The vast majority of UK businesses hold consumer credit card data unwittingly, risking PCI DSS breaches and ICO fines. That’s according to research carried out by identity protection specialists Ground Labs.
A random survey of security experts who use Ground Labs software across more than 100 consumer-facing businesses found that every one of them had credit card details unwittingly stored on IT equipment. On average more than 1,000 credit card records were found by the company’s software within each business sampled.
Even businesses that claim to be compliant with agreed global standards for credit card data security hold rogue details, the survey found. There are various possible reasons for this, all linked to standard computer processes such as browser caches or email duplications. Amongst the worst examples uncovered was a company that firmly believed it had no records. It was found that the business actually held more than 20 million credit card numbers on servers throughout its network.
“We have more than 1,000 businesses across the UK and Europe that have used our software and every single business found erroneous card records in its IT systems,” says European director at Ground Labs, Mohamed Zouine. “What we have found is that even those businesses that believe that their systems are clean are carrying records that could be easily acquired by hackers.”
The company is advocating the use of a software programme called Card Recon as part of the standard systems maintenance routine to detect and remove credit card details. Zouine adds: “We believe a routine check should be as frequent as anti-virus checks. There are many ways in which card details can remain on business’s IT infrastructure unwittingly. Transaction logs sent back from banks, browser caches, email duplications and more can hold sensitive data that has a black market value in the wrong hands and can be used to defraud consumers. The issue for small businesses is that they are far less protected than large corporations. It is relatively easy for an entrepreneurial thief to steal IT equipment or hack in to a business and retrieve valuable credit card data.”
Latest News
-
UK court confirms shutdown of payments firm over crime concerns
-
Visa and OpenAI partner to enable secure agentic AI payments
-
Citi hires new MD for consumer and retail investment
-
Rabobank, ING, Credit Agricole ‘consider stake in Belgium-owned bank’
-
Visa and Mastercard win preliminary approval for $38bn swipe fee settlement
-
UK watchdog investigates auditors linked to collapsed lender MFS
Creating value together: Strategic partnerships in the age of GCCs
As Global Capability Centres reshape the financial services landscape, one question stands out: how do leading banks balance in-house innovation with strategic partnerships to drive real transformation?
Data trust in the AI era: Building customer confidence through responsible banking
In the second episode of FStech’s three-part video podcast series sponsored by HCLTech, Sudip Lahiri, Executive Vice President & Head of Financial Services for Europe & UKI at HCLTech examines the critical relationship between data trust, transparency, and responsible AI implementation in financial services.
Banking's GenAI evolution: Beyond the hype, building the future
In the first episode of a three-part video podcast series sponsored by HCLTech, Sudip Lahiri, Executive Vice President & Head of Financial Services for Europe & UKI at HCLTech explores how financial institutions can navigate the transformative potential of Generative AI while building lasting foundations for innovation.
Beyond compliance: Building unshakeable operational resilience in financial services
In today's rapidly evolving financial landscape, operational resilience has become a critical focus for institutions worldwide. As regulatory requirements grow more complex and cyber threats, particularly ransomware, become increasingly sophisticated, financial services providers must adapt and strengthen their defences. The intersection of compliance, technology, and security presents both challenges and opportunities.
© 2019 Perspective Publishing Privacy & Cookies
Recent Stories