This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

CSIT Summit: Visa Europe say 'right to be forgotten' law cannot work

Share this article:

User expectation on mobile payments and privacy needs to be realistic, until a solution emerges.

Speaking at the Centre for Secure Information Technologies (CSIT) conference in Belfast, Colin Whittaker, vice president of payment system risk at Visa Europe, criticised proposed changes to the European Data Protection Directive as he said that 'the industry is not ready to be forgotten', and he complimented the Information Commissioner's Office (ICO) on their response.

He said: “The point is that to make something secure, you need one technology to close it down and make it secure, and the other problem is that users want to do more with their technology and they are missing the point. We need to balance both sides of the ecosystem.

“We keep data to manage trends and we need it to meet our obligations for law enforcement and can use encryption and tokenisation to do it in an efficient manner. The proposed directive changes say what the expectations are on privacy and anonymity and and we are clear on when we need that data and we need direction on data.”

Whittaker also talked about the challenge of modern payments for Visa Europe, especially as mobile devices become more prevalent. He said that most threats at the moment are to do with secure web design, vulnerabilities and multiple platforms with the expansion of mobile and tablet devices.

He said: “We want to accept payments via mobile as users have the expectation to do so and we need to facilitate that and accept that there are vulnerable applications. What we want to do is avoid using PIN numbers and cards on a mobile device, it is not sensible. There was a suggestion that a user could take a photo of their card and submit it, I said that is not a good idea!

“We have got to find a strong way to connect the mobile, secure the data and send it and trying to avoid a solution that does anything stupid. We are trying to promote a way with mobile that avoids additional accessories around and the risk that they provide.”

Whittaker said that the biggest challenge is user expectation, and there needs to be a way to educate politicians 'as society debates this and we want to do everything we can with the technology we are given'.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Police investigating after hacker steals 500,000 records from cosmetic surgery practice

Police investigating after hacker steals 500,000 records from ...

An unidentified hacker was able to access and exfiltrate almost half a million records on potential cosmetic surgery patients, it has been revealed.

Insider data thieves get away "scot free"

Insider data thieves get away "scot free"

Controls on access to data by both staff and ex-staff are lax, and even when caught, insiders stealing data get away 'scot-free' says new survey.

Government slated as Mumsnet becomes first UK Heartbleed victim

Government slated as Mumsnet becomes first UK Heartbleed ...

The Government's reaction to the 'Heartbleed' flaw has been criticised after the Mumsnet parenting site became the UK's first known victim of Heartbleed hackers.