COSTA MESA, Calif., May 4, 2015 /PRNewswire/ -- Experian Data Breach Resolution and Ponemon Institute release the first industry study that closely examines payment technologies and how companies are managing the growing threat of data breaches. The study, Data Security in the Evolving Payments Ecosystem, asked professionals to weigh in on several topics including who should be responsible for securing payment systems and how effective their organizations is in preparing for and responding to a payment card breach.
"The mega payment card breaches last year put cybersecurity front and center for corporate America and consumers," said Michael Bruemmer, vice president, Experian Data Breach Resolution. "Companies in the payments industry face a huge challenge keeping up with securing new technologies to protect customer data and with cybercriminals who are trying to penetrate card systems 24-7. However, they are taking the right steps to shore up their defenses and prepare their incident response plan. Companies are concerned about the effect on consumers so it is encouraging to see a majority of respondents believe offering identity theft protection is a best practice in the event of a breach."
Study findings cover different aspects of the payment ecosystem, including:
New technologies bring consumer convenience and increased security concerns
- Most executives support implementation of EMV "chip and PIN" technology, with 59 percent of survey respondents indicating it is an important part of their organization's payment strategy. However, EMV is not the security silver bullet payment professionals have been waiting for, as barely more than half of respondents (53 percent) believe EMV cards will decrease the risk of a data breach.
- Payments industry executives acknowledge the consumer convenience of new innovations, but are approaching new technology with caution. More than 50 percent of survey respondents believe the use of mobile payments systems increases the risk of suffering a data breach. More than half accept that risk (53 percent) and noted that, for their company, customer convenience is more important than security.
- Sixty-four percent of survey respondents believe it is more challenging to secure payment card information that other personally identifiable information.
Pressure to act is increasing
- Sixty-nine percent of survey respondents said media coverage of payment breaches over the past year caused their organizations to re-evaluate and prioritize security.
- Prioritizing breach prevention and response is gaining traction; 45 percent of survey respondents increased their security budgets. In addition, 41 percent hired more security staff, and 54 percent invested in new security technologies.
- Companies are seeing increased attention from the c-suite, with 67 percent of survey respondents saying their executives are more supportive of enhanced security measures to protect payment information.
The Path Forward: While progress has been made, industry collaboration is lacking
- Companies are investing in and taking steps to prevent future breaches included an increase in employee training (65 percent of survey respondents) and improving or putting a data breach response plan in place (56 percent of survey respondents).
- Payment professionals recognize that individual breach preparedness is not enough and solving current and emerging security concerns can't be the job of a single entity. There is consensus on the need for cooperation, with 85 percent of survey respondents agreeing that industry collaboration is critical to achieving a high level of security in the emerging payment ecosystem.
- And there is certainly room to grow, as the current level of industry collaboration is considered minimal (30 percent of respondents) to nonexistent (20 percent).
To access the full complimentary report, Data Security in the Evolving Payments Ecosystem, visit http://bit.ly/1Fc7mGB.
Additional data breach resources, including Webinars, white papers and videos, can be found at http://www.experian.com/databreach. Read the Experian Data Breach Resolution blog by visiting http://www.experian.com/dbblog.
About Experian Data Breach Resolution
Experian Data Breach Resolution, powered by the nation's largest credit bureau, is a leader in helping businesses prepare for a data breach and mitigate consumer risk following breach incidents. With more than a decade of experience, Experian Data Breach Resolution has successfully serviced some of the largest and highest-profile data breaches in history. The group offers swift and effective incident management, notification, call center support and fraud resolution services while serving millions of affected consumers with proven credit and identity protection products. In 2013, Experian Data Breach Resolution received the Customer Service Team of the Year award from the American Business Awards. Experian Data Breach Resolution is active with the International Association of Privacy Professionals, the Health Care Compliance Association, the American Health Lawyers Association, the Ponemon Institute RIM Council and InfraGuard and is a founding member of the Medical Identity Fraud Alliance. For more information, visit http://www.experian.com/databreach and follow us on Twitter: @Experian_DBR.
We are the leading global information services company, providing data and analytical tools to our clients around the world. We help businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. We also help people to check their credit report and credit score, and protect against identity theft. In 2014, we were named by Forbes magazine as one of the "World's Most Innovative Companies."
We employ approximately 16,000 people in 39 countries and our corporate headquarters are in Dublin, Ireland, with operational headquarters in Nottingham, UK; California, US; and São Paulo, Brazil.
Experian plc is listed on the London Stock Exchange (EXPN) and is a constituent of the FTSE 100 index. Total revenue for the year ended March 31, 2014, was US$4.8 billion.
Experian and the Experian marks used herein are trademarks or registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are the property of their respective owners.