Plugging the Breach: Recent, Massive Data Breaches Have Banks Asking How They Can Protect Themselves and Their Customers, in Both Point-of-Sale and Online Payments
Pourquoi ce travail est dans la base
Une base qui oublie comment elle a trouvé un travail ne peut pas être vérifiée. Voici les voies qui ont admis celui-ci.
Notice bibliographique
Résumé
[ILLUSTRATION OMITTED] The millions of potentially compromised credit card accounts in the Target, Neiman Marcus, and other recently reported payments breaches are certainly scary, but the fact that such breaches occur isn't new. is new is that all of the partners in the payment chain--banks, card networks, retailers, processors, and newer entrants, such as Google and Paypal--suddenly have cause to talk with each other about potential solutions. Part of this, admittedly, is motivated by congressional interest, with at least one hearing held last month on the subject. Arguably, though, the sheer size of the threat has caused all the players to see the need to adopt countermeasures. It's a shared system, and there are shared risks, says Mike Urban, director, financial crime risk management, at Fiserv. Technology can help us, but we have to have people paying attention to it, mitigating any gaps that start to come along, and having policies in place around what you do when particular things happen. Even apart from the Target incident, the overall numbers are telling. The Identity Theft Resource Center has reported that more than 600 breaches occurred in 2013--a 30% increase compared to 2012. From the perspective of the banking industry, however, since 2005, banks have been responsible for only 8% of all breaches; while in that same period, banks have had to reimburse card members for 62% of their losses, according to Doug Johnson, vice-president and senior advisor, risk management, at ABA. It's hard to protect against data breaches in the payment area unless the entire payments process and all the players within that process have adequate levels of security, Johnson points out. For the time being--absent any new legislation or initiatives by other payment system partners (although inroads are being made in both areas now)--banks should revisit their own protection and mitigation systems. Interviews with various analysts reveal that the payments breach problem is actually two problems: those that occur at the physical point-of-sale (POS), and those that occur online or card-not-present (CNP). Each one poses different circumstances that require different responses. POS fraud The recent, highly reported breaches all occurred through the use of a malware system reportedly developed years ago by a Russian teenager. It generally works by what's called RAM scraping, in which the malware, once installed on a POS device, is able to capture a customer's card number and other information in the milliseconds between when the card is swiped and when the back-office encryption system kicks in. What we've learned is, if at any point it [the information] is in the clear, it's going to be captured, says Matt Herren, fraud specialist, CSI. The general response to this has been the adoption of EMV (Europay MasterCard Visa), otherwise referred to as chip-and-PIN or even just chip. Currently, there's an ongoing industry debate in the United States whether or not the personal identification number should be included, or whether just the presence of the chip would be enough to meet the card associations' liability standard. For example, in the aftermath of the recent Target payments breach, a retailers' association claimed that chip-and-PIN would have deterred the criminals. In response, a group of financial services trade associations, including ABA, pointed out that such a claim distracts from the more complicated issue: The payment systems depend on a chain of providers, and each one has different industry data security standards. Generally, EMV is a technology that uses a microprocessor embedded into the plastic card, which stores payment card data from the issuer and performs cryptographic processing during a payment transaction. It is impervious to access by unauthorized parties. While EMV has seen aggressive adoption overseas as well as in Canada and Mexico, in the United States, its adoption has been slowed due to the complexity of this country's payment and financial system. …
Récupéré en direct depuis OpenAlex et désinversé. Les résumés ne sont pas conservés dans cette base de données : les index inversés représentent 8,6 Go des 9,3 Go de texte de la base, et le serveur dispose de 13 Go libres.
Prédiction distillée sur la base complète
Imitation des enseignantsNi prévalence calibrée, ni vérité terrain. Validation humaine à venir. Apprise à partir de 10 348 étiquettes directes de Codex et de 10 348 étiquettes directes de Gemma. Le mode candidate est l'union des têtes enseignantes seuillées; le consensus est leur intersection. Ces sorties portent le statut machine_predicted_unvalidated et ne sont ni des étiquettes humaines ni des étiquettes directes de modèles de pointe.
Scores Codex et Gemma par catégorie
| Catégorie | Codex | Gemma |
|---|---|---|
| Métarecherche | 0,002 | 0,000 |
| Méta-épidémiologie (sens strict) | 0,000 | 0,000 |
| Méta-épidémiologie (sens large) | 0,000 | 0,000 |
| Bibliométrie | 0,000 | 0,000 |
| Études des sciences et des technologies | 0,000 | 0,000 |
| Communication savante | 0,000 | 0,001 |
| Science ouverte | 0,001 | 0,001 |
| Intégrité de la recherche | 0,000 | 0,000 |
| Charge utile insuffisante (le modèle a refusé de juger) | 0,000 | 0,000 |
Scores machine (provisoires)
Les deux têtes enseignantes du modèle étudiant, lues sur ce travail. Un score ordonne la base pour la relecture; il n'affirme jamais une catégorie, et le statut de validation accompagne chaque rangée tel quel.
Scores de référence d'un modèle non mature (critères de maturité non atteints, 7 itérations). Un score ordonne; il n'affirme jamais une catégorie.
score_only:v0-immature-baseline · tel quel depuis la passe de notation : score_only signifie que le nombre peut ordonner les travaux, et qu'aucune étiquette de catégorie n'en découle