Heartland Assists Merchants in Breach Forensics

by Mercator Advisory Group 0

Once a merchant is breached and loses control of payment card data, it is subject to sanctions as well as the task of figuring what really happened and why. A victim of a massive breach itself, Heartland Payment Systems is offering the help of its own post-breach team to help individual merchants recover. The effort is part of a larger cause to increase payment data security awareness across all of its merchant customers.

PCI compliance among smaller merchants remains a challenge. While increasingly reliant on computers, local networks, and the Internet – think of how many retailers are reliant on social networks and review sites such as Facebook and Yelp – they are hardly security experts as the rise in small business data breaches, sadly, proves so well. Since its own breach, Heartland has built its own line of card number encrypting terminals and card readers to take card data out of the merchant system’s scope. But there is still a long way to go. Of interest in this article is the processor stating that EMV cards, based on smartcard technology, are a big step up in payment security. We couldn’t agree more.

From Bank Info Security:

The processor is helping merchants comply with the Payment Card Industry Data Security Standard and educating them about POS and payment card security, as well as assisting them with POS hardware and network upgrades.

And Heartland also is assisting its merchants with post-breach investigations.

John South, Heartland’s chief security officer, says the processor is offering advice because many merchants lack security expertise. “Their specialty is not in securing networks,” he says. “And many have little or no experience in installing hardware or software to do that.”

Click here to read more from Bank Info Security.