|
It is now very common to do business with companies that will by
default (or even as a requirement to patronize) permanently store
credit card and associated personal information in a database to help
speed up future transactions or insure them against liability. While
this action can sometimes be a convenience to consumers it is worth
exploring how it is a general security risk.
Assets:
The confidentiality of credit card and personal information within
the database. Only authorized individuals should be able to access it
and it should be stored in a secure manner on disk.The availability of the credit card number if it is is needed or
depended on by a patron (say for something like Amazon’s One Click
service)
Adversaries:
Employees of a company who may use your personal information for
their own gains. At a video store, they may do something like shift
their own late fees onto your credit card.Outsiders who would try to retrieve your credit card or personal
information. This might include people who would physically steal
machines or people who would use social engineering techniques to
retrieve your credit card from an unsuspecting employee.
Weaknesses:
The employee who is the gatekeeper of the personal information is
most likely not trained with security in mind and might therefore be
likely to give up your personal information without proper verification.The information will most likely be viewable by more than just the person who has to access it.
Defenses:
The ultimate defense to protect ones self would be to stay “off the
grid” so that there wouldn’t be any concerns of private data getting in
the wrong hands. Doing this, however, is becoming increasingly
difficult and impractical for most people.Being vigilant about credit card information. This involves
auditing ones credit card bill each month to make sure that no
unauthorized charges were made.Being mindful of anything that may suggest someone is trying to use
your personal information or impersonate you. It’s possible that what
looks something like a phishing attack (mail from the bank) is actually
an indication that someone has acquired personal information and is
trying to use it.
Risk Analysis:
There is a very real risk that personal information will be
compromised when stored in company’s databases. Perhaps the most
interesting threats are those waged by adversaries who pursue a social
engineering route. There is an interesting incident recounted in Kevin
Mitnick’s book “The Art of Deception” (google “art deception
filetype:pdf” p. 47) where a son is able to get his father’s credit
card number from a videostore in a matter of minutes without leveraging
his relationship or anything personal about his father.
Conclusion:
The only practical approach consumers can take to limiting the risks
that go with having credit card information in company databases (other
than opting out altogether) is to be vigilant in recognizing when
information might have been compromised. As consumers we have a broad
range of choices to make when patronizing businesses, and ultimately
the most important thing to do is to recognize one’s own habits and
assess the threats accordingly.
|
