teissTalk: Vendor diversity – onboarding and offboarding security vendors

teissTalk host Geoff White was joined by Tee Patel, vCISO, Iron Oak Security; Dawid Kowalski, Senior Technical Director, EMEA, FireMon; and Alan Jenkins, Advisor, Security Architecture.

 

Views on news

 

Online payment fraud surged by 208 per cent between September and October 2021 according to new Kaspersky report including spoofed payment websites that look exactly like real ones and spy on the buyer while they are typing their credit card details. Ways of thwarting online payment fraud include Address Verification Service (AVS), which enables merchants to detect suspicious credit card transactions by verifying that the billing address entered by the customer is the same as the one associated with the cardholder’s credit card account.

 

Vendors, however, often don’t go into the trouble of integrating their systems with the bank’s to the level that enables AVS. Of course, Apple and Google pay are safer against this type of fraud thanks to their use of diametric data and encryption. It’s also common now to send OTPs to mobile phones to make sure it’s the actual account holder making the payment.

 

However, that’s also susceptible to fraud. Banks can opt for soft or hard decline when they experience anomalies during payment, with the latter permanently declining payment unless the payer opts for a different form of payment.