Fraud: Why Payment Card Industry Must 'Get Its Act Together'Consultant William H. Murray on the Payment System Security Changes Needed Now
Payment card fraud: We know it's bad. But while card issuers bear the brunt of losses, costs still get passed along to consumers in the form of interest charges and fees, says information security expert William Hugh Murray.
See Also: A Toolkit for CISOs
"This industry is so lucrative that there is now an illegitimate industry dealing in payment card information," he says. "You can buy payment card account numbers in this black market, and it's such a large and complex industry that it's hard to know what impact it's having on the total economy."
Clearly, the payment card industry must do better, Murray says. And he notes that new initiatives such as Apple Card, which doesn't even have a 16-digital card number printed on it, point to how the industry can and must evolve.
In a video interview at Information Security Media Group's recent Cybersecurity Summit in New York, Murray also discusses:
- Recommendations on what the industry must do next;
- A timeline for changes;
- Cultural challenges facing the payment card industry.
Murray is a management consultant and trainer in information assurance, specializing in policy, governance and applications, and has held numerous positions since he joined IBM Research as a programmer in 1956, including at Ernst & Young, Deloitte & Touche, as well as serving as adjunct faculty at the Naval Postgraduate School and Idaho State University. In 1999, he was elected a distinguished fellow of the Information System Security Association. In 2007, he received the Harold F. Tipton Award in recognition of his lifetime achievement and contribution. In 2016, he was inducted into the National Cyber Security Hall of Fame. In 2018, he was elected a Fellow of (ISC)2.