Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Kenneth van Wyk: Target breach underscores how backward U.S. payment tech is

Kenneth van Wyk | Jan. 2, 2014
There's no good reason for the U.S. to be so far behind in adopting EMV.

If you can't yet get an EMV card from your issuer yet, there are other things can make online shopping more secure. For example, some credit card issuers these days support one-time account numbers for things like online transactions. You can request as many as you need, and you can specify the merchant a particular account number will be used with and a purchase limit for each one-time account number. If you had used such an account number at Target, the credit card number in its records would pose no threat to you, since it can never be used again. In fact, one-time numbers will be useful for online transactions even if EMV were available.

Another good idea: Many online merchants give you the option of not storing your credit card numbers on their sites. It's always smart to select that option when it's available. The more places that store your card numbers, the less safe you are. If you like the convenience of having your credit card info stored but realize that it's a security risk, consider using a password vault system like the one I described in November 2012. With it, you can automatically enter your credit card number when needed. The important thing is to maintain control of your credit card numbers as much as you can.

You can do more, though. I segregate my shopping from everything else I do online by dedicating one browser to shopping and never doing any shopping on any of the other browsers I might use. Not paranoid enough for you? You can use a completely isolated operating system boot environment for shopping and a different one for all other activities. Most modern operating systems enable you to build a bootable disk on removable media. For online shopping, build a clean boot environment — absolutely nothing extraneous on it. (You can do the same thing in a virtual machine environment.) The advantage of the dual-boot approach is that if your system becomes compromised, the data on it or processed through it will be somewhat limited.

Some of this advice is not for everyone. I get that. But before you decide that even using separate browsers is too draconian for you, you need to realize that doing all your social networking and shopping on the same browser (and at the same time, perhaps) is simply being reckless. You might fare better by finding an angry bear and poking it with a stick.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.