Archives / 2015 / April
  • Most merchants say high-profile breaches have served as wake-up call

    Although a significant number of merchants have been proactive about reviewing their payment security strategies, 69 percent is far from 100 percent.

    After a year of high profile breaches, some might assume that merchants are on high alert about payment card security. And while a majority say that the spate of compromises has caused them to think seriously about the issue, about 30 percent say the media attention has had little effect on their approach to data protection. 

    On this blog, we just discussed the findings of "Data Security in the Evolving Payments Ecosystem," a report by Experian and the Ponemon Institute. One of the study's areas of focus was on the response from merchants in relation to breaches at companies like Target, Home Depot and Michaels.

    "Sixty-nine percent said highly publicized data breaches did increase their awareness about securing their payment processes," summarizes Roy Urrico of Payment Union … more

  • Study shows merchants value convenience over security

    Despite the hype that surrounds new payment methods, the most important aspect of data security is doing what you do, well.

    It seems that each week there's a new payment method on the market. Whether it's the launch of a new mobile payment platform or the looming October deadline for EMV migration, merchants may feel a sense of urgency to implement systems that give their customers a variety of options for purchases. However, a new study by Dublin, Ireland-based Experian and the Michigan-based Ponemon Institute found that retailers may need to realign their priorities when it comes to new payment platforms. 

    "While risk and security concerns loom, large and new technologies are being deployed because they offer vastly improved customer convenience. Throughout our study, we found a large percentage of companies are likely to keep moving forward with deployment of new technologies … more

  • Are retail storefronts primed for a comeback?

    physical retail spaces have their own array of advantages when it comes to delivering on value propositions.

    Much has been written about the threat that ecommerce sites pose to brick-and-mortar retail operations. However, some experts say the tide may be shifting in favor of traditional storefront retailers. 

    This led Karen Webster of PYMNTS to ask the question: "Is physical retail a threat to Amazon?"

    "Amazon is largely correct that consumers are driven by convenience, selection and price. But in a connected device world, those words now mean different things," she writes in an op-ed. "And the combination of smart devices and technology is helping retailers large and small and on and offline respond to how consumers now interpret what it means to deliver 'convenience.'"

    This is to say that physical retail spaces have their own advantages when it comes to delivering on value … more

  • Target to pay $19 million settlement following breach

    This month, it was announced that Target will pay as much as $19 million to MasterCard and banks to address losses sustained by customers.

    The last year has been rocky for payment card security. With a spate of high-profile breaches in the retail industry, corporations face costly settlements to rectify the damage caused by compromised payment card data. This month, it was announced that Target will pay as much as $19 million to MasterCard and banks to address losses sustained by customers. 

    "Under the agreement, Target will make available up to $19 million in alternative recovery offers to eligible banks and credit unions across the globe," MasterCard said in a statement. "These funds will settle their claims for operational costs and fraud-related losses on MasterCard-branded cards believed by MasterCard to have been affected by the data breach."

    While the money will have a restorative effect for individuals and … more

  • Banking industry leaders endorse new cybersecurity bill

    A new congressional bill titled

    A new congressional bill titled "Data Security And Breach Notification Act of 2015" aims to increase intelligence and awareness about threats against consumer data. According to PYMNTS, the legislation is designed to enhance standards for data protection and alert entities in the private sector about new vulnerabilities as they arise.

    Sponsored with bipartisan support, the bill was introduced to the Senate this month by Sen. Tom Carper (D-Delaware), and Sen. Roy Blunt, (R-Missouri) and moved successfully through the House Energy and Commerce Committee under the guidance of Republican Rep. Marsha Blackburn and Democrat Peter Welch.

    One of the requirements of the bill is that businesses must inform customers within 30 days of a breach that their personal information … more

  • Discover partners with Apple Pay

    In order for a new payment platform to take off, it requires the support of merchants and credit card companies. If neither gets behind the new technology, it will have little hope of success. That's why the news this week that Discover will partner with Apple Pay is so important: According to the Associated Press, now all major credit card providers are on board with Apple's mobile payment system. 

    The AP report suggests that the decision came after "months of complaints" from customers that Discover hadn't yet addressed Apple Pay compatibility. 

    "As the mobile payments landscape matures, Discover remains committed to giving cardmembers secure options for using their cards and mobile devices," Diane Offereins, Discover's president of payment services, said in a statement. … more

  • 85 percent of Apple users haven't tried Apple Pay

    For both consumers and businesses, the advent of payment systems like Apple Pay represent a new avenue of revenue and payment processing options.

    For both consumers and businesses, the advent of payment systems like Apple Pay represent a new avenue of revenue and payment processing options. And while some have been quick to trumpet the turning tide in favor of mobile payment processing, adoption rates lag behind the hype. 

    According to, 85 percent of Apple users have yet to try the service, indicating an attachment to old payment methods. A November report by the site and InfoScout found that in November 2014, total usership among iPhone 6 owners was a mere 5 percent, which grew to 6 percent by March of this year. 

