Data Security

This year saw record-breaking security breaches against e-commerce sites. Regardless of size and IT security budget, no company is 100 percent immune from risk. Yet the reality is that many of the breaches were preventable. With the busiest online shopping period of the year in full swing, have you made sure your customers’ credit card data and personally identifiable information is as secure as it could be?

Two malls planning to test new technology designed to track shoppers' movements via cell phone signals have nixed those plans after a U.S. senator raised concerns about privacy, according to The Consumerist.

“Your friends at Etsy” sent out an email Oct. 13 alerting Etsy community members to some notable changes in its privacy policy. According to the company’s blog post, the real name change, which applies to both buyers and sellers, is supposed to clarify the difference between a person and a shop.

For every $100 in fraudulent transactions, retailers incurred a “true” cost of $230, according to a new study released by LexisNexis Risk Solutions. According to the study, retail merchants and financial institutions reported an overall decline in fraud rates and transactions while total retail sales rose.

More details have emerged of an e-commerce software flaw linked to the theft of credit card information from numerous websites. A security flaw in osCommerce, an open source e-commerce package, created a means for criminals to compromise 90,000 web pages with redirection scripts that ultimately directed surfers towards a site serving up an exploit toolkit designed to compromise visitors' PCs.

Nearly 70 percent of e-commerce merchants said they've tightened credit card data security in order to protect their brand, not to avoid fines for non-compliance with the Payment Card Industry Data Security Standard, according to a survey by Visa’s CyberSource unit and Trustwave.

Findings from a new survey of e-commerce merchants released by CyberSource show that nearly 70 percent of respondents cited the need to "protect the brand" as the primary driver for tightening controls against hackers and other payment security risks.

As larger retailers adopt state-of-the-art fraud prevention and identification solutions as part of their payments infrastructure, smaller local chains and independent outlets are being left exposed as the soft underbelly of a very lucrative target.

Criminals who infect websites are making the internet much riskier for small business owners. Since early June, one gang has been using a uniquely insidious type of automated attack to inject malicious code on some 20,000 to 30,000 sites, many of them small businesses that rely on the internet to reach customers, says Wayne Huang, chief technical officer at website security firm Armorize.

While bad news around the economy continues to pile up — a plunging stock market, troublesome unemployment, a soft housing market, national debt that's out of control — the e-commerce industry seems unaffected. E-commerce sales are steadily rising and for many cross-channel retailers the channel is a bright spot in an otherwise dark place. This mood was certainly reflected at IRCE, where people were upbeat with where they were at and optimistic about their future.