Cyber Crime: Credit Cards and Fraud

Here is a little background on a security issue that may affect you, and it’s important that you are aware of it.

You don’t need to become an expert in the subject, just be aware the larger data systems get . . . they are proving the experts wrong regarding the security of your personal and business information.

The following may shed some light on the subject. It’s a lot like “we’ll have to try it to see how it really works” or “If you like your security . . . maybe you can keep it!”

1. Growth in the size of databases:

Data transfer (that credit card stuff) between several organizations sharing your information goes like this:

You have a credit card with Company A which has a database for storing your personal or business information. The database uses a card reading device at the point of purchase (such as Sears, JC Penney, Target, Chevron . . . etc.). The company may also have an online form for ordering from the company website.

Both the card reader and the online form enter data in the customer database of the company. Your insurance company, or an order taker on the phone may also use the same form to sign you up online during cold calls.

Company B has a business relationship with Company A and provides goods or services (drop ship, etc.) for Company A. This relationship consists of Company A sharing information with Company B resulting in the merging of common information between databases of two different companies.

Some companies sell your identity to earn revenue . . . in most cases they are required to notify you in advance of the policy regarding your personal and business information, and allow you to opt out. However, it can also be included in the fine print that few people read . . . they just click “I have read and agree” and proceed.

Government offices routinely sell or make your information available to individuals and businesses in the same manner. It is common to consider data stored in government databases as public information . . . such as your drivers license, and information regarding your property included on tax roles.

Government offices and insurance companies may cooperate regarding public fillings. In the case of a divorce, insurance companies may receive that information and change the cost of your auto insurance. Why? Well the divorce experience may be somewhat stressful and may result in poor driving habits and increased accidents. The insurance company is protecting itself.

Note: These database interrelationships can be repeated many times. You or your business may be exposed to as few as a dozen to hundreds. Also, more information is being collected regarding browsing habits and tracked by services such as Google.

Tracking services provide methods through online form coding and web browsing, and businesses use this information to improve the marketing of their products. It should be noted that tracking services do not target an individual specifically, they do however target generic group behavior information.

2. Growth in the size of Data Centers:

A few years ago, companies maintained their own physical server farms, networks and user terminals. They may have also provided their customer on site business terminals and updates for the software.

Working with the numbers, managers were able to prove, logically, that developing service companies (known as service centers, a separate business entity specializing in online services) could take on the task of providing server and software service for multiple companies. Theoretically, this would reduce individual business investment and increase efficiency.

Terms such as:

a.) Co-location – individual business servers located at a service center.
b.) Cloud Computing – storing information offsite at a service center, and
c.) Managed Hosting – service center not only housed but managed servers of their clients.

Today, what was a server farm within a business has grown to be large, essentially factory appearing complexes housing thousands of individual business server farms within a geographical (US regional and international) industrial complex referred to as a Data Center. For a broad overview of Data Centers go here.

Note: This relationship is repeated across international borders, cultures and languages.

3. Now the growing problems:

a.) As the movement from individual businesses managing their own server farms . . . to service centers . . . to data centers occurs . . . the emphasis on personnel shifts from individual company, product specific knowledge within the company you are doing business with . . . to hardware and software specific personnel and knowledge at the data center level.

b.) Customer service has also migrated from product and service knowledgeable personnel to communications functionaries who refer to an artificial intelligent response (FAQ) resource to interact with both business customers and the business as a client.

c.) Increasingly the customer service functionaries at data centers are loaded with increasing response requirements . . . do more in less time . . . more efficiency equals more profit, or the necessity to stay competitive and survive.

d.) Prior to the shift away from individual companies maintaining the server farm, a customer could call “customer service” and resolve a problem. Today, the root of the problem is individual company forms and databases requiring intervention for correction by “customer service” have been shifted way upstream to the very large data centers.

1.) Trash is being transferred and it can’t be fixed. Many organizations that have already deployed big data technology now struggle to access, transform, transport and load information using conventional technology. Even replication or migration of data from existing sources can be troublesome, requiring custom programming and manual processing, which are always a tax on resources and time.
2.) Customer service is not customer service. Refer to credit bureau association dispute. They can’t access and don’t know how to fix customer problems.
3.) Loss of customer data. Centrally locating customer data is creating larger pools of data to be stolen . . . insider access can become a larger problem.

These are problems that do not heal themselves:

NOTE: As location of information becomes concentrated . . . larger gluts of stolen information become possible . . . internally or externally.

Added since first written.

Target Slapped With Suits After Security Breach

This posting is included under the Category “Fog of War” because, essentially it is aqgression with the intent to do major harm.

Refer to: FBI – Cyber Crime

Posted in Tidbits.