Contents tagged with PCI and Data Protection News

  • What to do if your restaurant's system is compromised

    September 10, 2015
    Here is what you do if your restaurant's system is compromised.

    Though your restaurant may serve excellent meals and provide the best customer service in the city, if you run into trouble with credit card fraud, your valuable business will be driven quickly away. Trustwave, a global payment card security consultant, conducted a recent study where they discovered that nine out of 10 incidents in which cardholder data was compromised occurred at small merchants. Of these, 52 percent were in the food service industry. Surprisingly enough, more than twice as many of these fraud attacks occurred as a result of card-present transactions rather than online sales. 

    Some of the reasons for certain security breaches occurring include operating on an unsecured internet network or using non-compliant, point of sale (POS) software, which … more

  • Staying PCI compliant

    September 10, 2015
    Maintaining PCI compliance is required for businesses that accept credit card payments.

    When the Payment Card Industry Security Standards Council (PCI SSC) was formed in 2006 to better oversee the changes in PCI security standards, it was commissioned to discover ways to continually improve payment account security. Within this framework, the PCI Data Security Standard (PCI DSS) contains the requirements all companies must adhere to to securely store, transmit or process customers credit card data.

    Achieving this compliance can be challenging for many businesses.Yet, if your business does not follow basic security steps outlined in PCI DSS, weaknesses can be exploited and enable fraudulent access to cardholders' credit card data, according to PCI Compliance Guide. 

    If your business accepts credit card payments, you are … more

  • Hospitality industry routinely the target of breaches

    April 23, 2015
    hotels at any price point or clientele can be susceptible to attacks if their payment processing systems aren't up-to-date, continuously monitored and compliant.

    The hotel management industry processes payments on many different fronts. From the front desk or concierge to the lobby bar, guests at hotels face many different locations and platforms to purchase goods, services and amenities. A Wells Fargo report called "Understanding the impact of a data breach on your hotel or resort" provides a log of high-profile and damaging attacks perpetrated by members of the public and hospitality employees to compromise customer payment data. 

    Those entities range from high-end luxury resorts to travel agencies and motel chains, indicating that hackers don't discriminate when it comes to stealing data. Moreover, it shows all participants in the hospitality industry can be susceptible to attacks if their payment processing systems aren' … more

  • March blog roundup: PCI compliance strategies

    April 05, 2015
    In case you missed it (ICYMI), here's a roundup of some of our favorite Vantage Viewpoint blog entries from the last month.

    Last month, we delved into PCI compliance topics on the Vantage Viewpoint blog. What are the hurdles to staying compliant, and what are the risks to overlooking payment card security? In case you missed it, here are some of our favorite posts from March about PCI compliance. 

    PCI 3.0 standards expect more constant vigilance from vendors

    Key takeaway: Continuous review and monitoring is written into the new PCI 3.0 standards to prevent companies from overlooking their responsibility to evaluate practices on an ongoing basis. Instead of cramming for a PCI audit, businesses are expected to integrate assessment measures into their regular operations.

    Strong third party relationships can boost efficiency of response plans

    Key takeaway: One of the most important facets of … more

  • Experts predict active year of breaches ahead of EMV deadline

    March 27, 2015
    Because payment cards with EMV security chips will proliferate the market this year, experts expect that 2015 will be an active year for breaches.

    Because payment cards with EMV security chips will proliferate within the market this year, experts expect that 2015 will be an active year for breaches. This is because criminals with tried-and-true methods of compromising existing POS systems will attempt to exploit the final window of time when those strategies are effective. 

    "It absolutely will be the worst year of fraud because criminals know we are putting bars on the windows with EMV," said Bob Letgers of Fidelity National Information Solutions. "They will exploit that channel as much as they can."

    Letgers made his remarks during a panel at the Consumer Bankers Association conference in Orlando, according to the Orlando Sentinel. As the October deadline draws closer, hackers have at least six months left to … more

  • Verizon study shows PCI compliance is improving

    March 24, 2015
    A new study by Verizon posts a more encouraging outlook on the state of compliance.

    As payment card standards evolve, surveys have been conducted to gauge the level of seriousness merchants pay to remaining compliant with PCI requirements. On this blog, we discussed the troubling statistic that fewer than one-third of businesses remain compliant between PCI audits. A new study by Verizon posts a more encouraging outlook on the state of compliance, however, as it found that the total number of compliant organizations rose by 20 percent last year. 

    The shift may be due to two primary reasons. First, with new standards in place this year, PCI compliance is factoring more prominently into the conversation about payment card security. On the other hand, a spate of high-profile breaches has positioned security practices as an important risk reduction measure. The … more