It has been reported that Japanese gaming developer Nippon Ichi Software revealed its American arm, NIS America, has suffered a major data breach compromising the personal and financial data of online customers. Hackers managed to access customers’ payment card details and address information for any new orders placed and paid via credit card during this time frame.
Commenting on this, Ryan Wilk, vice president, delivery at NuData Security Inc., a Mastercard Company, said “Data in the wrong hands – especially payment card information – can have a huge impact on customers, far beyond the unauthorised use of their cards. Credit card information, combined with other user data from other breaches and social media, builds a complete profile. In the hands of fraudsters and criminal organisations, these valuable identity sets are usually sold to other cybercriminals and used for myriad criminal activities, both on the Internet and in the physical world. Using these real identities, and sometimes fake identities with valid credentials, they’ll take over accounts, apply for loans, and much more. Every hack has a snowball effect that far outlasts the initial breach.
“All customer information is valuable to fraudsters. Name, physical and email addresses, passwords, the content of emails – everything that can be used to compile an identity will be used. We must change the current equation of “breach = fraud” by changing how we think about online identity verification. We need to protect all customer data, but more importantly, we need to make it valueless.
“Multi-layered technology that thwarts fraud exists right now. Passive biometrics technology is making stolen data valueless by verifying users based on their inherent behaviour instead of relying on their data. This makes it impossible for bad actors to access illegitimate accounts, as they can’t replicate the customer’s inherent behaviour.
Analysing customer behaviour with passive biometrics is completely invisible to users. It has the added benefit of providing valid users with a great experience without the extra friction that often comes with other customer identification techniques. When fraudsters try to use stolen customer data or login credentials, they will find the data is useless.
The balance of power will return to customer protection when more companies implement such techniques and technology.”
