of businesses, including retailers, taxis, and gas stations. Verifone claims the hack was contained to its corporate networks.

An urgent email was sent to all company employees and contractors on January 23rd. The email warned them to change their company passwords within 24 hours. Employees were also notified that installing software of any kind on company computers and laptops was no longer permitted. Verifone has not said what or how much data was possibly compromised or when the breach occured.

Verifone was notified by credit card providers Visa and Mastercard a few days prior to Verifone’s employee alert. 

According to Verifone about two dozen point-of-sale payment systems at gas stations were targeted. However the situation could be more serious. Experts say that such small intrusions into payment systems are a precursor to larger attacks. Cyber criminals may have learned enough about Verifone to attack the payment systems at a later date. Sometimes months or years later. This leaves many consumers open to being victimized. 

The company operates in 150 countries and employs 5,000 people. 

Breach Brief – Arby’s

Eaten at an Arby’s lately? Well now is a good time to check your bank and credit card statements. Arby’s Restaurant Group reported that some of the payments systems at 1,000 corporate owned stores have been breached.

According to KrebsOnSecurity the chain did not immediately release the information to the public by request of the FBI. PSCU  credit union issued an alert to member banks saying the incident occurred between October 25, 2016, and January 19, 2017, and compromised more than 355,000 credit and debit cards from both Visa and MasterCard. Arby’s says as soon as the breach was uncovered it took immediate steps to fully eradicate the malware on point-of-sale systems. The investigation is ongoing.

Last year fast food restaurant Wendy’s was also hit by a serious breach. Becasue the malware could not be fully removed from the company’s systems customers accounts were repeatedly compromised. As a result banks and credit unions were forced re-issue payment cards multiple times.

Christopher Fuller, Arby’s senior vice president of communications said of the breach, “Although there are over 1,000 corporate Arby’s restaurants, not all of the corporate restaurants were affected. But this is the most important point: That we have fully contained and eradicated the malware that was on our point-of-sale systems.”

Online Holiday Shopping 2016 – Best Gift Card Sites

id-100113870

Photo courtesy of Nirots

There is a magical gift that, no matter what, is always exactly what the person wanted or needed. It is adaptable to any situation or occasion. This gift can be from the recipient’s favorite store or any store anywhere. And this gift can purchased for less than face value.  What is this super gift? The gift card of course!

One of the best gift cards to give is the reliable VISA ,MasterCard  or AmericanExpress Gift card. These three are perfect for gift giving because they can be used anywhere the credit cards are accepted and some are even re-loadable. How can you possibly go wrong when the gift card can buy anything from auto parts to nice dinners to clothing and jewelry. Using these cards as holiday gifts is a no brainer.

But should you have someone with particular tastes or if you know there is some place they get a special kick out of shopping then you can buy specific store gift cards. Almost every store provides gift cards and the top gift cards of 2016 can be found by clicking here.

And since this is the giving season lets look at the top gift cards sites. As I always say, “Black people don’t play when to comes to money!” So for African-Americans looking for the best deal on holiday gift cards there are a few sites you need to check out. These sites sell gift cards for below face value and these deals can save you some big money.

gift-card-granny-logoLets start with GiftCard Granny. The most amazing thing about GiftCard Granny is that you can actually download the Chrome extension and the apps for Apple and Android devices. GiftCard Granny offers over 150,000 gift cards from just about every store you can imagine and the discounts are nice. As much 20 percent off in some cases.  You can also sell your unused gift cards through the site. 

 

 

ebatesNext up is Ebates. This is another superstore of gift cards and they advertise discounts of up to 30 percent. And yes there  are thousands of stores and millions of cards to choose from. The deals are there but… You have to surrender your email address to even shop there. The site won’t even let you browse without surrendering some data. A definite turn off during the holiday season and good reason to move on to other gift card sites. 

 

raiseRaise.com is yet another excellent discount gift card website. This site lets the buyer shop using several parameters that include price, card type (physical or electronic),  and about twenty different categories of gift cards.  And if you are in Chicago you can check out the specials there as well. I am sure more cities will be offered soon. But trust me they have all of the major retailers  and hundreds of other specialty store and restaurants from Taco Bell to specialty steak houses. Right now it is also offering a new  sale section for additional discounts.

