It’s being reported that Chinese phone maker OnePlus is investigating reports of customers’ credit card details being stolen after they made a purchase on its official website. According to a poll and discussion on OnePlus forums, at least 68 people are reporting incidences of credit card fraud they have experienced after OnePlus transactions running from very recent to more than four months ago. Robert Capps, Vice President at NuData Security commented below.
Robert Capps, Vice President at NuData Security:
“OnePlus explained that they share data over encrypted connections. However, a gap where malicious protocol can steal information before it’s encrypted was found. It is crucial for companies to review their systems and look for any gaps periodically. Companies need to remember that bad actors are well-trained individuals who will use any opportunity to steal data.
Similarly, entities who accept online payments from credit cards can devaluate these stolen credit card numbers by authenticating their customers via passive biometrics technology instead of static data only. Technology that looks at the customer behavior can’t be replicated by a third party and protects both the customer and the company.”