Holiday shopping season malware targeting

By | December 4, 2015

New sophisticated software takes advantage of lack of end-to-end encryption in many retailer backends and getting card data, including EMV, from consumers. Cyber criminals never sleep.

Source: www.theexaminer.com

This new ModPOS malware has taken advantage of a flaw in the internal in-store processing of debit and credit transactions still using magnetic stripes as well as using the new EMV Chip and Pin cards; the processing flaw, now known to the retail industry, is that the internal processing systems utilized by many major retailers does not support end-to-end encryption, and does not also properly encrypt data in memory, allowing that data to be captured and sent to distant cyber crooks. According to iSIGHT, “Criminals can then reuse card data, even from EMV cards, to make online (card-not-present) transactions.”

Author: Staff Writer

Craig Keefner -- With over 40 years in the industry and technology, Craig is widely considered to be an expert in the field. Major early career kiosk projects include Verizon Bill Pay kiosk and hundreds of others. Craig helped start kioskmarketplace and formed the KMA. Note the point of view here is not necessarily the stance of the Kiosk Association or kma.global