 

cardcashCardCash.com allows the user to buy and sell gift cards with awesome discounts.  And CardCash offers a 45 Day Buyer Protection Guarantee against those ever present holiday scam artists.  This site also allows you to search by physical or electronic cards and numerous different categories. You can find discount cards for hotel stays, restaurants, even frozen dinners. Here you can find gift cards discounted as much as 30 percent.

 

whizwalletWhizWallet.com offers discount cards from numerous different sites. According to their website they aren’t following the model that other sites use. Sites mentioned already buy and re-sell the gift cards. But WhizWallet compiles the inventory of the best discounted gift card sellers.  Using WhizWallet can help the customer find the right credit card, buy retail cards and discount cards. As always the selection is pretty expansive and you are bound to find the store you are looking for.

 

giftcardsGiftcards.com is another excellent gift card site that offers several different cards from various stores and providers. This site allows the user to even customize the gift card for special occasions. Y0u can get eGift cards delivered to your smartphone and again, every store is represented.

Holiday season is extremely busy and stressful for everyone. Trying to find the right gift for someone special can be a real headache.  But a gift card can definitely help. You literally have millions choices from stores to locations to type of gift. There are gift cards that allow you to give some special person a cruise or a vacation if you have that kind of money. May we suggest a Neiman Marcus Gift Card?

 But you may still need a little help. So WalletHub has released 2016’s Best Gift Card List  to help you choose. You can also check out their 10 Tips for Getting the Best Gift Card.

Finally, some people say that gift card are lazy gifts and seem impersonal. But research indicates 42 percent of Americans appreciate gift cards and cash over being mis-gifted. 

Pay-at-the-Pump Skimming on the Rise

gas pump skimmer tape

Security tape on gas pump card reader


Security experts are warning of a rise in skimming attacks at gas stations. Millions of
African-Americans use self-service gas pumps everyday and could be vulnerable to skimming attacks.

Skimming attacks are expected to rise significantly between now and the end of 2016 because of the change to the new EMV or PIN and Chip cards. Criminals are targeting self-service terminals at gas stations and ATMs because they are not yet using the new card technology.

Financial fraud expert Avivah Litan said, “Unattended, and especially older, self-service gas pumps are, and have always been, a very attractive target for criminals. And they will become increasingly attractive, as these will be some of the last payment acceptance devices to be upgraded to EMV in the U.S.”

Although the EMV fraud liability shifted for physical point-of-sale devices in the U.S. this past October, the liability shift for self-service gas pumps does will not be implemented until October of 2016 for MasterCard and October 2017 for Visa. October 2017 is also the date set by both card brands for EMV fraud liability shifts at U.S. ATMs.

Experts have been expecting a shift in card fraud as a result of the new EMV cards. They are warning consumers and retailers that gas stations and convenience stores should at least require customers to use their zip codes to authorize payments. This practice dramatically reduces card fraud.

Security executives are warning retailers to step up physical security at the pumps to reduce the opportunity for criminals to install skimmers.   “To place the device on the pump, the fraudster needs access to inside the pump door, so from my perspective, better physical security is needed,” the executive says. “From some of the devices we have seen placed, they are on the pumps for several days, if not a few weeks; and in cases of Bluetooth or Wi-Fi enablement, to download the data, the devices may be left on longer, as to not risk capture or removal.”

To avoid gas pump skimmer follow these steps;

  • Examine the card slot closely. Wiggle or tug on the slot to make sure it is secure.
  • Check security seal on the card slot.
  • Look for signs of tampering such as broken lock on the cover.
  • Use cash whenever possible.
  • Use a credit card rather than a debit card.
  • If you must use a debit card select the option on the screen that allows you to have your debit card purchase processed as a credit card transaction.  Don’t use your PIN  which is what the bad guys need to withdraw cash from your account at an ATM.
  • As always monitor you bank account and card transactions closely.

Now you know.

