The PCI Security Standards Council has done a breakdown of how recent high-profile security breaches have occurred, and how merchants of all sizes can defend against the risk of being hacked, Payment Week reported.
One reason for the rash of cyberthefts is the EMV shift set for October 2015, which has spurred hackers to throw all their efforts into taking advantage of the current vulnerabilities in retailers’ point-of-sale systems. Several major retailer, including Walmart, Target, Walgreens and Home Depot, have committed to going live with EMV by January 2015, but only about half of all U.S. merchants are expected to have EMV implemented by the end of 2015.
But EMV upgrades and tokenization is not enough, and businesses should also strongly consider additional actions, the PCI Council said. It lists other key security considerations:
- Malware infections at the point of sale caused the majority of data breaches.
- Hackers do not discriminate with targets in regards to business size.
- Up-to-date anti-virus software can help prevent malware infection.
- Merchants should implement and properly secure stronger passwords.
- PCI-validated point-to-point encryption may become increasingly critical to implement for a layered security approach.