POS fraud - trends and counter-actions to mass fraud

This presentation by Ken Dunham (iSIGHT Partners) was delivered at VB2015 in Prague, Czech Republic.

Point-of-sale (POS) ecrime fraud was of little discussion until the fall of 2013. Since that time a large number of retail stores in the US have announced major breaches. The number of infected organizations is in the thousands, with credit card breaches reaching new heights. Some fraudsters have even captured PIN values associated with credit cards. In some incidents, POS fraud took place on networks for months prior to companies realizing they had a security breach. In multiple cases it took weeks to properly identify and mitigate sophisticated POS malware from compromised networks.

POS fraud didn't start in 2013 but many years prior. Just as has been seen in other emergent markets, including botnets and rootkits, POS fraud is now reaching an apex of emergence for maximum profits. A new industry group has been formed to help battle POS fraud, but will it help? Major credit card companies in the US have stated they are moving to 'chip-and-PIN' technology, but will it stop fraud? How have fraudsters already adjusted to counter-ecrime efforts seen globally as POS fraud has emerged and how does that paint a picture of what will happen in the next five years for POS fraud?