 

 

EMV is Coming! EMV is Coming!

chipcardOctober is EMV card month. And what is EMV? Currently there are 1.96 billion credit cards in circulation and they are about to change. Black people all over America are walking around with a credit or debit card in their purse or wallet. So we need to know and understand what EMV is and how it will change the landscape of credit card use starting in October. So lets get started.

First of all next month the way you use your credit or debit card will change. The first thing that will change is the card itself. America is the last major market on earth to switch to the chip embedded card. Why? The short answer is laziness, stupidity or ignorance by all involved. If you have not already received your chip embedded card now is the time to call your bank or card provider and ask when you should expect it.

The new card is called the EMV which stands for  Europay MasterCard VISA after the people who invented it. The first noticeable difference in the new card will be the chip, which is the small silver or gold chip embedded in the front of the card. Because of this chip the card should be more secure than the current magnetic stripe card you may still be carrying. Magnetic stripe cards save static payment data that can be copied, stolen or skimmed from one card and put onto another. This duplicate card data is then used to make all kinds of fraudulent purchases. Magnetic strip cards are simply outdated and notoriously insecure. The EMV technology adds a layer of security to the payment process.

EMV card readerf

EMV Card Reader

The EMV card works a little differently. The chip you see on your card has encrypted data. EMV card readers can read that data. Each purchase made with an EMV card creates a individual code unique to that particular purchase. If a hacker got a hold of that code he would not able to use it. You should be seeing the card readers in stores already. Once you slide your card into the reader, no more swiping, powerful cryptographic functions validate the authenticity of the card and cardholder. Bottom line is the encryption makes it extremely difficult to create a duplicate or fake card. But keep in mind that the magnetic strip is not likely to disappear from cards. Many small merchants will continue to use the old style card reader.

When you pay using the EMV card reader your card is instantly identified as being authentic by a process called dynamic authentication. When used with a PIN, the chip proves that the customer is paying with his or her own card.

Another change coming in October is the liability shift. A liability shift means that the responsibility for credit card fraud shifts slightly from just the card issuer to a shared liability of both the issuer or merchant that doesn’t use EMV technology. This change provides both parties with an incentive to adopt the technology. However it is not required that either party switch to the new technology. Why? Lets keep this as simple as possible; some issuers and merchants may still feel it is cheaper to take a loss on card fraud than to invest in the new technology. Is that simple enough for you?

NerdWallet’s Sean McQuay, a credit card expert and former VISA strategy analyst says, “EMV is a powerful tool, but it’s only effective if both consumers and merchants are ready to use it for transactions. Consumers need chip cards and merchants need chip readers. If only one side has upgraded to EMV for a specific transaction, then the upgrade was a waste.”

But will EMV solve all of our card security concerns? Probably not. This new technology is great but not perfect.

For example; in person transactions would definitely be more secure. Not so with thecard not presenttype of transaction such as purchases by phone or online. Using your card at the gas pump will continue to be dangerous since gas pumps aren’t required to implement the new technology until 2017. So this type of fraud is expected to increase.

So learn to protect yourself. Hackers are going to be going after those store that don’t use the new EMV card and card readers. That’s the first place you are vulnerable. Avoid those stores whenever possible by keeping a little extra cash in your pocket. And demand the new card from your bank or issuer. If they have decided not to go with the new technology then you may want to got with an institution that does.When shopping online avoid unfamiliar or unsecure websites. When you see “https” at the beginning of the payment page’s URL that means it is a secure payment site. Avoid it if you only see “http.” Change your user name and password regularly if you store your card information with any online retailers. Avoid sending credit card information via email or social media. 

Finally, criminals work hard too steal your money. The technology arms war n isever ending and hackers have already developed methods for hacking the EMV cards. Read on!

Here is more of what you need to know about the new EMV card technology.

Federal Reserve say Chip and Signature Not Enough.

Bad Guys Already Compromising Chip and PIN Cards

Now you know.

