The stated mission of US payment kiosk vendor Avanti Markets is ‘to fundamentally transform the unattended retail market experience through innovative thinking, the use of technology and great customer service’. Unfortunately, these fine principles have been somewhat undermined by a malware breach that has placed its customers’ personal data, payment cards and even their biometrics at risk.
Avanti has moved forward quickly to limit damage by calling in the FBI, blocking payment processing, cleansing machines and offering customers credit monitoring. It looks as if the attackers used PoSeidon malware to harvest the crop of personal data.
While all consumers like the idea of being served and charged swiftly and efficiently, they are unlikely to be happy about any threat to the security of their biometric data – whether retinal, fingerprint, voice or any other physical characteristic. This trend towards more uniquely identifying personal data is arguably placing convenience over safety – particularly if the data is used to authenticate access to private information.