With recent arrests of several criminal gangs who had travelled to the UAE specifically to break into under-secured homes, it should come as no surprise that cyber fraudsters have also turned their attention to this country. As The National reported yesterday, several hundred credit card holders were recently affected by a security breach executed by an organised group of hackers.
Just as the low-crime environment of this country can lead some homeowners to drop their guard, so credit card holders can sometimes be a little lax in ensuring their card information does not fall into the wrong hands.
This is a scenario in which everybody has to play their part, starting with the credit card holder themselves using prudence and precaution in all their online dealings, rather than leaving it entirely to the banks. The banks too need to play their part, and many of the security features used here – such as chip-and-pin systems to make illicit cloning of cards much more difficult or the use of SMS-delivered transaction authorisations with 10-minute validity – are up to current global standards.
But the issue extends well beyond the card holders and their banks, because it is commonplace to provide detailed personal information – in the form of passport photo pages or copies of the Emirates ID card, both of which include the bearer’s signature – to third parties such as telecoms companies, utility providers and similar entities.
We rely on these third parties to use that information wisely and then dispose of it in a way that will keep it out of the hands of the unscrupulous. In most cases, it seems they do just that, but this is too important an area to simply rely on good intentions. Regular readers of this page’s editorials will know we are generally reluctant to suggest regulation in the private sector unless the goals cannot be achieved in another way. This is a case where some form of legal mandate is justified.
Our ability to pay for goods and services online without having to leave our homes or carry around large wads of cash is a boon of modern life that deserves to be protected. Both card holders and banks have a powerful self-interest to ensure their information remains secure and it’s time the third parties also have strong incentives to maintain the highest security standards.