Secure Payments Arrive For Black Consumers

credit-card-safeHackers have been having a absolute field day breaking into store payment systems and stealing credit card data with impunity. The problem is intolerable for the consumer and costing everyone money everyday. Kaspersky Labs reported that over $1 billon dollars has been stolen from banks using sophisticated malware. Not to mention the additional billions lost in fraudulent credit card purchases and ATM fraud.  Last year that number topped $5 billion. In the end its always the consumer, that’s you and me, that pays for this fraud.

Securing the payment systems of American consumers has become the single most pressing cyber security problem for banks, pay services and merchants. Americans fear cyber crime and identity theft more than being murdered.

Thankfully credit card and technology companies are devising new more technologically advanced ways to combat data breaches and credit and debit card fraud. This is vitally important to African-Americans who are frequent Internet shoppers. And the last thing we tolerate is something funny happening with our money. As I have said many times before, black people don’t play when it comes to our money.

Black consumers, like all American consumers, should learn and quickly adopt the new ways that payments are being secured not only online but in brick mortar stores. Advances in technology allow payments to be made directly from a smartphone, new PIN and Chip technology prevents duplication of credit and debit cards and some systems are implementing single use tokens. The age of secure payments has arrived.

 

US-WhiteHouse-LogoThe White House Summit on Cybersecurity and Consumer Protection

This event, held at Stanford University, saw multiple companies and trade organizations announce new initiatives aimed at securing Internet transactions and reducing fraud.

A White House fact sheet revealed the efforts of the major players in the payment industry. Visa, for example, is committing to tokenization or substituting credit card numbers with randomly generated tokens for each transaction. They plan to initiate this system by the end of March.

The other payment giant, MasterCard, is investing more than $20 million in new cybersecurity tools that include the deployment of Safety Net, a new security solution that will reduce the risk of large-scale cyber-attacks.

SafetyNet is designed to add an extra layer of security by working with a bank or processor’s own security systems and detecting attacks before they happen.

Intel is releasing a new authentication technology that eliminates the password. The technology employs biometrics or personal physical measurements such as fingerprints or retinal patterns. American Express also announced a new multifactor authentication technology for consumers. MasterCard and First Tech Credit Union revealed a new pilot program that would allow consumers to authenticate and verify their transactions using a combination of biometrics, such as facial and voice recognition.

The president launched the BuySecure initiative in October of 2014. The initiative priorities include;

  • Securing payments across the economy, by advancing federal efforts to transition to more secure payment systems, building public-private awareness about more secure authentication, and calling on industry to enhance the security of their own systems and offer more secure options for their customers.
  • Helping Americans secure their good name, by improving resources to identify and remediate identity theft. This includes supporting credit score transparency and improving identity theft resources available to American consumers.
  • Enhanced information sharing, by enhancing the ability of federal agencies and industry to regularly exchange information about consumers’ compromised accounts.

what-kind-of-cr-1

Apple Pay

The AACR wrote back in September of Apple’s debut of the new Apple Pay technology. While everyone was raving about the new iPhone 6 Apple murdered the credit card.

Apple Pay replaces your credit card and the traditional swipe at the register. Apple Pay has made the act of purchasing easier by allowing you to just wave your phone in front of a reader in order to make a payment.  Apple claims the system is more secure than regular credit cards since the number is never stored on the phone or Apple servers and no one ever sees it. The credit card number is replaced by a “unique device number.”

Your credit cards will be stored in Passbook. You can add cards to your phone by taking a picture of the card or typing in the necessary  information like the credit card number, expiration date, and security code. It works with pretty much all credit cards and banks. According to Apple over 220,000 merchants are currently accepting Apple Pay.

MasterCard

MasterCard announced in October 2014 that it was partnering with Zwipe to develop a payment card with a built-in fingerprint authentication sensor.

The card allows customers to make contactless payments, using their fingerprint to confirm their identity. This eliminates the need for PINs and passwords thus increasing security.

VISA

A recent study from Visa Europe indicates that the new generation of banking customers would rather use biometric security devices than PINs and passwords for authentication.

Visa found that 75% of 16- to 24-year-olds said they would have no problem using biometric security, with 69% expecting it to be faster and easier than a password or PIN.

