Sometimes events in the payments world are seismic ones. A rumbling, a shakeup that puts everyone off balance and then the regrouping — it's those aftershocks that need watching.
So it is with Equifax. No need to go over the numbers tied to the seismic breach because they keep changing, and may be changing even as you read this eBook. When the impact stretches across oceans, nations and demographics, though, and those affected number in the hundreds of millions, a sea change is a-swelling.
Equifax brings a few key questions to mind.
The proverbial (data) cat is out of the proverbial (ostensibly safe data warehouse) bag. That cat’s never coming back. Beyond the metaphor, the sheer “hugeness” of the data breach means that more of this information — sensitive and valuable information ranging from Social Security numbers to birth dates to home addresses — is available to hackers than ever before.
If the rule of thumb for individuals is to assume that their data has been stolen, what are the new rules of thumb for companies transacting with those individuals? How should they adjust to a new reality in which the data they are presented looks legitimate but may be stolen? How do they make decisions about retail transactions, lending activities or money transfers in milliseconds?
PYMNTS asked nine executives from a cross-section of the payments industry for their thoughts on how Equifax changes everything, and how it doesn’t. After all, companies must still look at what data is flowing into and out of their firms. They must still endeavor to keep consumer and cardholder data (and their own corporate data) safe. They must also, in looking at transactions and customer interactions, try to foster a seamless experience. How can they do that in an environment in which the security status quo is no longer appropriate?
The executives we surveyed offered a range of ideas on how businesses should move away from what may have been a “one-size-fits-all” approach. London-based financial institution Currencycloud's CTO, Ed Addario, argued that regulation may in the offing, but emphasized firms must also strive for speed and transparency in dealing with breaches. ICBA Bancard president and CEO Tina Giorgio offered some insight into what firms did after news of the Equifax breach hit. In almost all cases, the need for eternal vigilance was stressed.
Yes, October may be National Cybersecurity Awareness month, and headlines may flare about what to do and what not to do, but when it comes to protecting data, all too often we forget until we are reminded. And, when it comes to protecting sensitive data, all stakeholders — from consumers to corporate back offices — must be conscious not to be unconscious.