Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Technology

Posted By Gbaf News

Posted on March 27, 2015

CARD SECURITY: LEADING FROM THE FRONT IN THE DIGITAL AGE

The alleged hacking of SIM Card encryption keys has once again highlighted the importance for card manufacturers to have in place advanced data encryption processes and robust security handling policies to mitigate the risks of serious breach, writes Marshall Haldane, allpay Card Services Director.

With technology evolving in sophistication, it has never been more important to ensure security products are upgraded, best practice is followed and – just as importantly – staff understand their roles and responsibilities around data handling, production processes and audit trails.

As a global card supplier – certified to manufacture both MasterCard and Visa Cards – allpay takes a three-pronged approach to security handling through physical and logical access, staff vetting and training and third-party audits to meet PCI Security Council compliance standards.

Doing battle against sophisticated fraud and theft techniques means getting the basics right on physical access – ID authentication, CCTV, physical security checks/searches, tandem access requirements, etc

Having recently expanded our UK operation – subsequently introducing new service lines in all areas of card production – the design of our network architecture as a whole was reviewed and strengthened to exceed industry standards.

Marshall Haldane

Marshall Haldane

Construction plans, facility layout, implementation of the access control system, intrusion detection systems and CCTV cameras all combine to create a resilient and safe environment for manufacturing cards. Combined with the use of state of- the-art EMV encoding, data encryption, laser, printing, colour and embossing technologies, they work to assure a secure operation at every inch of the site.

However, just as important as the physical nature of security is the effective protection of data, and, crucially, regular attention of those in the production environment who work around it. Building protections around stored and moving data (across a number of networks), needs to be rigorous.

While we invest heavily in advanced data encryption techniques to protect client data in the event of

a breach, it comes to nothing if the personnel are not acutely aware of their responsibilities within security policies and procedures.

At allpay, pre-employment and ongoing screening of staff remains key – as does staff knowledge of the production process, site security and logical security procedures.

Due to continuous investment in technology, protocols and guidance needs to be frequently updated, requiring staff to carry out regular security awareness training.

At allpay, for example, staff are required to sit regular security awareness training via online tutorials which is logged centrally. They’re also regularly issued with updated guidance should protocols be enhanced or changed.

Key to any safe environment ensures that:

  • Guidance, training and processes are not static, but evolving;
  • Enforcement of security policies is strict, not merely satisfied
  • Security audits and awareness training is regular, not infrequent; and that
  • Prevention of viruses is automated, not manual, and systems are updated regularly with the latest security patches for operating systems.

Robust implementation of the above is imperative for card issuers to reduce the risk of fraud and theft, while maintaining a high-level of security for their customer information.

Recommended for you

  • The Future of Asset Management: Technology-Driven Innovations and Client Expectations

  • How can we ensure privacy in the digitization of healthcare?

  • Quantum Computing: Unleashing Disruptive Potential and Strategic Industry Implications