IT Times, Wang Xin
CUP network failure caused by Shanghai and Guangzhou both POS credit card machine can not
experts recommended the establishment of accountability mechanisms study, the introduction of payment standard
News playback
1 22 4 around 10 minutes, a number of shops in Shanghai CUP POS machine failure, leading to customer credit card payments can not be normal, lasted about half an hour . Parkson, Spring Paris, Ikea and other well-known large retail shopping centers in Shanghai are affected, many credit card customers had to give up and go after the withdrawal side of the ATM machines pay. There also appears CUP failed businesses in Guangdong Province.
CUP said in a statement then, because the communication error, Shanghai, Guangdong, part of the merchants accepting POS transactions affected by the intermittent, CUP and adopt effective measures, and soon returned to normal, this CUP aspects . To press time of this writing, China Union Pay has not yet published on the official website of the situation on the failure of specific instructions and apologize to the content of CUP card users.
back in time to 2006, at 10:56 on April 20 to 17:30, the sudden failure of system, China Union Pay, Beijing, Shanghai, Hangzhou and other cities have appeared unable to withdraw money, POS Machine not consumption, etc., are subject to a serious global impact CUP payment system. After a lapse of five years, the recurrence of large-scale CUP network paralysis, this time we can not help but ask, to date, CUP's system is not more secure? Why is there still such a national problem?
current guests
Li Long (pseudonym), financial information, security experts
Chou Jun-policy management consulting is strategic partner
Yunting Shanghai Big Bang law firm
1 22 afternoon, CUP system failure, resulting in both Shanghai and Guangzhou not credit card POS machines, duration of half an hour.
which forced people to think of April 2006, CUP 7 hours continuous system failures, radiation magnitude of at least 340,000 merchants worldwide and 6 million ATM machines. Although nowhere near the failures of 2006, but as the most authoritative and most secure, most important national platform for financial transactions based on the recurrence of the problem, it is the consumers worried.
failure time should be controlled in milliseconds
2006 occurred in a fault, the accident CUP reason given is Times This time, the CUP again gives
Lee Yong: I understand the reasons for this failure is not the CUP system from outside attacks, the main cause is the trading volume caused by network congestion. CUP areas and systems in response to unexpected traffic backups, there are still room for improvement, although the cause of the malfunction and the formation of the different 5 years ago, but if the work of CUP can do disaster recovery would not find such a long time off network, two failures in common is not achieved after problems were quickly back up, cause significant impact to the user.
In fact, in the financial and communication systems, will be particularly important to optimize the communication lines and a Users will not have the basic sense.
VISA CUP is more than safe?
from birth to growth, the basic reference CUP bank card organizations, VISA International's existing model, and stability in the system, VISA in Japan, the United Kingdom and the United States a total of four global backup center, four backup center for technical reasons has been sufficient to meet the emerging issues, and even earthquakes and other transaction time is minimal.
then, CUP's system really that bad?
Li Long: Not necessarily, the financial IT system security is a global issue. VISA system that had failed earlier, reveal a large number of user passwords, and the recent hacking of its official website has been compromised. 100% of the world is not safe, the absolute safety of the financial system does not exist. IT system platform built on top of the financial transactions have been filled with a lot of variables, due to the vulnerability of IT systems, there are risks to our financial business transactions possible.
Chou: CUP recent years invested heavily in system security, industry and technology have matured, the national financial environment healthy. Currently, the CUP level of security and stability of the system is one of the highest in the country, many banks and third party security level of the financial system are not as CUP. However, compared to the United States and other developed countries, and technology in the security level there is certainly much distance, even if the same technology, there are some gaps in implementation.
banks, merchants silent resentment
CUP system failure, was caused consumers and businesses in the multi-loss, but no mention was always the issue of compensation, 5 years ago that, after 5 years or so, this very sensitive topic is always untouched.
Yunting: The Accident Compensation is very complex, involving consumers, merchants, banks, and telecom operators CUP 5 aspects. Unless the failure by the Although the loss is more complex and difficult recognized, it is clear that business as POS machine
while the consumers, if not a cause for credit card shopping fails, then the loss will be difficult to identify, except a very few cases. Patients waiting for surgery such as credit card to pay for surgery because of delays caused by CUP failure and lead to significant adverse consequences.
However, despite the existence of operational losses identified, but the CUP and telecom operators are monopoly enterprises and industries, businesses can not claim to the bank, the bank did not dare rights to the CUP, and so inter-related , will no longer stand was quiet.
human factor is key
all of the financial system failure is on the authority of the financial system so that consumers more than a layer of worry and doubt. To prevent such incidents, financial institutions, what can do?
Li Long: For the CUP and other financial institutions, internal disaster recovery and optimize should always exercise, I usually only training, failure to promptly resolve, to avoid the problem of proliferation of a large area, presumably this CUP not enough homework to do. For example, Bank of China to no knowledge of their own systems under simulated attack exercises to test the security of their systems, a similar approach can also learn from CUP.
Chou: In addition to a complete hardware and software systems, improve service levels, the human factor is very important. CUP and other enterprises should be prepared to risk management, improve the operational mechanism, strict control node of each sub-control, to eliminate the possibility of failure of man-made factors, the most terrible acts is based on fraud for profit, the resulting chain reaction will social cause significant adverse effects.
Yunting: CUP internal accountability mechanisms should be established to improve the research, start the accountability process in order to pay attention and reflection. The competent units, the proposed central bank, the introduction of the Ministry of Industry and other appropriate payment standard, and carriers of the CUP due to accidents were evidence-based sanctions, so as to bound the behavior of monopolies.
No comments:
Post a Comment