04/02/2010 -
Few other companies have been burned in payment processing security like Heartland Payment Systems has. So what do the security initiatives look like from a company whose stakes are so high? They are extensive, for one. Heartland CIO Steven Elefant told TechNewsWorld in a recent interview that, since the company's security breach in December 2008, the company has implemented end-to-end encryption, a version that is more extensive than the simple point-to-point encryption many people refer to when discussing end-to-end encryption.
"There's never a time outside a hardware security module that there's clear text information exposed anywhere throughout the process," he told the news provider. "That's a radical new way to do things in the credit card industry - up to now, everything has been sent in clear text."
Other security initiatives include dynamic data authentication, post-processing tokenization, and live log tracking.
The Heartland breach, which was said to be caused by SQL injection, is expected to have compromised the payment processing data of as many as 130 million credit and debit cards.

We notice you are visiting from a U.S. Internet provider. 