Visa also launched the Visa Token Service (VTS) in September 2014. The one time use token replaces the 16-digit account numbers, expiration dates and security codes, with so-called tokens. The tokens are a unique series of numbers that can be used to make payments without exposing the sensitive credit data such as the numbers, security code and expiration date.

Over 500 financial institutions have already implemented VTS according to Visa. The service will be expanded this year to additional payment environments. Visa also says tech companies and device manufacturers will deploy VTS on mobile devices. Merchants will also start using the solution to secure transactions made through mobile payment applications. Online merchants are also expected to deploy the tokenization service.

American Express

Tokenization has also been embraced by American Express, and the retail industry is seeking to develop a universal tokenization standard.

Amex will replace traditional 16-digit credit card numbers with a digital token. Consumers using the card supporting the token can make purchases online, with a mobile application, or in person using Near Field Communication (NFC) devices similar to Apple Pay technology.

The movement to more secure payments methods comes as retailers see the October 2015 deadline to support chip-and-pin credit payments getting closer. Merchants are being crushed under repeated data breaches costing ten of millions of dollars in repairs and legal costs.

Breaking It Down

Alright so what took so long? If you read this article you saw that the credit card companies have until October of this year to move to the new PIN and Chip cards. They had no choice. This situation is bad for everybody. Everybody is losing money and everybody is getting sick of it and everybody sees that no end was possible as long as the hackers had the upper hand. These payment companies, merchants and banks were locked in a cycle of one data breach after another and each more expensive than the last. The government was going to force a change this so they decided to get ahead of the wave. They had no choice. They could look out from their lofty corporate towers and see the angry flames of consumer torches gathering in the street below. It was not going to be pretty and they knew it. So now after losing hundreds of millions of dollars and looking stupid compared to the hackers, they have decided to act. They had no choice. They want you to believe that they did this on their own. But this could have been done at least two years ago. Europe has had the PIN and Chip technology for at least five years. These companies decided that since no one was making them do it why do it. But then the bleeding started. Hackers were draining the life out of these corporate clowns and their bottomline. The math was starting to swing against them and the government was getting involved. That is the only reason they decided to act. They had no choice.

 

 

 

Banks Pay Up; Don’t Bother to Investigate Cybercrime

ID-100145306

Courtesy or ddpavumba

A recent study of online banks and merchants by Kaspersky Labs indicate that banks pay up but don’t bother to investigate cybrecrime. These banks would rather pay off the claim rather than secure their systems.

Even with the skyrocketing rate of information theft banks and merchants are simply compensating their customers for fraudulent charges. More than half of financial institutions, 52%, pay off their customers claim without conducting any kind of investigation whatsoever. The rate of pay off  in Western Europe is 54%.

Kaspersky Labs joined with B2B International to conduct the study. The results show almost a third of institutions believe that the price of implementing an effective security systems is more expensive than simply repaying the customer’s loss due to Internet fraud.

It seems that the concept of paying off a claim is common among organizations that manage online payments. The study showed that 28% of representatives of financial institutions and 32% of employees of online stores who responded to the study believe that the cost of  cybercrime, including the repayment of stolen money, is cheaper than implementing effective security in their payment systems.

Only 19% of banks and 7% of online merchants point to the cost of paying customer’s claims as one of the top three most serious consequences of online payment fraud.

And the situation is getting worse. Kaspersky Security Network reported that almost four million users of its products in 2013 have been affected by financial malware used to steal their money. This is an increase of 18.6% compared to 2012. In December of 2013 a group of U.S. banks reported losing more than $200 million due to the theft of customer’s personal information or their credit card data. Losses may be higher than reported due to the continued growth of cybercrime. Some experts believe that the situation will eventually get to the point where the costs of refunds these institutions pay out will exceed the budgets for customer compensation. 

Breaking It Down

This is the Ford Pinto all over again. Remember Ford thought it cheaper to pay off lawsuits resulting from car fires rather than fix the problem. Well here we go again.

It seems banks and online merchants simply don’t care. Black people don’t play with our money. (Yeah, I said it again.) But the banks seem to be playing a game with a lot of people’s money. They feel like as long as its cheaper to pay off the loss rather than fix the system they are winning.

