Log in to your personal account

Forgot password?
Sign up
Please fill in all the fields carefully
registration form. A registration notification will be sent to the e-mail address you specified.
If you want to use Telegram @username, click Login and enter your Telegram @username in the login field
Attention! Password must consist of 8 or more characters, uppercase and lowercase letters, as well as numbers
Password recovery
Enter the e-mail address specified during registration
You send
You send
Go back

Why do payment systems devote a lot of time to security?

2016-05-21

Why payment systems devote a lot of time to security

Electronic money is a type of virtual currency that can be used to make payments on the network. Against the backdrop of globalization, the popularity of online payments and the takeover of online commerce, the security of electronic money is one of the main challenges.

In fact, the value of the new type of coin is no different from electronic money. In this case, the electronic version of "cash" can be issued in different currencies (depending on the needs). Initially, Internet money was created to facilitate payments through the global network, but amid the general takeover of the Internet, the security of electronic currency has become a weak link.

Electronic payment systems are the issuers of the money considered above. We are talking about special companies that issue virtual money, develop and improve existing technologies, act as guarantors of operations. In some cases, EPS are a part of large Internet companies operating in a particular field, for example, Webmoney, Yandex.Money and others.

Each EPS has its own money and individual development goals. At the same time, the security of electronic payment systems is a factor that ensures popularity among Internet users. As for the functionality, interface, capabilities and level of development, these aspects are gradually fading into the background. First, the user evaluates the security of payment systems, after which he begins to study other aspects.

 Indeed, maximum attention is paid to the issue of protecting the network and clients. What is the reason for the attention to security issues in payment systems? There are several of them:

- The higher the reliability, the more trust from users and the higher the level of earnings;

- Security acts as a guarantor of protection against online fraud;

- The level of protection is the main indicator of the stability of the system in the event of external influences of various nature.

Fraudulent schemes

At first glance, the security of electronic money is beyond doubt. EPS have done everything possible to protect themselves and users from theft of funds. But this is not the case. Every year the market for electronic payments grows by a third (this is only in the Russian Federation). With this number, the volume of fraud also increases, which becomes more sophisticated and invisible to the eyes of users. According to tough statistics, the main reason for crimes is the inability of people to ensure the personal safety of funds. At the same time, it is also not worth sweeping aside the fault of payment systems. If we consider the popular types of fraud, then it is worth highlighting:

- "Fishing in a hacker way". Electronic currency security is imperfect. Apparently, the creators of a new type of fraud wanted to prove it. The bottom line is the theft of the clients personal data, for example, payment card details or wallet data on the global network. Secret data is "exposed" is elementary, but it is more difficult to recover funds.

The easiest method to obtain information of interest is to send spam, "worms", a wide variety of viruses, invitations to fake resources on the network, and so on. At the same time, guaranteeing the security of electronic payment systems is not as difficult as it might seem - it is enough to update the antivirus from time to time and try not to visit unverified sites. Otherwise, it will not be difficult to become a victim of another scammer.

Personal information such as passwords to an Internet wallet or key file, CVV or CVV2 code, verification passwords - this and a number of other data cannot be disclosed to unauthorized persons (even to bank employees). If you want to make a transaction in the direction of another network member, it is enough to know the number of his wallet or card.

    Wallet theft. The security of payment systems also raises doubts from the standpoint of the safety of funds in electronic wallets. So, one of the new ways of theft is to entice personal data from users in an exchange way. The schemes are as simple as the world - buying a service (product), receiving an advance payment with the transfer of half the amount.

Fraudsters take advantage of the gullibility of customers, entice personal data and transfer funds to their wallet. There are hundreds of fraudulent schemes using the Qiwi or WebMoney payment system. In such situations, ensuring security in payment systems should come first. If you have the slightest suspicion of fraud, you should notify the security service. Otherwise, refunds become difficult.

