511 Million Unencrypted Cards Found in Security Scans

A recent report from Utah based, security and vulnerability assessment specialists, Security Metrics has revealed that over 511 million, unencrypted ‘Primary Account Numbers’ (PAN) were found during their 2019 scans.

The results of the SecurityMetrics’ PANscan showed that during their scans, 88% of merchants had unencrypted payment card data on their devices and systems, across numerous departments including sales, accounts, marketing and customer services.

The percentage of businesses that had improperly stored PAN data, has risen each year, starting at 61% in 2015, 67% in 2016, 69% in 2017, rising sharply in 2018 to 85%, and 88% in 2019. 511 Million Unencrypted Cards Found in Security Scans

Despite the fact that card data may have been unintentionally stored, through poor processes or misconfigured software, this sensitive information, could have been vulnerable to data breaches, data theft, and data leaks, increasing risk and liability for the merchant in the event of a breach.

Alarmingly, the report also stated that 7% of businesses store magnetic full-track data, including the card validation code on the front or back of the payment card after authorisation, which is not permitted in the PCI Data Security Standard requirements.

2019 Card Fraud Statistics

Gala Technology’s CTO, Steve Biggs commented ‘We have always taken the advice of the PCI SSC Chief Technology Officer, Troy Leach, which was to limit the amount of card data entering a merchants’ environment. Sadly, these results highlight a growing trend in the storing of unencrypted sensitive card information.

Our multi-award winning, affordable, SOTpay solution prevents cardholder data from entering the merchants’ environment in the first place, which it why it simplifies PCI DSS requirements and has seen Gala Technology win back to back PCI: Award for Excellence accolades.’ For access to the full report please visit here: https://www.securitymetrics.com/learn/panscan-trends

Don't Wait; Request a Priority Callback Now

Fill out the form, and a professional payment advisor will contact you.

Armor Secure Hosting    DMARC - Email Protection    PCI Compliant

Gala Technology Limited, Unit 10 Farfield Park, Manvers, Rotherham, South Yorkshire, S63 5DB
what3words location ///balance.buyers.shrug


Copyright © 2015 - 2024 Gala Technology Limited. All Rights Reserved.


Don't leave just yet!

Get the brochure

Snatch this SOTpay Brochure with pricing straight to
your inbox and resume like a Boss whenever it suits you!