A new congressional bill titled "Data Security And Breach Notification Act of 2015" aims to increase intelligence and awareness about threats against consumer data. According to PYMNTS, the legislation is designed to enhance standards for data protection and alert entities in the private sector about new vulnerabilities as they arise.
Sponsored with bipartisan support, the bill was introduced to the Senate this month by Sen. Tom Carper (D-Delaware), and Sen. Roy Blunt, (R-Missouri) and moved successfully through the House Energy and Commerce Committee under the guidance of Republican Rep. Marsha Blackburn and Democrat Peter Welch.
One of the requirements of the bill is that businesses must inform customers within 30 days of a breach that their personal information … more
The AP report suggests that the decision came after "months of complaints" from customers that Discover hadn't yet addressed Apple Pay compatibility.
"As the mobile payments landscape matures, Discover remains committed to giving cardmembers secure options for using their cards and mobile devices," Diane Offereins, Discover's president of payment services, said in a statement. … more
For both consumers and businesses, the advent of payment systems like Apple Pay represent a new avenue of revenue and payment processing options. And while some have been quick to trumpet the turning tide in favor of mobile payment processing, adoption rates lag behind the hype.
According to PYMNTS.com, 85 percent of Apple users have yet to try the service, indicating an attachment to old payment methods. A November report by the site and InfoScout found that in November 2014, total usership among iPhone 6 owners was a mere 5 percent, which grew to 6 percent by March of this year.
"Ask most people what the state of mobile payments is today, and they'll tell you it's just kicking off," explains Alix Murphy of TechCrunch. "With Facebook announcing the option to send … more
The hotel management industry processes payments on many different fronts. From the front desk or concierge to the lobby bar, guests at hotels face many different locations and platforms to purchase goods, services and amenities. A Wells Fargo report called "Understanding the impact of a data breach on your hotel or resort" provides a log of high-profile and damaging attacks perpetrated by members of the public and hospitality employees to compromise customer payment data.
Those entities range from high-end luxury resorts to travel agencies and motel chains, indicating that hackers don't discriminate when it comes to stealing data. Moreover, it shows all participants in the hospitality industry can be susceptible to attacks if their payment processing systems aren' … more
Selecting a payment processing system can be a daunting task for business owners, especially when updating an old system. With a host of regulatory and compliance considerations to make as well as cost and convenience, a third party service provider can help decision makers find the ideal solution.
On the Small Business Trends blog, Shawn Hessinger suggested some of these common mistakes businesses make when selecting a payment processing platform:
Not getting enough fraud protection.
Over the last two years, a spate of high-profile breaches has made payment card data security chief among business leader concerns. Hessinger suggests selecting a provider that will work with your company to help alleviate the burden of fraud, from an immediate response to preventative … more
At Vantage, we routinely field questions about payment processing technology. Clients come to us every day with their queries: sometimes specific ones about their business model while others become more frequently asked. With the growing buzz surrounding EMV chip card rollout, driven in part by a frenzy to sell terminal hardware, here is one of our top EMV FAQs to date:
Question: "My business processes all credit card payments online and never sees a physical credit card because we receive this information over the phone. Is this EMV-ready terminal something that we will need to acquire?" Answer: If payments online and over the phone are the only transactions your company manages, then no, you won't need an EMV terminal. EMV is being implemented in an attempt to prevent … more
Last month, we delved into PCI compliance topics on the Vantage Viewpoint blog. What are the hurdles to staying compliant, and what are the risks to overlooking payment card security? In case you missed it, here are some of our favorite posts from March about PCI compliance.
PCI 3.0 standards expect more constant vigilance from vendors
Key takeaway: Continuous review and monitoring is written into the new PCI 3.0 standards to prevent companies from overlooking their responsibility to evaluate practices on an ongoing basis. Instead of cramming for a PCI audit, businesses are expected to integrate assessment measures into their regular operations.
Strong third party relationships can boost efficiency of response plans
Key takeaway: One of the most important facets of … more
On this blog, we discussed previews of the 2015 Verizon PCI Compliance Report from January, which suggested that fewer than one-third of merchants remained compliant between audits. According to the full report released this month, that figure could be as low as one-quarter. The firm states that 80 percent of all retailers fail interim PCI audits, leaving a sizeable majority of merchants vulnerable to cyber attacks through most of the year.
"Today's cybersecurity landscape is constantly changing," said Rodolphe Simonetti, managing director, professional services for Verizon Enterprise Solutions. "Compliance at a point in time isn't sufficient to protect data. Putting the focus on making compliance sustainable is key. It must be a part of day-to-day activities within an … more
With countless media stories about the rise of mobile payment technologies like Apple Pay, Samsung Pay and others, merchants may feel pressure to get compatible to offer customers another option for point-of-sale transactions. However, Natalie Burg of Forbes says businesses on the fence about whether or not to adopt a new platform shouldn't feel rushed to make the decision.
"Mobile technology offers many opportunities to grow consumer and merchant payments alike and for less friction in the experience for both," says Troy Leach, CTO of PCI Security Standards Council. "However, with that comes many new challenges not associated with traditional payments that all parties have come to trust."
Granted, those "traditional payments" come with challenges of their own, as evidenced by … more
Because payment cards with EMV security chips will proliferate within the market this year, experts expect that 2015 will be an active year for breaches. This is because criminals with tried-and-true methods of compromising existing POS systems will attempt to exploit the final window of time when those strategies are effective.
"It absolutely will be the worst year of fraud because criminals know we are putting bars on the windows with EMV," said Bob Letgers of Fidelity National Information Solutions. "They will exploit that channel as much as they can."
Letgers made his remarks during a panel at the Consumer Bankers Association conference in Orlando, according to the Orlando Sentinel. As the October deadline draws closer, hackers have at least six months left to … more