    "Nigerian" letters. It is worth noting one more scheme, which involves mailing from representatives of credit financial institutions of other countries (for example, Hong Kong). The author of the letter offers to play the role of a fictitious heir on the part of one of the millionaires in Iraq, while receiving in return 40% of his property. It also provides detailed instructions on what actions need to be taken next -open an offshore account, deposit 500 euros on it, set up remote use and send information to the sender of the letter. Despite the simplicity of the manipulation, people decide to translate. Scammers play on greed.

Types of online fraud

In the process of creating protection, the payment system pays attention to many points, from direct attacks to the server and ending with neutralizing the fraudulent schemes described above. And there is work to do here, because there are many options for online fraud. Among them:

    Phishing emails. This term covers mailings from organizations, social networks or sites. Such mailings contain information according to which the recipient must perform any actions and transfer confidential information to a third party.
    Phishing links. The principle is simple. A person enters a set of characters in the address bar (follows the provided link) and gets to a fake page of a company (organization). Subsequently, the information that is entered in the fields is recorded by the attackers. It is a matter of technique to use the obtained data for personal gain.
    Site substitution. This is a variation of a past scam, but more serious. This is about creating a fake site that looks a lot like the original. In an attempt to enter a necessary and well-known site, the user finds himself fake. At the same time, all accounts that are entered by the visitor are recorded by the attackers. The principle of the virus operation may be different, but the result remains unchanged.
    Mobile phone fraud. Recently, SMS messages or calls allegedly from employees of banking institutions are more and more in demand. There can be a dozen reasons for luring funds, for example, the password has expired, a breakdown has occurred in the system, a plastic card is blocked, personal information is lost, and so on. If the attacker managed to lure out the necessary information, then the goal is achieved.
    Inattention in relation to information carriers. As mentioned, the security of electronic money depends on the care of the owner. The reason for the banal theft of funds from the wallet may be leaving a memory card, phone or PC in a conspicuous place unattended. A few minutes are enough to find out the necessary information.
    Use of simple passwords. The security of electronic currency depends on another factor - the reliability of the set passwords. If you do not pay special attention to this moment, then it will take no more than a few minutes to gain access to personal information.

Break-ins and thefts

The greatest danger comes from hackers who can break into a users email or wallet. But dont get lost. The security of electronic payment systems can be ensured if you know a number of secrets:

    Hacking an electronic wallet by guessing a password. At risk are public wallets that are disclosed to users to collect funds for donations, development of a project or resource. To protect the wallet, you should do the following - set a complex password, use double authentication, transfer funds only via SMS confirmation.
    Hacking e-mail and using funds in the wallet by "restoring access". After gaining access to the mailbox, the attacker requests recovery and then uses the link to change the password. For protection, it is worth using the following recommendations - use only double identification, use reliable email services that guarantee protection against hacking (https encryption is required). In addition, you should not store information with passwords in your mailbox - this is a gift for cybercriminals. Having obtained data using viruses or worms, it costs nothing for a hacker to gain access to the rest of the information.
    Some programs are embedded in the computer and carry out a number of instructions from the owner - they collect passwords for social services, receive information on payment, "fetch" passwords to the mailbox, and so on. Protection - the use of antivirus programs with a mandatory update, maximum attention when launching suspicious applications, files, using checkers, and so on. It is worth remembering here that the security of the payment system depends on the users attention, and not on the EPS itself.
    Spoofing passwords in chats or forums. An attacker can introduce himself as an administrator or a moderator, enticing information he needs. To eliminate such problems, it is not recommended to transfer your login or password to third parties, communicate with the support service only through an official resource, do not use the services of intermediaries and do not transfer important information to unauthorized persons.

General safety rules

It is worth considering a number of security rules in payment systems that must be taken into account:

    Keep passwords and other important data in a secure place. A desk or notebook is not the best place to store it. Do not share personal information with unauthorized persons. Use antivirus programs and update them regularly. When working through a payment resource, try to check the website address, as well as the availability of a secure connection via https. In this case, the certificate itself must be signed by a trusted center.
    Try not to publish phone numbers or mailbox addresses that are linked to your wallet. In addition, you should not publish personal information in the public domain through which attackers can gain access to personal data.
    Do not use various buses, bonus collectors, checkers and other applications.