Radio Frequency Identification (RFID) could be the next thing in spending as banks, retailers and businesses race to incorporate the latest technology into the consumer relationship. However, protection of private information continues to be a concern — illustrating the need for a Massachusetts business attorney whenever new technology is introduced into the sales and marketing equation.
A data breach in Massachusetts or elsewhere is a real concern. Recent issues at Citi Bank (more than $2 million was stolen after hundreds of thousands of accounts were breached), Sony and other corporate giants continue to illustrate the dangers.
A recent gathering of researchers at UMass Amherst focused on improving security and privacy of RFID and electronic payments. Radio frequency identification is the next-generation technology, which allows consumers to pay for purchases by swiping their mobile phones. Concerns primarily focus around the fact that it’s equally possible for fraud to occur by anyone who can get close enough to your phone to pick up the frequency. The workshops June 26 to 28 at the Hotel Northampton will focus on the security and privacy concerns and are the first to take place in the United States.
One demonstration will include a device built from parts purchased on eBay, which has the ability to peer into a wallet for sensitive credit card and identifying information from several feet away.
Like bar codes, RFID technology permits contactless payments simply by waving a cell phone at a cash register or other device; the concern comes when fraudsters intentionally intercept the radio waves for the purpose of recording bogus transactions.
“Good security and privacy is built in, not bolted on. It is less costly to anticipate threats and to secure systems from the start than to patch after the fact,” said Kevin Fu, a UMass Amherst computer scientist.
Similarly, it is best to consult a Massachusetts technology attorney whenever new technology is being instituted or changes are being made to billing processes. Getting it right at the start is much easier than trying to correct errors or illegalities after the fact.
High-profile computer breaches continue to plague corporate America. Most recently, Citigroup is under fire for taking too long to notify customers after hundreds of thousands of accounts were hacked and more than $2 million was stolen, Infosecurity Magazine reports. The company waited six weeks.
The Boston Globe reports 3,400 customers lost $2.7 million but will be reimbursed. The bank reports more than 360,000 credit card accounts — or about 1.5 percent of the bank’s North American accounts — were compromised.
Now Reuters reports Citgroup also failed to provide its customers with the degree of privacy protection that many other companies provide. Most companies suffering a similar breach have offered to buy or give customers a year of identity theft protection or credit monitoring services. Citi did not — only reminding customers that they could place a fraud alert on their credit files.