GEOACL

  Control Over Where And How much Access Allowed

  HOME » Blog

Observations

Credit Card Data Breach at Target.


What was it and what role GEOACL would have played in such scenario?


Dec 28th 2013


Data breach occured at major retailer Target over the holidays. It stole the credit or debit card numbers, the card’s expiration date and CVV codes of over 40 million customers who shopped at Target over the holidays. This data is already appearing for sale on the black market, and as a result some financial institutions have started to reissue debit cards and put limits on how much customers can withdraw from ATMs and spend at stores. Still the solution is not foolproof and its inconvinience on all 40 million customers.

Stolen information is on sale and Banks have already started fielding calls on fraudulent transactions. As a solution just like always banks have reissuing cards to customers who had used card during the time breach happened.

If GEOACL Solution was implemented by banks issuing cards, the customers enrolled in it would have had peace of mind when they heard of the breach. It would be very difficult for hackers to make any use of user's credit card details as its usage itself is locked by geographical access control locks.

Each user would have setup their locations and enabled for given limits based on need.

For hackers it would be difficult to use stolen information from across the globe. Stolen information would not have much value due to geographical access control locks in place.

Even local people buying such stolen information would have hard time using it as user would be adjusting the locations, limits as needed on frequent basis. Its same as user required to change their passwords on frequent basis. GEOACL solution is easy to use. Its as easy as using key to lock the door of the house.

E.g. Customer with average family of 4 has enabled per transaction limit of $200 and daily limit of $500 for daily use for locations like gas station, grocery stores and malls where he usually shops. This would deter use of stolen information beyond such limit. Locations are also enabled and disabled based on need.

Customer would be occasianally increasing the limit for high ticket puchases but that would be for limited period and hacker or user of stolen information would not have idea when the higher limit was available.

Another feature of GEOACL is that if card is used from geographically separted location in short period , user is alerted. Many customized alerts are allowed to be configured.

Determined hackers can break most advanced technological barrier but cannot go after each customer to break it. Its just not affordable and risk worthy when banks ,law enforcement and customer himself would be monitoring any frauds arising out of data breach.

GEOACL Solution's strength lies the in fact that users can control security of their cards actively.

GEOACL Solution has benefits for banks as well as customers if configured properly. Customers don't have to worry about somebody making fraud transactions on their cards for large amounts and banks don't have to bear the costs of paying for fraud transactions. Retailers, Merchants too can focus on their business rather than facing hundreds of lawsuits and legal fees when breach happens.

GEOACL solutions is not only for credit card but is for any kind of payment and financial accounts like debit card, ATM card, prepaid card, GIFT card, virtual money like paypal credit, bitcoin, bank accounts, ecommerce accounts, investment accounts, trading accounts and retirement accounts. User can define locations and enable limits and features for such locations.

Securing access to GEOACL rule module as well as critcal account features like funds transfer.

It can be done by deploying Out of Band Authentication OOBA module that sends users email to their secure email account. User will need to click on the link to approve or deny the action. GEOACL service would match loaction of the request with the location of approval to validate the user request. In case of mismatch user can be alerted via configured alert device as well as hold can be placed on such feature till user is validated thru conventional means reaching out bank branch or call customer service to prove their identity.

GEOACL
2809 Gorniak dr
Email: info@geoacl.com
Phone: 1.732.723.7219