Verizon Communications, Inc. released a report this morning that may startle some consumers. The report found that 80% of merchants around the world do not comply with Payment Card Industry Data Security Standards.
These industry standards were created to stop cyberattacks, but, as it turns out, this is not something that most merchants take very seriously.
Only When Caught
The report speculates that merchants only perform system updates when it’s time for an annual compliance check. But, retailers should be going through systems updates when scheduled. Not performing the right system updates means that consumers purchasing goods through certain retailers are at risk every time a card is used.
The report goes on to state that only 20% of retailers polled are fully compliant with the standards set forth by the card industry. The Verizon study also showed that none of the merchants recently attacked by hackers had complied with the industry standards or performed proper system updates. For obvious reasons, this is a big problem in any country and with any merchant.
Fixing the Issue
The Payment Card Industry Data Security Standards are minimal standards set forth to provide a very basic layer of protection against things like identity theft or card hacking. If merchants are complying with these minimal standards, this means that hackers can easily break into systems knowing full well that most are unguarded and not upkept. It’s not realistic either to think that most consumers purchase items with cash.
Nearly two-thirds of purchases in the United States are made via credit and debit cards. This number might be lower in other countries where credit is not so widely available or used, but the fact remains that most people use some kind of bank card or credit card to purchase items in the US, and that’s problem enough. Over the past few years, various widespread hacks have happened in the retail sector, and the fact that merchants aren’t upgrading security systems could be the exact reason why these attacks are happening.
Even though the card industry has tried to push merchants to protect consumers, the measures put in place aren’t being adhered to at the time being. This poses a big threat for merchants and consumers alike. The report did not list the names of the merchants included in the study. An additional number included in the report is also worrisome: $2.17 trillion dollars are spent through electronic payment methods across the world (payment methods like PayPal), and these are generally backed by credit cards and debit cards.
To say that this new report exposes a big problem is an understatement. Unless merchants start to take the measures put forth by the card industry more seriously, additional credit card and system hacks are unavoidable. This report was conducted on a global scale, though the report did narrow in on sales and payment methods within the United States. So far, no merchants have commented on this report, though feedback is expected as soon as merchants have had time to process these numbers.