Mabhouh case highlights digital security threats

The Al Mabhouh killing has raised concerns about digital security in banks and financial institutions. (EB FILE)

Information released about bogus credit cards used by the gang that murdered Hamas leader Mahmoud Al Mabhouh in Dubai last month, has turned the spotlight on MetaBank, the company that issued the cards.

Experts say the new practice of outsourcing passport and visa services by European and Asian diplomatic missions in the UAE has increased the danger of digital theft. The US and UAE authorities are exchanging data about credit card accounts used by the murderers.

Details of the cards were given by Dubai Police last Wednesday along with information about a further 15 suspects and travel routes the gang used. Police said the cards were used to pay for hotel rooms and air travel and named the issuing bank as MetaBank, part of the Meta Financial Group based in Storm Lake, Iowa.

The bank declined to comment. An official said, "We are trying to confirm the accuracy of statements by the press." Investigators are trying to determine the circumstances in which the cards were issued to the suspects.

"Meta Payment Systems (MPS), a division of MetaBank which issued 14 suspicious credit cards used by those involved in the assassination, is the largest prepaid card company in the US. It has issued more than 100 million prepaid cards," said a digital security expert in the UAE, speaking on condition of anonymity.

"MPS has 2,300 prepaid card programmes in the US and controls 50 per cent of the non-bank ATM network in the US," he added. MPS is also closely associated with leading global credit

card companies and issues debit and other payment cards, banking sources told Emirates Business.

Banks, credit card companies and other businesses rely on the IT outsourcing industry and there have been occasional concerns about the vulnerability of crucial personal and financial data held by such companies.

Many of the passport and credit card owners, whose photographs have been released by Dubai Police, have denied any involvement in the killing and indications are that large-scale identity theft has been carried out by those behind the murder. Experts say the case highlights the risks of the digital age.

The managing director of a digital security company that works with UAE banks said: "It is a period of recession and it is easy to get personnel data from an employee of an outsourcing company by paying him $1,000. Many financial companies and embassies are outsourcing such crucial jobs and in the UAE most European embassies rely on private IT companies to process their visa and passport applications."

Credit card payment processing companies have been in the spotlight globally and many UAE-based bank customers have been victims of identity theft in the past.

A senior official of Gemalto Middle East, an international company that issues prepaid cards and the UAE national identity card, said most recent cases of credit card fraud in the UAE had occurred because of the widespread use of cards which store crucial encrypted data on vulnerable magnetic tape that is easy to duplicate and tamper with.

"It is difficult to use cloned or duplicate credit cards in cash machines and shops in Europe, where the EVM standard is gaining popularity. Last year, criminal gangs duplicated hundreds of credit cards and many banks had to temporarily halt international transactions using their cards. Digital security is a major concern for banks and financial institutions in the UAE," he said. Israeli spy agency Mossad is suspected of being behind Al Mabhouh's killing in a room at the Al Bustan Rotana hotel in Al Garhoud last month.

Keep up with the latest business news from the region with the Emirates Business 24|7 daily newsletter. To subscribe to the newsletter, please click here.

Comments

Comments