Making a Difference After Credit Card Breach

In an article on the PC World website, Grant Gross says the CEO of a breached payment processing company is pushing for reforms to protect consumers from hackers. Robert Carr, CEO of Heartland Payment Systems, says that since his company announced a major data breach of customers’ credit card numbers in January, he now knows the industry can implement better protective measures. Under current industry guidelines, Carr said, card numbers don’t have to be encrypted in transit between retailers, payment processors and card issuers.

At a hearing meant in part to determine whether new legislation is needed or not, Carr told a U.S. Senate committee the entire industry needs to embrace an encryption standard. Meanwhile Heartland, which paid out about US$32million in the first half of this year as a result of the breach for forensic investigations, legal work and other charges, is deploying tamper-resistant terminals at its member retailers.

“Our goal is to completely remove payment account numbers of credit and debit cards and magnetic-stripe data so they are never accessible in a useable format in the merchant or processor systems,” he said.

Carr has engaged encryption vendors and standards bodies and helped form an information-sharing council for payment processors.

To read the full article, click here:
http://www.pcworld.com/businesscenter/article/171943/heartland_ceo_ credit_card_encryption_needed.html