MétaCan
Menu
Retour à la cohorte
Enregistrement W277986829

Plugging the Breach: Recent, Massive Data Breaches Have Banks Asking How They Can Protect Themselves and Their Customers, in Both Point-of-Sale and Online Payments

2014· article· en· W277986829 sur OpenAlex

Pourquoi ce travail est dans la base

Une base qui oublie comment elle a trouvé un travail ne peut pas être vérifiée. Voici les voies qui ont admis celui-ci.

aboutLe titre ou le résumé porte un signal canadien du lexique géographique.
no affAucune affiliation canadienne : ce travail est invisible pour une base fondée sur la seule affiliation.
Aucune affiliation canadienne. Une base fondée sur la seule affiliation (le devis habituel) n'aurait jamais vu ce travail. C'est l'un des travaux qui justifient l'inversion de la base.

Notice bibliographique

RevueABA banking journal · 2014
Typearticle
Langueen
DomaineComputer Science
ThématiqueCybercrime and Law Enforcement Studies
Établissements canadiensnon disponible
Organismes subventionnairesnon disponible
Mots-clésIdentity theftData breachBusinessCredit cardPaymentDebit cardPayment cardInternet privacyFinanceComputer science
DOInon disponible

Résumé

récupéré en direct d'OpenAlex

[ILLUSTRATION OMITTED] The millions of potentially compromised credit card accounts in the Target, Neiman Marcus, and other recently reported payments breaches are certainly scary, but the fact that such breaches occur isn't new. is new is that all of the partners in the payment chain--banks, card networks, retailers, processors, and newer entrants, such as Google and Paypal--suddenly have cause to talk with each other about potential solutions. Part of this, admittedly, is motivated by congressional interest, with at least one hearing held last month on the subject. Arguably, though, the sheer size of the threat has caused all the players to see the need to adopt countermeasures. It's a shared system, and there are shared risks, says Mike Urban, director, financial crime risk management, at Fiserv. Technology can help us, but we have to have people paying attention to it, mitigating any gaps that start to come along, and having policies in place around what you do when particular things happen. Even apart from the Target incident, the overall numbers are telling. The Identity Theft Resource Center has reported that more than 600 breaches occurred in 2013--a 30% increase compared to 2012. From the perspective of the banking industry, however, since 2005, banks have been responsible for only 8% of all breaches; while in that same period, banks have had to reimburse card members for 62% of their losses, according to Doug Johnson, vice-president and senior advisor, risk management, at ABA. It's hard to protect against data breaches in the payment area unless the entire payments process and all the players within that process have adequate levels of security, Johnson points out. For the time being--absent any new legislation or initiatives by other payment system partners (although inroads are being made in both areas now)--banks should revisit their own protection and mitigation systems. Interviews with various analysts reveal that the payments breach problem is actually two problems: those that occur at the physical point-of-sale (POS), and those that occur online or card-not-present (CNP). Each one poses different circumstances that require different responses. POS fraud The recent, highly reported breaches all occurred through the use of a malware system reportedly developed years ago by a Russian teenager. It generally works by what's called RAM scraping, in which the malware, once installed on a POS device, is able to capture a customer's card number and other information in the milliseconds between when the card is swiped and when the back-office encryption system kicks in. What we've learned is, if at any point it [the information] is in the clear, it's going to be captured, says Matt Herren, fraud specialist, CSI. The general response to this has been the adoption of EMV (Europay MasterCard Visa), otherwise referred to as chip-and-PIN or even just chip. Currently, there's an ongoing industry debate in the United States whether or not the personal identification number should be included, or whether just the presence of the chip would be enough to meet the card associations' liability standard. For example, in the aftermath of the recent Target payments breach, a retailers' association claimed that chip-and-PIN would have deterred the criminals. In response, a group of financial services trade associations, including ABA, pointed out that such a claim distracts from the more complicated issue: The payment systems depend on a chain of providers, and each one has different industry data security standards. Generally, EMV is a technology that uses a microprocessor embedded into the plastic card, which stores payment card data from the issuer and performs cryptographic processing during a payment transaction. It is impervious to access by unauthorized parties. While EMV has seen aggressive adoption overseas as well as in Canada and Mexico, in the United States, its adoption has been slowed due to the complexity of this country's payment and financial system. …

Récupéré en direct depuis OpenAlex et désinversé. Les résumés ne sont pas conservés dans cette base de données : les index inversés représentent 8,6 Go des 9,3 Go de texte de la base, et le serveur dispose de 13 Go libres.

Prédiction distillée sur la base complète

Imitation des enseignants

Ni prévalence calibrée, ni vérité terrain. Validation humaine à venir. Apprise à partir de 10 348 étiquettes directes de Codex et de 10 348 étiquettes directes de Gemma. Le mode candidate est l'union des têtes enseignantes seuillées; le consensus est leur intersection. Ces sorties portent le statut machine_predicted_unvalidated et ne sont ni des étiquettes humaines ni des étiquettes directes de modèles de pointe.

score de la tête « metaresearch » (Codex)0,002
score de la tête « metaresearch » (Gemma)0,000
Version: codex-gemma-dda1882f352aStatut de validation: machine_predicted_unvalidated
Catégories candidatesaucune
Catégories consensuellesaucune
DomaineSignal candidat: aucune · Signal consensuel: aucune
Devis d'étudeSignal candidat: Autre devis · Signal consensuel: aucune
GenreSignal candidat: Empirique · Signal consensuel: Empirique
Score de désaccord entre enseignants0,889
Score d'incertitude au seuil0,559

Scores Codex et Gemma par catégorie

CatégorieCodexGemma
Métarecherche0,0020,000
Méta-épidémiologie (sens strict)0,0000,000
Méta-épidémiologie (sens large)0,0000,000
Bibliométrie0,0000,000
Études des sciences et des technologies0,0000,000
Communication savante0,0000,001
Science ouverte0,0010,001
Intégrité de la recherche0,0000,000
Charge utile insuffisante (le modèle a refusé de juger)0,0000,000

Scores machine (provisoires)

Les deux têtes enseignantes du modèle étudiant, lues sur ce travail. Un score ordonne la base pour la relecture; il n'affirme jamais une catégorie, et le statut de validation accompagne chaque rangée tel quel.

Scores de référence d'un modèle non mature (critères de maturité non atteints, 7 itérations). Un score ordonne; il n'affirme jamais une catégorie.

Tête enseignante Opus0,041
Tête enseignante GPT0,262
Écart entre enseignants0,221 · la distance entre les deux têtes enseignantes sur ce seul travail
Statut de validationscore_only:v0-immature-baseline · tel quel depuis la passe de notation : score_only signifie que le nombre peut ordonner les travaux, et qu'aucune étiquette de catégorie n'en découle