No thanks, stay here.  

  We notice you are visiting from a U.S. Internet provider. Switch to our U.S. website.

Latest Industry News

Merchant Account

Credit Card Processing

Point-of-Sale Terminals

Security and Fraud

Press Releases


Get a Rate Quote
Call Us Today
Find us on Facebook

Industry News

Heartland Payment Systems beefs up payment processing security with end-to-end encryption, tokenization

By Joseph Trigliari

04/02/2010 - Few other companies have been burned in payment processing security like Heartland Payment Systems has. So what do the security initiatives look like from a company whose stakes are so high? They are extensive, for one.

Heartland CIO Steven Elefant told TechNewsWorld in a recent interview that, since the company's security breach in December 2008, the company has implemented end-to-end encryption, a version that is more extensive than the simple point-to-point encryption many people refer to when discussing end-to-end encryption.

"There's never a time outside a hardware security module that there's clear text information exposed anywhere throughout the process," he told the news provider. "That's a radical new way to do things in the credit card industry - up to now, everything has been sent in clear text."

Other security initiatives include dynamic data authentication, post-processing tokenization, and live log tracking.

The Heartland breach, which was said to be caused by SQL injection, is expected to have compromised the payment processing data of as many as 130 million credit and debit cards.ADNFCR-2514-ID-19598937-ADNFCR

Related News - Security and Fraud

Cloud computing and payment processing security: Not mutually exclusive after all?

19/03/2010

With cloud computing becoming a more and more popular and attractive IT model for organizations, one serious concern that has arisen is what the implications are for PCI compliance and overall payment processing security.

Full Article

Discovered chip and pin exploit may not pose significant real-world threat to payment processing security

19/03/2010

The recent report from Cambridge University researchers showing the vulnerability of the chip card payment processing system to fraud may not have that many real-world consequences, said the Financial Post.

Full Article

PCI DSS compensating controls are not shortcuts, experts remind businesses

18/03/2010

Many businesses think of compensating controls as a shortcut to payment processing compliance. However, compensating controls in reality are nothing near a shortcut - they require research and analysis to correctly implement.

Full Article

PCI SSC: Level 4 merchants shouldn't hold breath for tiered payment processing security requirements

16/03/2010

A common complaint among small, Level 4 merchants is that the PCI compliance mandates are too intense and burdensome for them, and are better suited to larger merchants.

Full Article