Regardless of what security tools and protocols are put in place by retailers -- or really any institution that houses sensitive consumer information – there inevitably will always be a weak link, potentially exposing millions of credit cards into a burgeoning online black market where criminal syndicates are doing a brisk business selling stolen cards in bulk.
Of course, when credit cards are sold and eventually cloned, it’s the financial institution that’s left holding the bag. Following a wide scale breach, banks are often left with two options. They can either replace all of the cards that have been compromised or they can selectively replace cards that they know have been cloned and are about to be used in a fraudulent transaction. However, replacing hundreds of thousands of credit cards that may or may not have been breached is simply not an economically feasible strategy for many banks – it’s cost-prohibitive, inconvenient for their customers who increasingly have their card accounts linked to a variety of services, and creates an opportunity for bad publicity.
Clearly, if a bank could proactively pinpoint only the card accounts that have been compromised and cloned prior to any fraud being committed, they could meet their security obligations to their customers, save money, and most importantly, keep their IT staff focused on core strategic initiatives.
A leading US-based bank, with more than $26 billion in assets has managed to do just this. By monitoring black markets, the company was able to obtain a list of its customers whose debit and credit cards had been compromised and act accordingly only on those accounts before any unauthorized use actually occurred. The bank even admitted that having this capability is a game-changer for the organization. To read the full case study, click here.