Update on payment card terminal fraud.
Sunday, August 24th, 2008lAs reported earlier, a major payment card fraud took place in Ireland whereby persons entered premises where card payments were accepted under the pretence of representing payment service providers.
See http://backupanytime.com/blog/?p=134
At the time the focus was on Bank of Ireland as that bank had taken action by reducing spend limits on cards and indeed disabling ATM withdrawal on a cross section of cards. Since then the assumption that the same incidents must have affected clients of other banks has proven correct.
This writer (an Allied Irish Banks client) was contacted by AIB who told him his card was compromised. There were no unauthorised purchases r withdrawals made with the card but the details of the card had obviously got in to the wrong hands as a consequence of the weekend sting.
The card was duly cancelled and a new one (takes five working days) is on the way.
So, it would appear Bank of Ireland are due some praise this time round for making their public action and announcements ahead and more visible than other affected banks.
It should be made clear however that every bank affected suffered similar difficulties because of weaknesses in security (more specifically data protection) at card accepting shop floor presence. The major problem is the lack of training at shop manager and cashier level with regard to protection against social engineering.
