Credit Card Technology Dries Up Terrorists' 'Cash Cow';
A leading expert on terrorism and financial crime says protecting
credit card data is critical to eliminating a major source of funding
for terrorist organizations.
According to Dennis Lormel, a former FBI
Section Chief for financial crimes, credit card fraud is a low-risk,
high-reward way for terrorists to get the money they need to operate.
Further, since terrorists have become adept at hacking into computer
systems to steal card data, technology that removes credit card data
from computer systems effectively chokes off this revenue stream.
Lormel,
who is now Senior Vice President of the consulting firm Corporate Risk
International, cites the case of Imam Samudra, who was convicted of
masterminding the Bali bombing in Indonesia.
"After he was arrested, he
wrote a jailhouse manifesto that urged fellow terrorists to hack into
computer systems and steal credit card data. He called it the 'cash
cow' for radical organizations," Lormel said. Once the card data
is stolen, terrorists then use it to generate cash or to directly
purchase items such as weapons, bomb-making materials and night-vision
goggles. "They are very adept at exploiting weaknesses in the financial
system, such as vulnerable credit card data in computers," Lormel
explained.
Shift4 Corp., a leading provider of enterprise payment solutions, has developed
payment processing technology that combats credit card theft by
removing all useable card data at the merchant level so it can never be
stolen and used by terrorist organizations.
"Getting the data out of
the reach of terrorist hackers absolutely chokes off a major source of
funds for these organizations," Lormel said .
Shift4 Corporation's
$$$ ON THE NET® payment processing system and 4GO with SafeSwipe™
use "Tokenization" technology to remove all usable personal card data
from the entire transaction process. Instead of storing actual credit
card numbers, the data is converted to a token: a globally unique,
randomized representation of the card number. Only the token is stored
in the system. Tokenization is superior to simple encryption because
sensitive personal card data is never in the system and is thus never
available to hackers or dishonest employees.