But these banks and financial institutions fail to realize one thing. They are not alone on an island. What they do affects a lot of people all over the world.  Where is the stolen money going? It may be going to terrorist. It may be going to sleazy foreign governments. It could be used to buy weapons for private armies in some third world country.  The money may be used to buy guns and drugs that permeate the inner city killing children, black children. The bottom line is that these banks are not only complicit in the crime they ignore, they perpetuate it.

African-Americans are consumers. We use the banks, credit cards and buy billions of dollars of goods every year. We also seem to suffer disproportionately when the economy starts to drag. We were victimized way beyond the national average in the housing market collapse. So we see this situation coming to a head. And we see we will get burned worse than others when banks begin to collapse from cybercrime.

By refusing to invest in secure systems these money changers destroy the trust that all people, not just African-Americans, have in the financial system. As black people we are not trusting of these institutions to begin with. So we are looking at this situation knowing that it can’t go on forever. Somebody has to pay and too often its the economic underclass which we make up a big part of.

We are heading for a world where people simply hide their money in the mattress and use cash for everything. What then? Well we could see another depression when there is no money in the banks for lending and credit dries up. When credit dries up so does economic development and you know we are going to get the worst of it. It is a situation that must be dealt with before something really bad happens. I need not go into that…do I?

 

Pin and Chip Cards Coming Soon

chipcardAmerica is about to make a change. The old way of swiping your credit card and signing your name is dead. Welcome to the pin and chip credit card. Starting in 2015 the new card will  move into the American consumer marketplace.Way too late but welcome just the same. 

With the new pin and chip system the card holder will insert their card into a slot where the machine will read a microchip, not a magnetic stripe. You will sign for the time being, but the new system also enables the use of PIN numbers. Card issuers  will have to decide to add this feature to their cards. 

This is the system that has been in use throughout Europe and the rest of the world for some time now. But America has been left behind in the field of credit card security. The U.S. is the last major market still using the outdated swipe-and-sign card system. That system uses cards with the black magnet strip on the back. This makes American credit cards extremely easy to duplicate once the data has been compromised. The result is that the U.S. accounts for nearly half of all fraudulent credit card charges but only conducts a fourth of all global credit card transactions.

Mastercard and VISA have already begun the implementation of the new pin and chip cards. They have set a deadline of October 2015 to complete the transition for their cardholders.

But Target stores are really pushing the pin and chip technology forward. After suffering one of the most massive data breaches in American history Target is now accelerating the pin and chip point of sale system in its stores. The retailer plans to have the pin and chip card readers in all 1,797 stores by September.

The shift to pin and chip cards was inevitable. Starting in late 2015,  vendors who continue to accept payments from the old magnetic-strip credit cards will be liable for fraudulent purchases. MasterCard’s Carolyn Balfany,who is overseeing the transition to the pin and chip card or EMV (Europay, MasterCard VISA), explains the repercussions to retailers and banks once the new system is in place. 

“If a merchant is still using the old system, they can still run a transaction with a swipe and a signature. But they will be liable for any fraudulent transactions if the customer has a chip card. And the same goes the other way – if the merchant has a new terminal, but the bank hasn’t issued a chip and pin card to the customer, the bank would be liable.”

Belfany went on to say; “The key point of a liability shift is not actually to shift liability around the market. It’s to create co-ordination in the market, so you have issuers and merchants investing in the migration at the same time. This way, we’re not shifting fraud around within the system; we’re driving fraud out of the system.”

Breaking It Down

The change took too damn long! This is something that should have been in place five years ago. But the banks and major American retailers and the credit card providers simply saw credit card fraud as the cost of doing business. Nobody wanted to pay for the new cards  or the point of sales systems. But then Target stores got hammered with a major breach. Then Neiman-Marcus, then eBay, most recently AmericanExpress. The hits just kept coming. Then Congress got interested and the courts started to issue some interesting rulings that began to strip away the precedents many of these companies were hiding behind. Finally they began to sue one another. In 2013 alone there were over 600 credit card system breaches and 70 million cards compromised. The system was on the verge of incineration. To put it mildly; the sh*t hit the fan! And so they had to act. Enter the pin and chip system.

