New study shows organisations lacking in payment data security

A new global study has shown a critical need for organisations to improve their payment data security practices. 

The study, conducted by Ponemon Institute on behalf of Gemalto, questioned over 3700 IT security professionals in multiple industries, found that over half had dealt with a data security breach at least four times since 2014.

A worrying statistic also showed that ownership of customer payment data is not centralized with 28% of those questioned saying it is with the CIO alone, a further 26% saying it’s with individual business units, 19% with compliance and 15% with the CISO.

Even more concerning, over 50% said that payment data security is not a top five business priority for their company, despite the recent high profile breaches across the world.

“These independent research findings should be a wakeup call for business leaders,” said Jean-Francois Schreiber, Senior Vice President for Identity, Data and Software Services at Gemalto.

“Given what was found with traditional payment methods and data security, companies involved with payment data must realize compliance is not enough and fully rethink their security practices, especially since a full one-third of those surveyed said compliance with PCI DSS is not sufficient for ensuring the security and integrity of payment data. The financial fallouts from data breaches, and the damages to corporate reputation and customer relationships will carry even greater potential risk as newer payment methods gain adoption,”added Schreiber.

Only one third of those asked felt that their company allocates enough resources to protecting payment data. 59% said their company permits third party access to payment data and of these only 34% utilize multi-factor authentication to secure access.

New Payment Methods on the Rise and So Are Security Concerns

According to the study, acceptance of new payment methods such as mobile, contactless and e-wallets will double over the next two years. While respondents say mobile payments account for just 9% of all payments today, in two years they expect this ratio to increase to 18% of all payments.

Given the issues companies IT professionals reported to face in securing payment data accepted today through traditional methods, companies are likely to face even more difficulties in securing new payment methods. In fact, the study found that nearly three quarters of those surveyed believe these new payment methods are putting payment data at risk and 54% do not believe or are unsure their organization’s existing security protocols are capable of supporting these platforms.

View the full study here

Tags : Data SecurityFinTechGemaltoInfoSec