European Data Protection Day, we tell you how to protect yours

As you know, today, January 28th is European Data Protection Day, a very important date since in recent years cybercrime has focused its activity on data theft.

Currently, the main business of criminals on the internet is obtaining personal data and payment credentials, such as card numbers and online banking access codes. For this reason, at BOTECH we always emphasize the importance of raising awareness, both among individuals and companies, about the need to protect them and achieve maximum security.

Your data is a target of cybercrime

Did you know that…

the theft of personal data on the internet is skyrocketing in Spain: one victim every two minutes according to data from the Technical Unit of the Civil Guard’s Judicial Police specialized in cybercrime?
Spain is the third country in the world with the most cyberattacks, as reported by the Cybersecurity Report from InfoJobs?
this same report also reveals that 44% of companies have been victims of a cyberattack this past year, and only 17% of employees were aware of having suffered one?
nearly 40,000 cybersecurity incidents occur every day according to INCIBE, and SMEs receive 70% of the attacks in Spain as they are more vulnerable due to lacking good digital infrastructures?
cyberattacks on SMEs, as noted by the College of Economists of Valencia, result in an average cost of 75,000 euros?

Data protection has become essential since data is now the new target of cyberattacks—something that is not surprising when we consider that Spain currently has 87.5 million payment cards, reaching historical highs (more cards than inhabitants), and 54.1% of the population already prefers paying by card.

These card data are highly coveted, and cybercrime has two objectives with them:

One is direct exploitation to purchase products and make money transfers.
The second, now the most common, is selling them to other criminals.

What are the most common incidents to steal your data?

There are different types of cyberattacks that it is very important to raise awareness about to reduce their current success rate. Among them, the most notable are:

Smishing consists of sending fake SMS messages to our mobile, pretending to be our bank with the goal of stealing private information or making a fraudulent charge.
Phishing, whose most common format is through emails in which identity is spoofed.

Recommendations to follow for maximum data protection

Always check the URL: Be careful! The text displayed initially may not match the website you are redirected to when clicking the link.
Download apps only from official sites.
Keep your device secure. Keep updates up to date.
Watch the writing: Fraudulent pages or messages are often created abroad, so their texts are frequently prepared with online automatic translators that contain grammatical and spelling errors that are easy to spot.
If an offer or discount seems too good… be suspicious and investigate the company offering it to verify it.
Never give your PIN: In regular online purchases, you are never asked for your PIN.
Use secure payment gateways such as PayPal or make purchases through online stores that comply with the PCI DSS security standard.

And most importantly, remember: at the slightest doubt, don’t take risks and protect your data.

PCI DSS Certification Levels

At this point, you should also know that there are different certification levels, since not all businesses process the same number of transactions. The most common is that new e-commerce businesses start with PCI DSS Level 4 Certification, as it is intended for organizations that process fewer than 20,000 online transactions per year.

The following levels are:

PCI DSS Level 1 Certification: more than 6 million transactions per year through Visa or Mastercard (more than 2.5 million if using American Express).
PCI DSS Level 2 Certification: between 1 and 6 million transactions.
PCI DSS Level 3 Certification: between 20,000 and 1 million transactions.

Ultimately, if you are considering launching an e-commerce store that accepts card payments, you will need to adapt your business to the requirements established by the PCI DSS standard, as only then will transactions be secure and you will offer confidence to your customers. If you need more information, do not hesitate to contact our specialists.