Could data masking prevent credit card fraud?
It hardly comes as a surprise that the banking sector is highly sensitive to new technological changes. A range of regulations impose upon financial institutions obligations with regard to safeguarding their clients’ data and transactions, and banks need to be one step ahead of the game in the fight against cybercriminals.
In fact, as much as technology has helped propel banking forward by introducing more and more sophisticated versions of web-banking and online payment methods, it has also created a headache for cybersecurity professionals in the financial industry as they need to fend off cyberattacks. The latest weapon they have acquired? Data masking.
What is data masking?
By using the data masking method, banks and other financial institutions operating in highly sensitive sectors can effectively protect their customers and prevent unauthorised data access. Data masking is also known as data de-identification, pseudonymisation, anonymisation or obfuscation and it refers to the process of protecting sensitive information by replacing original data with realistic yet fake data.
The purpose of data masking software is to produce data that looks and functions like the original data (for example, by maintaining the same 16-digit form when it comes to a credit card number), but is not as sensitive as the original data. By employing this method, risks of unwanted data exposure are limited and in fact fewer security controls and reduced compliance audits are required.
Credit card fraud on the rise?
Data masking comes handy in the case of preventing credit card fraud, one of the most common types of fraud that the banking industry has to deal with and one that has been soaring lately. Just in 2016, 15.4 million consumers fell victim to identity theft or fraud and card-not-present fraudulent transactions – such as online payments or those made over the phone, where the owner of the corresponding bank account does not actually have to be physically present – increased by 40% compared to one year before.
In total, hackers managed to steal away $16 billion ($1 billion up from the previous year) while the average monetary losses per victim amount to more than $1,000. Even more interestingly, almost half of the US population (46%) has experienced credit card fraud in the past five years.
Data masking protects sensitive banking information
For a criminal, one of the essentials to acquire for credit card fraud is the card’s credentials. This is why banks use data masking to “cover” the true card number of credit cards during transactions that could be compromised, which would reveal this financially sensitive information to third parties. This way, employees of an online shop, for example, are prevented from actually accessing the credit card credentials when they search for information that is relevant to billing – such as the address that is connected to the card and that the client chooses to use for billing purposes.
However, this is just one step of a very long process; customers that truly wish to be safe should also take further measures, like installing further authentication steps and making sure that they steer clear of phishing attempts.
By Isabelle French