Payment giant Visa revealed a new security roadmap for Australia and has chosen it as the first country to have all e-commerce payment providers with botnet detection capabilities in place by October 2021 to mitigate the threat by enumeration attacks. The company said that it could not fight the rise in attacks alone and needed assistance from the entire payment ecosystem.
Visa in the security roadmap said that the e-commerce merchant banks would need to be aware of the new rules and ensure that they have appropriate controls in place to identify, prevent and disrupt the attacks. They also mentioned that the vendors working with payment gateways and independent solution vendors need to ensure proper controls that meet the Visa requirements.
Enumeration attack is typically on online retailers. The attackers use a script to send thousands of low transaction attempts to get approval on a valid account number, CVV, and expiry combination. The attackers use botnets to carry out and scale these attacks. This leads to account take over or compromise, or fraudulent transactions.
Visa’s head of risk for the Asia Pacific, Joe Cunningham, said that making botnet detection capabilities a requirement is due to the increasing attacks in the past 12-18 months. He also added that botnet detection is critical to protect sellers from cyber attacks.
Source:
Comments