For Finextra's free daily newsletter, breaking news and flashes and weekly job board.
I agree 100% Alex. Payment industry players are too complacent in believing themselves and convincing others that their components and systems are very secure and then these things happen right under their noses. POS terminal is one classic example ... despite
of the assurances it gets hacked inevitably
I firmly believe that the card Issuers should not trust POS devices nor even Acquirer systems ... thay must ensure that the cardholder data is ONLY KNOWN to their end systems along the payment rails (i.e. EMV or contactless compliant chip application of
course and the Issuer Host). Nothing in between should be allowed to see the real PAN data, but the data that looks and feels like PAN, so that the Merchant and Acquirers systems still continue to function normally.
This post is from a series of posts in the group:
A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.