 |
It
is not yet clear whether customer accounts have been compromised.
MUMBAI: Payment security firm Sisa has issued an advisory to all banks and payment processors after it discovered that hackers had managed to insert malicious software into the payment switch server of an unnamed bank. The advisory is in the nature of a warning to other banks to reset passwords for employees with access to payment servers and to use two-factor authentication for providing access.
A Sisa spokesperson said that a malicious script (software
code) has been injected into the payment switch application server the hub
which communicates with payment networks. This malicious software is capable of
collecting payment card data (including card number, expiry date, CVV and other
customer information). The hacker can then use this information to clone cards
and conduct transactions. The malicious software also enables transactions by
sending fake response to the payment network in respect of the card. The
fake responses ensures that no details of the incoming transaction request or
outgoing transaction response are logged in the switch application logs.
While
the malicious software has been identified, it is not yet clear whether
customer accounts have been compromised.
SISA is
the payment forensic investigator which investigated India's largest debit card
breach last year — which forced one of the biggest debit card reissuance in the
country. "We have released this advisory in the interest of proactively
securing the payment card industry based on recent findings by SISA PFI
(Payment card industry Forensic Investigation) Lab," said a company
spokesperson.
|
Comments
Post a Comment