Story URL: http://news.medill.northwestern.edu/chicago/news.aspx?id=113343
Story Retrieval Date: 6/19/2013 12:06:07 PM CST
Chicagoans who regularly use credit cards at retail stores and access free Wi-Fi at coffee shops may feel ill at ease after seeing the results of an annual wireless security survey released Wednesday by Motorola Inc.
Motorola researchers tested computers, barcode scanners and other wireless devices at more than 4,000 stores in Chicago, New York, Paris and other global metropolitan areas. They found that 44 percent of the wireless devices could be easily infiltrated by hackers seeking credit card numbers and other sensitive customer information.
“Retailers need to understand that they cannot properly secure their corporate or customer data with a passive approach to wireless security,” Sujai Hajela, vice president and general manager of Motorola’s enterprise mobility business, said in a press release. “Several high profile retail data breaches have exploited wireless vulnerabilities, resulting in millions of credit card numbers being compromised.”
Illinois, like most states, requires retailers to notify consumers if a breach involving personal information is discovered. Just last week, Heartland Payment Systems Inc., which processes payroll and credit card payments, reported that credit card information it has may have been accessed by hackers. The matter remains under investigation.
A spokesperson for Motorola declined to release the names of the retailers included in its recent survey. The research took place during the third and fourth quarters of last year and showed a significant improvement from the 2007 survey, which found 85 percent of retailers to be vulnerable to wireless fraud.
John Pescatore, vice president and analyst at Gartner Inc., a leading information technology research and advisory company, noted that Motorola sells wireless protection equipment and thus has a financial interest in pushing retailers to modernize their technology. However, he said that Motorola’s survey results are “very believable.”
“The reputation of merchants protecting credit card numbers is not very good,” Pescatore said. “You have just as much to worry about having your card swiped at a toy store as you do entering it over the Internet. It’s unsafe in both places.”
In addition to warning retailers not to use outdated encryption technology, Motorola noted the risk to consumers posed by the growing availability of free wireless Internet at stores and shopping centers.
“[When you hit ‘connect’ on a free Wi-Fi network], the question you have to ask yourself is how do you really know it’s the authorized coffee shop network or the hotel network?” Amit Sinha, chief technologist at Motorola AirDefense, said in a phone interview. “It could be an access point operated by a hacker who is sitting in the vicinity. It looks and feels like a real network, but it’s not.”