Latest news
With the increased use of mobile devices to pay for goods and services, traditional wallets with cash and credit cards could one day be obsolete. A new ISACA white paper examines this growing trend and offers guidance on managing risk and increasing security.A study from Juniper Research found that the value of mobile payments for digital and physical goods, money transfers and other transactions will reach almost US $630 billion by 2014. ISACA identified consumer benefits, including the speed and convenience of not carrying cash and credit cards, the consolidation of many cards and an enhanced layer of security.
Enterprises benefit by reaching more consumers, reducing the amount of stored data needed to meet compliance requirements, improving transaction security and fraud detection, and engaging in location-based marketing (geo-marketing).
“Mobile payments offer many benefits, but we also need proactive planning and measures to manage risk, which can include anything from theft of identities and services; loss of revenue, brand reputation and customer information; and money laundering and terrorist funding,” said Nikolaos Zacharopoulos, chair of ISACA’s project development team for the white paper. “This guidance identifies the risk types and the countermeasures that should be in place to mitigate them.”
The Mobile Payments white paper provides practical advice for enterprises:
- Build robust controls into the planning process.
- Ensure that transactions are carried out only by the authorized person.
- Identify the data that are considered personal and sensitive, and ensure it is protected.
- Ensure that third parties involved have robust security governance in place.
- Pay specific attention to the originating point of a mobile transaction - the customer device and the user.
The white paper is available here (registration required).
Spotlight
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
