The message is getting louder by the day and its coming from computer crime specialists and law enforcement organisations and authorities from all around the world. The internet is becoming an increasingly dangerous place for all forms of highly sensitive and critically confidential information, such as credit card details, personal identity information and business transaction history data.
When critically sensitive and highly confidential data exists either online or on any system, database, storage device or network connected to the internet the new reality is there is no true permanent way to guarantee that data will never run the risk of being compromised ...
Fear in the Fast Lane
(Four Corners production, Andrew Fowler, ABC TV)
Identity Security (
Australian Government Attorney-General's Department)
(Australian Federal Police)
(Queensland Police Service)
The enemy in the net
(ABC Radio National)
Internet borne theft of credit card details and personal identity information accounts for the overwhelming majority of all credit card and identity data theft in the world today. It is the major source in powering the vast majority of the now monumental global credit card fraud
and identity theft menace.
The innovative solution is to practice CDU ...
CDU (critical data unplugged) is a new local initiative stemming directly from advice to the general public and business communities from Police, other law enforcement agencies and computer/internet crime specialist bodies on how to achieve absolute protection for critically sensitive and confidential data where no database, computer system, storage device or network is beyond the threat of being compromised.
The CDU ideal advocates the complete removal of all sensitive and critically confidential data from being potentially available to be compromised in the first place.
When critically sensitive data does not electronically reside within any device, system or network either online or connected to the internet the recognised data security risks associated with the world's number one method responsible for credit card and identity data theft
Hackers, cyber crime syndicates and internet crooks are now becoming increasingly more efficient at thieving critically sensitive and highly confidential information from the internet and from systems connected to the internet, and hoards of it ....
More than 100 million credit cards may have been compromised in data breach
Visa confirms another payment processor breach
Credit card breach exposes 40 million accounts
40M credit cards hacked
40 million credit cards exposed
However, what can not possibly be disputed is that hackers, cyber crime syndicates, internet crooks and any other online criminal can't thieve highly critical and sensitive information from the internet when that information is not there for them to thieve in the first place.
When data doesn't exist it can't possibly be stolen. The logic is brilliantly simple and the end result of a practice that effectively no longer stores critically sensitive information online and thus 'unplugs critical data' from the internet, terminates by design the core vulnerability that many are starting to believe has the potential to threaten the future usability and worth of the internet itself.
Any suggestion of a new security standard that advocates the non storing of critically sensitive data online would certainly meet with strong opposition from those businesses that operate with systems that do. Indeed, the permanent and semi-permanent storing of extremely confidential and highly sensitive credit card and personal identity information online or on internet connected databases, storage devices and networks has become so widespread and entrenched within the operational architecture of many organisations that it would be near impossible to imagine them able to function otherwise.
The current 'real time' online credit card payment
processing system is a case in point. Permanently storing credit card details, transaction data and in some cases highly confidential identity information within their systems is a fundamental design function of that method and remains so still to this day.
But ordinary people and ordinary small businesses are fed up with the financial loss, frustration and often devastating consequences credit card fraud and identity theft can inflict. The multi billion dollar yearly cost inflicted upon people and businesses that these activities cause together with the insurmountable quantities of law enforcement man hours and costly resources utilised to combat the scourge of online credit card fraud and identity theft is reaching breaking point. Many feel enough is enough.
CDU represents a bold ideal for a safer and more secure future for an internet connected world and is being adopted, by choice, by people and businesses courageous enough to move away from permanently storing sensitive data on internet connected systems, storage devices and networks in order to afford themselves and their customers with, arguably, by far the most effective data protection practice ever proposed.
e-Path is one such company.
PCI compliance helps but CDU gets the job done
PCI compliance has revolutionised credit card data handling and storage security throughout the world. E-commerce activity is now immeasurably more secure thanks to PCI.
However, PCI compliance alone does not guarantee absolute and total security of credit card data
especially when credit card data is permanently stored on internet connected systems, storage devices, databases or networks ...
When credit card data is permanently stored online on in storage devices, databases or within networks there will always be inherent risk involved, this is an uncomfortable fact.
No official security standard today, including PCI, can possibly protect against a brand new hacking technology or method that may be invented and unleashed on the internet tomorrow morning. But CDU does.
With CDU there is no critically sensitive data
being permanently stored in the first place. Therefore, no matter what the existing or future threat cares to be, if critically sensitive data doesn't exist it can't possibly be stolen.
So while Payment Card Industry Data Security Standards (PCI DSS) certainly helps to make critical data a whole lot more secure, CDU ensures it!
Despite it not winning us any friends within the well established online credit card payment processing industry, e-Path is fiercely proud to be offering a system that sees the ideals of CDU being met, right now, today.
The e-Path system was specifically engineered, from the ground up, to accept credit card payment authorisations online without permanently storing any credit card details, transaction data or identity information at all within its systems.
Even the delivery system used by merchants to receive credit card payment authorisations through e-Path has been designed to ensure no data is electronically stored on the receiving computer.