There are a lot black people walking around with credit cards. We purchase as much or more than other people. You’ve heard me say this before, we don’t play when it comes to our money. So we are ready for the new pin and chip cards. I encourage black people to call their banks and anybody else they have a credit card from and ask for that new pin and chip card ASAP! Its imperative you protect yourself because the crooks know the new system is coming and they want to rob as many people as possible before it becomes more difficult.

But there is more to this article to be examined. For example; why is it the option of the company issuing the cards to decide if they will accept PIN numbers with the new pin and chip card? Now in my opinion if they are really interested in protecting you then this would be a no brainer. But they are not so they may not require you to use a PIN. Why? Because the idea is to get you to spend money and eliminate any unnecessary steps between you and your money. Not to mention the cost of setting up systems for that extra layer of security. They are trying to avoid the extra expense.  So you have to demand it for your cards. I want black people all  across America to take the extra few second to use a PIN with that new credit card. Demand that your bank or retailer allow you to implement the PIN. Don’t wait for some really smart hacker to figure how to beat this system and believe me they will eventually. Demand the most stringent security you can get to protect your money. Cause black people don’t play when it comes to our money.

American Express Acknowledges Data Breach

300px-American_Express_logo.svgEarlier this week American Express notified its customers of a data breach. According to the company as many as 76,000 thousand customers have had credit data compromised including names and account numbers. The company also stated that as many as 18,000 California residents may have had additional information lost but not their names.

Law enforcement notified American Express that large files containing customer information was posted online and they suspect the “hacktivist” group Anonymous Ukraine to be the culprit.

This past march Anonymous Ukraine released more than 7 million credit card records as a protest against financial companies for “enslaving people.” Included in that massive release were over three million VISA card records, 1.7 million MasterCard records and 600,000 Discover card records. The group clams to have as many as 800 million credit card records. 

Security experts don’t believe it. Experts believe the group is simply boasting and maybe recycling older, previously hacked card information. No one has identified the source of the data or leaks as of yet.

Equifax Vice President Scott Mitic called the incident “yet another in the nearly constant stream of data breaches that affect U.S. consumers today. It’s part of our day-to-day to lives.”

Mitic urged AmEx cardholders to check all recent transactions, place fraud alerts on their accounts and check their credit reports.

Although it is not known when the data was breached AmEx  discovered the breach on March 25, according to the company.

American Express has instituted additional fraud monitoring on affected card, and assured customers that they are not liable for any fraudulent charges.

Breaking It Down

Here is the key to the above article. AmEx knew of the  breach on March 25th. Today is June 5th! African-American AmEx card holders are asking why the long wait?  Any AmEx card holder would have wanted to know a little sooner. Am I right? The problem is that they are not obligated by any effective law requiring them to tell you any sooner. Yeah, there are plenty of states that have data breach laws but who’s laws apply here? AmEx is a global company.

We need more stringent data breach laws and more data breach lawsuits to put an end to this. Right now there is no financial or judicial punishment when these things happen. Companies fear very little after a data breach. Except maybe losing sales or customers. That’s no small thing at all but there needd to be enforceable laws to stop this…NOW!

Let me explain something to you. AmEx is a global, multi-billion dollar company. If a customer discovers fraudulent charges on their card AmEX is willing to spend a few hundred or few thousand or a few hundreds of thousands of dollars to fix the problem. In other words they look at it as the cost of doing business. A crook would say “Don’t do the crime if you can’t do the time.” So as long as companies feel that way they are not scared of these data breaches or the consequences. They just pay the price and keep it moving.

Now, if Anonymous Ukraine is telling the truth about the 800 million records they say they have then who is responsible for that loss? When are we gonna see these financial executives sitting in in front of Congress explaining that? They demanded answer from the automobile executives, cigarette companies, even the IRS. So how about these big financial companies?See the government is not acting so there is little these companies fear.  Another question also comes to mind, if they have 800 million records who is not included on that list?