by Ty Hardison

Target to pay $19 million settlement following breach

This month, it was announced that Target will pay as much as $19 million to MasterCard and banks to address losses sustained by customers.

The last year has been rocky for payment card security. With a spate of high-profile breaches in the retail industry, corporations face costly settlements to rectify the damage caused by compromised payment card data. This month, it was announced that Target will pay as much as $19 million to MasterCard and banks to address losses sustained by customers. 

"Under the agreement, Target will make available up to $19 million in alternative recovery offers to eligible banks and credit unions across the globe," MasterCard said in a statement. "These funds will settle their claims for operational costs and fraud-related losses on MasterCard-branded cards believed by MasterCard to have been affected by the data breach."

While the money will have a restorative effect for individuals and … more

Banking industry leaders endorse new cybersecurity bill

A new congressional bill titled

A new congressional bill titled "Data Security And Breach Notification Act of 2015" aims to increase intelligence and awareness about threats against consumer data. According to PYMNTS, the legislation is designed to enhance standards for data protection and alert entities in the private sector about new vulnerabilities as they arise.

Sponsored with bipartisan support, the bill was introduced to the Senate this month by Sen. Tom Carper (D-Delaware), and Sen. Roy Blunt, (R-Missouri) and moved successfully through the House Energy and Commerce Committee under the guidance of Republican Rep. Marsha Blackburn and Democrat Peter Welch.

One of the requirements of the bill is that businesses must inform customers within 30 days of a breach that their personal information … more

Discover partners with Apple Pay

In order for a new payment platform to take off, it requires the support of merchants and credit card companies. If neither gets behind the new technology, it will have little hope of success. That's why the news this week that Discover will partner with Apple Pay is so important: According to the Associated Press, now all major credit card providers are on board with Apple's mobile payment system. 

The AP report suggests that the decision came after "months of complaints" from customers that Discover hadn't yet addressed Apple Pay compatibility. 

"As the mobile payments landscape matures, Discover remains committed to giving cardmembers secure options for using their cards and mobile devices," Diane Offereins, Discover's president of payment services, said in a statement. … more

85 percent of Apple users haven't tried Apple Pay

For both consumers and businesses, the advent of payment systems like Apple Pay represent a new avenue of revenue and payment processing options.

For both consumers and businesses, the advent of payment systems like Apple Pay represent a new avenue of revenue and payment processing options. And while some have been quick to trumpet the turning tide in favor of mobile payment processing, adoption rates lag behind the hype. 

According to PYMNTS.com, 85 percent of Apple users have yet to try the service, indicating an attachment to old payment methods. A November report by the site and InfoScout found that in November 2014, total usership among iPhone 6 owners was a mere 5 percent, which grew to 6 percent by March of this year. 

"Ask most people what the state of mobile payments is today, and they'll tell you it's just kicking off," explains Alix Murphy of TechCrunch. "With Facebook announcing the option to send … more

Hospitality industry routinely the target of breaches

hotels at any price point or clientele can be susceptible to attacks if their payment processing systems aren't up-to-date, continuously monitored and compliant.

The hotel management industry processes payments on many different fronts. From the front desk or concierge to the lobby bar, guests at hotels face many different locations and platforms to purchase goods, services and amenities. A Wells Fargo report called "Understanding the impact of a data breach on your hotel or resort" provides a log of high-profile and damaging attacks perpetrated by members of the public and hospitality employees to compromise customer payment data. 

Those entities range from high-end luxury resorts to travel agencies and motel chains, indicating that hackers don't discriminate when it comes to stealing data. Moreover, it shows all participants in the hospitality industry can be susceptible to attacks if their payment processing systems aren' … more

3 mistakes when selecting a payment processor

Selecting a payment processing system can be a daunting task for business owners, especially when updating an old system.

Selecting a payment processing system can be a daunting task for business owners, especially when updating an old system. With a host of regulatory and compliance considerations to make as well as cost and convenience, a third party service provider can help decision makers find the ideal solution.

On the Small Business Trends blog, Shawn Hessinger suggested some of these common mistakes businesses make when selecting a payment processing platform:

Not getting enough fraud protection. 

Over the last two years, a spate of high-profile breaches has made payment card data security chief among business leader concerns. Hessinger suggests selecting a provider that will work with your company to help alleviate the burden of fraud, from an immediate response to preventative … more

Not all businesses require EMV terminals: Does yours?

Do I need an EMV terminal for phone and online transactions?

At Vantage, we routinely field questions about payment processing technology. Clients come to us every day with their queries: sometimes specific ones about their business model while others become more frequently asked. With the growing buzz surrounding EMV chip card rollout, driven in part by a frenzy to sell terminal hardware, here is one of our top EMV FAQs to date:

Question: "My business processes all credit card payments online and never sees a physical credit card because we receive this information over the phone.  Is this EMV-ready terminal something that we will need to acquire?" Answer: If payments online and over the phone are the only transactions your company manages, then no, you won't need an EMV terminal. EMV is being implemented in an attempt to prevent … more

March blog roundup: PCI compliance strategies

In case you missed it (ICYMI), here's a roundup of some of our favorite Vantage Viewpoint blog entries from the last month.

Last month, we delved into PCI compliance topics on the Vantage Viewpoint blog. What are the hurdles to staying compliant, and what are the risks to overlooking payment card security? In case you missed it, here are some of our favorite posts from March about PCI compliance. 

PCI 3.0 standards expect more constant vigilance from vendors

Key takeaway: Continuous review and monitoring is written into the new PCI 3.0 standards to prevent companies from overlooking their responsibility to evaluate practices on an ongoing basis. Instead of cramming for a PCI audit, businesses are expected to integrate assessment measures into their regular operations.

Strong third party relationships can boost efficiency of response plans

Key takeaway: One of the most important facets of … more

Verizon: 80 percent of merchants fail interim PCI assessments

According to Verizon, 80 percent of merchants fail interim PCI compliance assessments.

On this blog, we discussed previews of the 2015 Verizon PCI Compliance Report from January, which suggested that fewer than one-third of merchants remained compliant between audits. According to the full report released this month, that figure could be as low as one-quarter. The firm states that 80 percent of all retailers fail interim PCI audits, leaving a sizeable majority of merchants vulnerable to cyber attacks through most of the year. 

"Today's cybersecurity landscape is constantly changing," said Rodolphe Simonetti, managing director, professional services for Verizon Enterprise Solutions. "Compliance at a point in time isn't sufficient to protect data. Putting the focus on making compliance sustainable is key. It must be a part of day-to-day activities within an … more

For mobile payment platforms, merchants shouldn't feel rushed

Merchants shouldn't feel rushed to get compatible with mobile payment platforms.

With countless media stories about the rise of mobile payment technologies like Apple Pay, Samsung Pay and others, merchants may feel pressure to get compatible to offer customers another option for point-of-sale transactions. However, Natalie Burg of Forbes says businesses on the fence about whether or not to adopt a new platform shouldn't feel rushed to make the decision. 

"Mobile technology offers many opportunities to grow consumer and merchant payments alike and for less friction in the experience for both," says Troy Leach, CTO of PCI Security Standards Council. "However, with that comes many new challenges not associated with traditional payments that all parties have come to trust."

Granted, those "traditional payments" come with challenges of their own, as evidenced by … more