No thanks, stay here.  

  We notice you are visiting from a U.S. Internet provider. Switch to our U.S. website.

Industry News

Heartland Payment Systems beefs up payment processing security with end-to-end encryption, tokenization

By Joseph Trigliari

04/02/2010 - Few other companies have been burned in payment processing security like Heartland Payment Systems has. So what do the security initiatives look like from a company whose stakes are so high? They are extensive, for one.

Heartland CIO Steven Elefant told TechNewsWorld in a recent interview that, since the company's security breach in December 2008, the company has implemented end-to-end encryption, a version that is more extensive than the simple point-to-point encryption many people refer to when discussing end-to-end encryption.

"There's never a time outside a hardware security module that there's clear text information exposed anywhere throughout the process," he told the news provider. "That's a radical new way to do things in the credit card industry - up to now, everything has been sent in clear text."

Other security initiatives include dynamic data authentication, post-processing tokenization, and live log tracking.

The Heartland breach, which was said to be caused by SQL injection, is expected to have compromised the payment processing data of as many as 130 million credit and debit cards.ADNFCR-2514-ID-19598937-ADNFCR

Related News - Security and Fraud

Visa announces new best practices for payment applications

26/08/2010

As part of its continued commitment to security, Visa has announced another set of global industry best practices for payment application vendors, integrators and resellers that employ payment-related systems such as credit-debit machines.

Full Article

Banks get creative to promote overdraft protection

29/07/2010

New regulations born of the financial reform bill may help cut costs for consumers who use point-of-sale terminals, yet banks are still searching for a way to recoup their potential losses.

Full Article

Tokenization can eliminate PCI compliance worries

27/07/2010

Retailers, payment processing companies and others are learning how to implement and accommodate new security practices to protect consumers and lessen their PCI compliance burden.

Full Article

Chip-and-pin technology has reduced fraud, but not interest rates

26/07/2010

With the introduction of credit card chip technology, consumers charging purchases at credit card machines were promised savings in interest rate charges, but have not seen them yet.

Full Article