After US giant suffers malicious hack, even greater focus on security is needed

  • Industry News

4 min read

After US giant suffers malicious hack, even greater focus on security is needed

There was once a time, not all that long ago, when most people going about their everyday life, shopping for essentials and enjoying a bit of retail therapy would be keeping an eye on their wallet or handbag or perhaps having a hand over a pocket containing that almost obsolete item – cash.

The possibility of having a miscreant dip a hand into the bag or pocket of an unsuspecting shopper was always something to consider.

Equally, the shops and restaurants in the high streets which attracted such customers would be watching their till, which had a drawer in which the cashier would store cash which customers would hand over in exchange for their weekly groceries or a new shirt.

For shop owners, the security of that drawer was the difference between making a living and not. Would a staff member help themselves to a bit extra? Would an arithmetic error be made in giving change to a customer? Would a burglar come after hours and empty the said drawer?

Picking pockets, burgling shops and staff members helping themselves to a bit extra were massive risks at one stage, but in today’s world, these seem so basic; so analogue.

Today, the use of cash is dwindling rapidly in many nations across the globe, and whilst that has eliminated the risk of being unsuspectedly relieved of your wallet whilst waiting for a bus or having a man in a balaclava with a striped bag enter your shop at night and remove your day’s income from the till or safe are almost gone, just as the payments industry has advanced its cause, so have the crooks.

Those cartoon characters of the 1970s with extenuated chins, ‘swag’ bags and a pair of gloves waiting for you to turn your back before sneaking off with the cash are now fully-fledged software engineers who know exactly how to jam or hack an institutional payment system.

The most recent example of this is a case in point. NCR, an American multinational company dating back over 135 years, has fallen foul of the light-fingered.

NCR stands for National Cash Register Company because its primary business for many decades had been manufacturing solid metal tills with buttons and a cash drawer.

Nowadays, NCR is considered a payments firm because gone are the days when cash registers were the dominant point of sale (“POS”) method, and contactless digitised payments have taken over. However, just as NCR has moved with the times, so have the villains who would seek to traverse its security. Gone is the lock-picking device or metal bar, replaced by a series of well-educated software geniuses who have managed to hack one of NCR’s key data centres.

This took place in the form of what is known as ‘ransomware’, which is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Once the important files are encrypted, the person or entity which deployed the ransomware will often demand payment to de-encrypt the files and make the system usable again.

In this case, the ransomware attack took place on NCR’s Aloha restaurant point-of-sale technology, and the company’s data centre in Hawaii was the target of the hackers.

Immediately NCR took the system offline and hired external cybersecurity experts to resolve the matter.

Incidents like this are surprisingly not particularly rare, as it makes sense that the more security is applied to payment channels, the more the nefarious will learn about how to access them.

For this reason, it is particularly important, especially in these days of increasing reliance on digitalised payment systems which do not involve the use of physical cash, to choose a wallet solution and payment provider that considers security and access protection to be paramount.

Monevium’s smartphone application has two-factor authentication, and therefore it is much more difficult for hackers to obtain passcodes or access credentials than it would be if simply relying on a password and username.

Having to successfully complete two layers of access credentials, both of which are different in their format, negates the risk of having your accounts accessed. Additionally, because Monevium is a financial technology company rather than a bank, its approach to custodial services is totally different to that of a traditional financial institution in that customer funds are kept in individually allocated accounts rather than ‘lent’ to the bank for their purposes of either trading the markets or lending out to borrowers in exchange for interest payments.

Often that involves customer funds not being kept individually as the bank ‘borrows’ them from customers to use for commercial banking purposes, therefore the risks are higher, not only of cyberattacks but also banking malpractice.

With a Monevium account, client funds are allocated individually to each client account and are shielded behind two-factor authentication.

Payments are settled securely and instantly via virtual or physical card or via contactless payments, and the security of funds is the most critical part of the service provided.

In today’s high-tech world, we can all enjoy the ease and convenience of modern payment systems, but we must remain vigilant and ensure we are one step ahead of those with less-than-decent intentions!

Monevium is the Trading Name of Advanced Wallet Solutions Limited, a company registered in the UK under company number 10251711 and is regulated by the UK’s Financial Conduct Authority under Firm Reference Number 766038.

Open Monevium Account in Minutes

The future of money management is only a few clicks away. Apply here to have complete control over your money.