http://www.timesonline.co.uk/article/0,,5-1063208,00.html April 05, 2004 By Joe Morgan FEARS that small online retailers are the weakest link in the fight against internet fraud have prompted MasterCard, the global payment scheme group, to set up secret teams of hackers to test security systems in the sector. The Times has learnt that the project, named Site Data Protection (SDP), will go live in May and will target online outlets that fail to comply with appropriate levels of internet security. SDP teams will be recruited by the banks that have relationships with online merchants whose systems do not come up to scratch. Brian Morris, head of e-business solutions at MasterCard, said that while large online retailers had robust internet security systems, small and medium-size enterprises (SMEs) "could benefit from the assistance". Organised criminal gangs are increasingly hacking into the systems of online retailers and stealing subscribers' credit card and personal details. The information can then be used to commit "card-not-present fraud" - fraudulent buying of goods and services from a remote location, usually by phone or via the internet. Card-not-present fraud is thought to be one of the world's fastest growing crimes. Stolen personal details have also been used by gangs to commit "phishing", sending fake e-mails purporting to be from a bank or retailer to cardholders to trick them into revealing bank account details. MBNA and Barclays were recently victims of phishing. Mr Morris said: "This initiative will help a lot of merchants. Websites will be tested to see if firewalls are secure enough and backdoor and trapdoor areas are not susceptible to hackers. We will also test all routes in and out of sites." He said that the cost of the services would be determined by the banks. Medium-size retailers' exposure to fraud could also rise dramatically following this year's nationwide roll out of chip and PIN, a new anti-fraud initiative pioneered by the banks. While large retailers benefit from economies of scale in upgrading to the new checkout terminals, where customers pay using a four-digit number, smaller businesses find the costs a heavy burden *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ---------------------------------------------------------------- C4I.org - Computer Security, & Intelligence - http://www.c4i.org ================================================================ Help C4I.org with a donation: http://www.c4i.org/contribute.html *==============================================================* _______________________________________________ ISN mailing list ISN@private http://www.attrition.org/mailman/listinfo/isn
This archive was generated by hypermail 2b30 : Mon Apr 05 2004 - 01:42:02 PDT