by Ty Hardison

Marriott franchise hit by another string of breaches

Many of the Marriott Hotel locations whose credit processing systems were compromised in 2013 experienced a similar breach in the second half of last year.

Many of the Marriott Hotel locations whose credit processing systems were compromised in 2013 experienced a similar breach in the second half of last year. After several banks and credit institutions investigated incidents of fraud on credit and debit accounts, investigative reporter Brian Krebs followed the payments to the series of hotels, 14 in total. 

The locations in question are run by franchise operator White Lodging Services, and the breach was traced to hacked point of sale systems. The compromises mostly occurred at restaurants and bars at the hotels, between September 2014 and January 2015, according to Jeff Goldman at eSecurity Planet. 

"We recently were made aware of the possibility of unusual credit card transactions at a number of hotels operated by one of our … more

New "Ghost" vulnerability prompts warning from Homeland Security Department

A new vulnerability called

A new vulnerability called "Ghost" has emerged as a threat to computer systems, cautions PCI Security Standards. The United States Department of Homeland Security has issued a warning to users of Linux GNU C Library operating versions prior to 2.18. By remotely executing a code, hackers can take control of a system to install malware, manipulate files and carry out other illegal activities with stolen credentials, reports Mobile Payments Today. 

The warning was released through the United States Computer Emergency Readiness Team, and PCI Security Standards Council made suggestions for companies to protect their secure payment card data in light of the new threat:

First, companies should work with IT departments to find systems, servers and pieces of hardware that run a targeted … more

Less than one-third of retailers remain compliant between audits

According to Verizon's 2015 PCI Report, only 28.6 percent of retailers remain compliant with PCI standards in the periods between audits.

Businesses that use credit card merchant services are held to PCI compliance standards, but many of them only do the legwork in advance of an audit. With the spate of headline-grabbing breaches, it's easy to see why this is bad business practice. According to Verizon's 2015 PCI Report, only 28.6 percent of retailers remain compliant with PCI standards in the periods between audits. This means that some companies are keeping up with standards imposed on credit card security for only a brief window of time, leaving them open to vulnerabilities for the remainder of the year. 

"We see compliance going down day by day, month by month, after the assessment," said Rodolphe Simonetti, managing director for Verizon's compliance consulting. "Compliance is supposed to be … more

Supreme Court denies merchants' petition for lower debit card processing fees

The Supreme Court opted to dismiss a merchant petition calling for the court to reconsider the debit card swipe fees set by the Fed.

In 2011, the Federal Reserve was accused of ignoring the Durbin Amendment to the 2010 Dodd-Frank Act when it established a debit card swiping fee of 21 cents per transaction, a cap that they claimed was allowed by the amendment's ambiguous language. On the other side of that debate, merchants argued that that cap was far beyond what was originally intended by Dodd-Frank, with a U.S. district court ruling in their favor in the summer of 2013. But as we shared with you last year, that ruling was then overturned by an appellate court, stating the legislation, albeit "poorly drafted," still entitled the Fed to the merchant interchange fees it had set for debit card swipes

That setback prompted merchants to file a petition with the U.S. Supreme Court, arguing the high court to take up its … more

Global mobile payments to surpass $130 billion by 2020

NFC-based mobile payments are growing in popularity.

Technologies such as Apple Pay are driving increased adoption of NFC-based mobile payments, and the industry is expected to grow significantly over the course of the next few years. According to a report from Strategy Analytics, the NFC mobile payment market will exceed $130 billion by 2020. 

This is encouraging news for an industry that took longer than initially expected to get off the ground. For years, there was talk that Apple's iPhone would contain the NFC technology needed to facilitate mobile payments at retail stores and restaurants, but it was only this year when the iPhone 6 and iPhone 6 Plus came out that the technology was finally included in the popular line of smartphones. Now that NFC is becoming more mainstream, it's expected to only grow exponentially over … more

Google sues MasterCard, Visa for allegedly high merchant interchange fees

Visa and MasterCard are being sued by Google for charging excessively high merchant interchange rates.

Google has slammed MasterCard and Visa with a new federal lawsuit, accusing the credit card companies of excessively high and "supracompetitive" merchant interchange fees.

The complaint alleges that from January 1, 2004, to November 28, 2012, Google was forced to pay a merchant interchange rate considerably higher than "what a competitive market would allow" whenever it accepted payments from MasterCard or Visa cardholders. The tech giant accuses the credit card providers of violating Section 1 of the Sherman Act with its merchant service rates.

A class action lawsuit had previously been filed against both MasterCard and Visa over debit and credit card merchant fees. That case ended with a settlement of $7.25 billion that was then divided up among the plaintiffs who were forced to pay … more

January marks the start of PCI version 3.0

Companies that rely on credit card merchant services must be compliant with a new set of Payment Card Industry Data Security Standards in 2015.

Companies that rely on credit card merchant services must be compliant with a new set of Payment Card Industry Data Security Standards in 2015. Effective this month, version 3.0 will replace the previous set of standards, in an effort to enhance security and protect personal data for consumers. 

PCI updates its standards every three years, as advances in technology and new vulnerabilities emerge, to make the industry more airtight to breaches. Experts say that while becoming compliant with new PCI directives might cause headaches in the short term, it will benefit companies and their customers in the long run. 

"It's also a response to events that have taken place since the last DSS version, like the numerous security breaches and mass credit card data thefts that … more

How will merchants balance acceptance and costs in 2015?

Processing mobile payments may be more important than keeping fees to a minimum.

As merchants look ahead to a new year, now is the time to project how their role will evolve in 2015 and beyond. Technology will continue to advance well into the new year, which will provide merchants with opportunities to process payments in new and innovative ways. Of course, not every merchant is on board with new payment methods that utilize different tools like mobile phones and tablets, but increased adoption is going to be a major story in 2015. In fact, one publication has gone as far as saying this will be the most pressing issue in the merchant community next year, and it may result in other needs taking a back seat.

There is nothing more frustrating as a consumer than getting to the front of the checkout line only to realize they do not accept your preferred method of … more

Tablet POS solutions to play a big role in payments industry in 2015

The cloud is changing tablet POS technology.

As the year winds down, payment systems professionals have begun looking at what 2015 will bring for the industry. The consensus is that technological advancements will push what were innovative niche systems to the mainstream. Tablet POS systems are one of these technologies, and given the advancements in hardware and software required to make these tools work, more companies will find it easier to adopt them into their payments infrastructure in the new year. spoke about the ways payments technologies will emerge in the coming year with a number of industry professionals who believe tablet POS systems will not only become mainstream, but that organizations will increasingly use modern technologies like the cloud to facilitate tablet POS … more

Top five factors impacting a merchant's effective real rate to accept card payments

A number of factors can influence your effective real rate.

Understanding your effective real rate is the key to identifying the most cost-effective payment services provider. Your effective real rate measures the total cost of all processing fees and can be calculated by dividing the total merchant charges and fees over a given amount of time by the total bank card sales volume over that same amount of time. The only way to ensure you have the best effective real rate is to understand what factors into determining this rate.

Here are the top five factors impacting real rate:

Your industry: Merchants have different real rates depending on their industry. For example, retail, hospitality, education, the restaurant industry and B2B sales all have different real rates. 

Card types accepted: There are a growing number of card types in the … more