Beautiful Trade/Analyzing the Security Context
Analyzing the Security Context
The fundamental problem is that cardholder data becomes a shared secret. As we’ve seen, this secret often needs to be shared amongst a lot of parties in order to fulfill even a single transaction. Because security relies on the least common denominator of security controls amongst these parties, a leak is almost inevitable during the life of an account. Visa, Inc. stated, in its earnings report for the third quarter of 2008, that the total transactions on Visa’s brands—Visa, Interlink, Plus, and Electron—grew 11% from $8.65 billion a year to $9.59 billion. This gives us some perspective when analyzing breach data. Visa is the largest of the card brands, but it is only one of many. And each transaction probably passed through multiple merchant systems, payment gateways, service providers, fulfillment systems, bank networks, and card networks. That’s an awful lot of shared secrets!
To compound the issues and complexities of these shared secrets, a merchant or service provider has several reasons to store information such as account numbers after finishing the initial transaction:
Many merchants offer services that require regular payments on a weekly, monthly, quarterly, or annual basis. In order to continue to charge the same account on a regular basis, the merchant needs to store sensitive payment information as long as the consumer remains a customer.
To issue a refund, the merchant must store the account number that its service or merchandise was charged to. As a measure of fraud prevention, many acquiring banks require the merchants and service providers to refund the exact card account that was originally charged.
Consumers often elect to store their account information with a merchant where they make frequent purchases. This aligns with our discussion later around consumer incentives. For many people, convenience outweighs the risks.