The message is getting louder by the day and its coming from computer crime specialists and law enforcement organisations and authorities from all around the world. The internet is becoming an increasingly dangerous place for all forms of highly sensitive and critically confidential information, such as credit card details, personal identity information and business transaction history data.
When critically sensitive and highly confidential data exists either online or on any system, database, storage device or network connected to the internet the new reality is there is no true permanent way to guarantee that data will never run the risk of being compromised ...
Fear in the Fast Lane
(Four Corners production, Andrew Fowler, ABC TV)
Identity Security (
Australian Government Attorney-General's Department)
(Australian Federal Police)
(Queensland Police Service)
The enemy in the net
(ABC Radio National)
Internet borne theft of credit card details and personal identity information alone accounts for roughly around 95% of all credit card and identity theft in the world today and is single handedly powering the vast majority of the now monumental global credit card fraud
and identity theft menace.
But make no mistake, there is a solution ...
CDU (critical data unplugged) is a new local initiative stemming directly from advice to the general public and business communities from Police, other law enforcement agencies and computer/internet crime specialist bodies on how to achieve absolute protection for critically sensitive and confidential data where no database, computer system, storage device or network is beyond the threat of being compromised.
The CDU ideal advocates the complete removal of all sensitive and critically confidential data from being potentially available to be compromised in the first place.
When critically sensitive data does not reside within any device, system or network either online or connected to the internet the recognised data security risks associated with the world's number one method responsible for credit card and identity theft
Hackers, cyber crime syndicates and internet crooks are now becoming increasingly more efficient at thieving critically sensitive and highly confidential information from the internet and from systems connected to the internet, and hoards of it ....
More than 100 million credit cards may have been compromised in data breach
Visa confirms another payment processor breach
Credit card breach exposes 40 million accounts
40M credit cards hacked
40 million credit cards exposed
However, what can not possibly be disputed is that hackers, cyber crime syndicates, internet crooks and any other online criminal can't thieve highly critical and sensitive information from the internet when that information is not there for them to thieve in the first place.
When data doesn't exist it can't possibly be stolen. The logic is brilliantly simple and the end result of a practice that effectively no longer stores critically sensitive information online and thus 'unplugs critical data' from the internet, terminates by design the core vulnerability that many are starting to believe has the potential to threaten the future usability and worth of the internet itself.
Any suggestion of a new security standard that advocates the non storing of critically sensitive data online would certainly meet with strong opposition from those businesses that operate with systems that do. Indeed, the storing of extremely confidential and highly sensitive credit card and personal identity information online or on internet connected databases, storage devices and networks has become so widespread and entrenched within the operational architecture of many organisations that it would be near impossible to imagine them able to function otherwise.
The current 'real time' online credit card payment
processing system is a case in point. Permanently storing credit card details, transaction data and in some cases highly confidential identity information within thier systems is a fundamental design function of that method and remains so still to this day.
But ordinary people and ordinary small businesses are fed up with the financial loss, frustration and often devastating consequences credit card fraud and identity theft can inflict. The multi billion dollar yearly cost (and growing) inflicted upon people and businesses that these activities cause together with the insurmountable quantities of law enforcement man hours and costly resources utilised to combat the scourge of online credit card fraud and identity theft is reaching breaking point. Enough is enough.
Although CDU is not yet an official data security standard, it does represent a bold ideal for a safer and more secure future for an internet connected world and is being adopted, by choice, by people and businesses courageous enough to move away from permanently storing sensitive data on internet connected systems, storage devices and networks in order to afford themselves and their customers with, arguably, by far the most effective data protection practice ever proposed.
e-Path is one such company.
PCI DSS compliance helps but CDU gets the job done
PCI DSS compliance has revolutionised credit card data handling and storage security throughout the world. E-commerce activity is now immeasurably more secure thanks to PCI DSS.
However, PCI DSS compliance alone does not guarantee absolute and total security of credit card data
especially when credit card data is permanently stored on internet connected systems, storage devices, databases or networks ...
Heartland data breach proves PCI compliance is not enough
Does the Heartland breach prove PCI useless?
Heartland breach shows PCI compliance is not enough
When credit card data is permanently stored online or within any gateway system, device, database or network connected to the internet there will always be inherent risk involved, this is an uncomfortable fact.
No official security standard today, including PCI, can possibly protect against a brand new hacking technology or method that may be invented and unleashed on the internet tomorrow morning. But CDU does.
The reason why the majority of hackers, cyber criminals and internet crooks have success is not because they use technologies and methods that are already recognised by security standards and security defences, its because of the exact opposite - they use technologies and methods that security standards and defences either don't know about or don't yet know how to defend against.
But with CDU there is no critically sensitive data
being permanently stored in the first place. Therefore, no matter what the existing or future threat cares to be, if critically sensitive data doesn't exist it can't possibly be stolen.
So while PCI DSS certainly helps to make critical data a whole lot more secure, CDU ensures it!
Despite it not winning us any friends within the well established online credit card payment processing industry, e-Path is fiercely proud to be delivering this ultimate level of CDU security right now, today.
The e-Path system was specifically engineered, from the ground up, to accept credit card payment authorisations online without permanently storing any credit card details, transaction data or identity information at all.
Even the delivery system used by merchants to receive credit card payment authorisations through e-Path has been designed to ensure no data is stored on the hard disk of the receiving computer.
Once the official bank approved merchant account owner
has received a credit card payment authorisation through e-Path and printed it out, that data no longer exists either with e-Path on the internet or even on the recipients computer - its not being stored online within any payment gateway system, its not being stored on any appliance connected to the internet, its not within any database, storage device or network.
That data is, in fact, solely in the possession of the official bank approved merchant account owner back in the real bricks and mortar world and nowhere near the open internet and the reported 1.6 billion people connected to it. Highly sensitive credit card and identity data is completely removed from the very environment that is responsible for near 95% of all credit card and identity theft in the world today.
e-Path fully complies with CDU - the ultimate data security for an internet connected world