Brick and Mortar Data Breaches Show E-Commerce is Safer

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.paymentssource.com/news/interchange/brick-and-mortar-data-breaches-show-ecommerce-is-safer-3019871-1.html

Total holiday sales are expected to reach  $863 billion in 2014, up from
$822 billion last year. That is a staggering amount of money, and the weeks
between Thanksgiving and Christmas make or break a sales year for large and
small businesses alike.

However, 2014 could be different, as offline sales decline while online
sales boom. The outbreak of major security breaches at brick-and-mortar
retailers has people understandably concerned about using their credit
cards in-store. Target’s security breach, where more than 110 million
customers' data was stolen, happened just before Christmas last year.

The long-standing narrative of credit card security is that offline
transactions are more secure than online, but the security breaches have
shown this to be false. In addition to Target’s breach, Home Depot
announced that 56 million cards were compromised in a five-month attack on
its payment terminals. 1.1 million credit cards were exposed in a
three-month hack on Neiman Marcus. Hackers also hit grocery chain
Supervalu, which has thousands of locations, multiple times, and Asian
bistro chain P.F. Chang's saw data stolen from eight of its locations over
the course of eight months. In 2012 (before these hacks), retailers lost
roughly $3.5 billion in e-commerce sales due to credit card fraud,
according payment processor CyberSource.

These physical retail stores are vulnerable because they still run Windows
PC old-school POS software, and operate using outdated guidelines. In stark
contrast, most online retailers are deeply committed to offering the
highest levels of security, because it is life or death for their business.
Most online payment processors go to great length to keep ecommerce
experiences safe, using encryption, security keys, SSL certificates,
firewalls, passwords, and advanced anti-virus software.

Offline transactions are getting less secure as online transactions are
getting more secure. These parallel trends will lead to a jump in
ecommerce, as Americans increasingly choose the retail option that is more
convenient, and safer—online.

Physical retail was losing ground even before the security breaches, and
this holiday season, we are already seeing the effects of the outbreak.
In-store sales experienced  a major drop on Black Friday this year, while
e-commerce retail hit record numbers. Total U.S. online retail spending in
November and December 2014 will reach $61B, up 16% year-over-year,
according to Comscore, and Q3 of 2014 was the 20th consecutive quarter of
double-digit growth in desktop computer ecommerce sales. Forrester Research
predicts e-commerce sales will grow by more than $400 billion in the next
several years.

Online retail is growing faster than offline retail for a number of
reasons. Online shopping offers increased convenience, better deals, and
heightened security. The widespread consumer wariness about the security of
offline retail will only fuel the growth of e-commerce.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!