Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Share

Securing Online Transactions and Customer Data

Download to read offline

Presentation from NRF Protect 2019: Retail's Loss Prevention and Cyber Risk Event.
Molly Pro & Harley Rohrbacher, Intelligence Analysts, NCFTA
Adam Hunt, CTO and Chief Data Scientist, RiskIQ
DJ Murphy, Editor-in-Chief, Security Portfolio, Reed Exhibitions

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Securing Online Transactions and Customer Data

  1. 1. Securing Online Transactions and Customer Data Molly Pro & Harley Rohrbacher, Intelligence Analysts, NCFTA Adam Hunt, CTO and Chief Data Scientist, RiskIQ DJ Murphy, Editor-in-Chief, Security Portfolio, Reed Exhibitions
  2. 2. NCFTA Programs and Initiatives CYFIN PROGRAM BRAND & CONSUMER PROTECTION PROGRAM MALWARE & CYBER THREATS PROGRAM CYFIN PROGRAM E-COMMERCE FRAUD CYBERHEALTH WORKING GROUP (CHWG) • BANKING • BROKERAGE • PREPAID CARD • POINT OF SALE COMPROMISE • ACCOUNT TAKEOVER • HUMAN TRAFFICKING • BUSINESS EMAIL COMPROMISE • TRAVEL FRAUD PHARMACEUTICAL FRAUD INITIATIVE LONG-TERM INFECTION ANALYSIS IPR INITIATIVE • AUTOMOTIVE • TOBACCO • GENERAL COUNTERFEIT APPLICATION & HARDWARE MALWARE ANALYSIS INTERNET FRAUD ALERT (IFA) SOCIAL MEDIA RESEARCH HACKTIVISM DARK WEB RESEARCH MULTI-LINGUAL INTEL ANALYSTS — RUSSIAN / CHINESE / SPANISH / FRENCH / JAPANESE / ARABIC
  3. 3. NCFTA Collaboration Insurance, Healthcare Financial Institutions & Brokerage Prepaid & Payroll Processing Retail & Ecommerce Other Critical Infrastructure Manufacturing (Pharma, Auto, Agriculture) ACADEMIA & SME’s HQ-Level Law Enforcement CO-LOCATED AT NCFTA Multiple Industry Sectors CONSENSUS Law Enforcement Analysts NCFTA Analysts Feedback PSAs Actionable Intelligence Investigative Reports Targeted DisruptionTraining
  4. 4. Retail Threats – Dark Web • Malware • ATO • Card dumps • Loyalty program fraud
  5. 5. MageCart
  6. 6. MageCart
  7. 7. MageCart
  8. 8. Dark Web Attribution Valuable Information from Vendor Profiles Contact Information Additional Points of Sale Customer Reviews Seller Rating Dialect Used Shipping Methods/ Locations
  9. 9. Clearnet Research Actor Recorded Data Breaches Public Records Social Media Compare Interests Other Open Source Resources
  10. 10. Actor Investigation
  11. 11. 11 Recommendations • Keep software updated • Establish a strong password policy • Use ‘captcha’ or some other bot protection • Encrypt data at multiple stages • Send notifications to the customer • Educate customers • Remove unnessary javascript from payment pages • Use Subresource integrity • Verify S3 bucket permissions
  12. 12. Contact Intelligence Analysts Molly Pro mpro@ncfta.net Harley Rohrbacher hrohrbacher@ncfta.net CTO @ RiskIQ Adam Hunt Adam.hunt@riskiq.net Editor-in-Chief, Card Not Present D.J. Murphy dmurphy@reedexpo.com
  • mohitsgujarathi

    Jun. 17, 2019

Presentation from NRF Protect 2019: Retail's Loss Prevention and Cyber Risk Event. Molly Pro & Harley Rohrbacher, Intelligence Analysts, NCFTA Adam Hunt, CTO and Chief Data Scientist, RiskIQ DJ Murphy, Editor-in-Chief, Security Portfolio, Reed Exhibitions

Views

Total views

341

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

15

Shares

0

Comments

0

Likes

1

×