Payments processor Visa does not intend to stand idle and watch as the current epidemy of Magecart (web skimming) attacks continues to rage unchallenged.
Beginning last summer, Visa begun throwing considerable resources at combating Magecart -- a type of attack were cybercriminals hack into an online store to plant malware that collects payment card data as users enter personal details in checkout forms.
Speaking to ZDNet in a phone interview this week, Visa Senior Director of Payment Systems Intelligence David Capezza says Visa's strategy against Magecart groups is to "devalue and distrupt."
Through this approach Capezza says Visa aims to devalue the data attackers can steal from online stores, and then disrupt existing operations and prevent future attacks.
Devalue
Visa's plan to devalue payment card data involves the rollout of new technologies like the Visa Token Service and Click To Pay systems.
The Visa Token Service[1] is a new payment mechanic[2] through which payment card numbers and details are replaced by a token. This token validates the transaction against Visa's servers, but its useless to attackers as it doesn't contain any data cybercriminals can use to sell or clone cards.
This novel tokenization system will be coupled with the new Click To Pay technology[3] that Visa and fellow card providers have been working on for the past few few years, and which they recently began rolling out across the US.
With Click To Pay, multiple card providers have banded together to create a common "Click to Pay" button that vendors can add to their online stores. Users only have to enter their card details once, and then click the button to buy products across the internet, without having to re-enter card details on each store.
Since users don't have to enter