    "Ask most people what the state of mobile payments is today, and they'll tell you it's just kicking off," explains Alix Murphy of TechCrunch. "With Facebook announcing the option to send … more

  • Hospitality industry routinely the target of breaches

    hotels at any price point or clientele can be susceptible to attacks if their payment processing systems aren't up-to-date, continuously monitored and compliant.

    The hotel management industry processes payments on many different fronts. From the front desk or concierge to the lobby bar, guests at hotels face many different locations and platforms to purchase goods, services and amenities. A Wells Fargo report called "Understanding the impact of a data breach on your hotel or resort" provides a log of high-profile and damaging attacks perpetrated by members of the public and hospitality employees to compromise customer payment data. 

    Those entities range from high-end luxury resorts to travel agencies and motel chains, indicating that hackers don't discriminate when it comes to stealing data. Moreover, it shows all participants in the hospitality industry can be susceptible to attacks if their payment processing systems aren' … more

  • 3 mistakes when selecting a payment processor

    Selecting a payment processing system can be a daunting task for business owners, especially when updating an old system.

    Selecting a payment processing system can be a daunting task for business owners, especially when updating an old system. With a host of regulatory and compliance considerations to make as well as cost and convenience, a third party service provider can help decision makers find the ideal solution.

    On the Small Business Trends blog, Shawn Hessinger suggested some of these common mistakes businesses make when selecting a payment processing platform:

    Not getting enough fraud protection. 

    Over the last two years, a spate of high-profile breaches has made payment card data security chief among business leader concerns. Hessinger suggests selecting a provider that will work with your company to help alleviate the burden of fraud, from an immediate response to preventative … more

  • Not all businesses require EMV terminals: Does yours?

    Do I need an EMV terminal for phone and online transactions?

    At Vantage, we routinely field questions about payment processing technology. Clients come to us every day with their queries: sometimes specific ones about their business model while others become more frequently asked. With the growing buzz surrounding EMV chip card rollout, driven in part by a frenzy to sell terminal hardware, here is one of our top EMV FAQs to date:

    Question: "My business processes all credit card payments online and never sees a physical credit card because we receive this information over the phone.  Is this EMV-ready terminal something that we will need to acquire?" Answer: If payments online and over the phone are the only transactions your company manages, then no, you won't need an EMV terminal. EMV is being implemented in an attempt to prevent … more

  • March blog roundup: PCI compliance strategies

    In case you missed it (ICYMI), here's a roundup of some of our favorite Vantage Viewpoint blog entries from the last month.

    Last month, we delved into PCI compliance topics on the Vantage Viewpoint blog. What are the hurdles to staying compliant, and what are the risks to overlooking payment card security? In case you missed it, here are some of our favorite posts from March about PCI compliance. 

    PCI 3.0 standards expect more constant vigilance from vendors

    Key takeaway: Continuous review and monitoring is written into the new PCI 3.0 standards to prevent companies from overlooking their responsibility to evaluate practices on an ongoing basis. Instead of cramming for a PCI audit, businesses are expected to integrate assessment measures into their regular operations.

    Strong third party relationships can boost efficiency of response plans

    Key takeaway: One of the most important facets of … more

  • Verizon: 80 percent of merchants fail interim PCI assessments

    According to Verizon, 80 percent of merchants fail interim PCI compliance assessments.

    On this blog, we discussed previews of the 2015 Verizon PCI Compliance Report from January, which suggested that fewer than one-third of merchants remained compliant between audits. According to the full report released this month, that figure could be as low as one-quarter. The firm states that 80 percent of all retailers fail interim PCI audits, leaving a sizeable majority of merchants vulnerable to cyber attacks through most of the year. 

    "Today's cybersecurity landscape is constantly changing," said Rodolphe Simonetti, managing director, professional services for Verizon Enterprise Solutions. "Compliance at a point in time isn't sufficient to protect data. Putting the focus on making compliance sustainable is key. It must be a part of day-to-day activities within an … more

  • For mobile payment platforms, merchants shouldn't feel rushed

    Merchants shouldn't feel rushed to get compatible with mobile payment platforms.

    With countless media stories about the rise of mobile payment technologies like Apple Pay, Samsung Pay and others, merchants may feel pressure to get compatible to offer customers another option for point-of-sale transactions. However, Natalie Burg of Forbes says businesses on the fence about whether or not to adopt a new platform shouldn't feel rushed to make the decision. 

    "Mobile technology offers many opportunities to grow consumer and merchant payments alike and for less friction in the experience for both," says Troy Leach, CTO of PCI Security Standards Council. "However, with that comes many new challenges not associated with traditional payments that all parties have come to trust."

    Granted, those "traditional payments" come with challenges of their own, as evidenced by … more

by Ty Hardison

Share this Post

Share to Facebook Share to Twitter Share to Google+ Share to LinkedIn More...

See Your Merchant
Interchange Rates