According SC Magazine, a magazine for security professionals, Visa announced Friday, March 13, 2009 that it was stripping these companies of their PCI certification status. PCI is the acronym for Payment Card Industry. At Visa’s website, their list of PCI DSS Validated Service Providers were missing Heartland and RBS Worldpay.
This is huge if you are a merchant processing with Heartland or RBS Worldpay. Visa requires all merchants to process through a PCI compliant service provider. Merchants can be fined if they do not. How did this happen? Well both companies had a major data breach.
For Heartland, in was breached in January 2009. Perhaps the largest breach in history. RBS was breached in December 2008. The story was covered by the WSJ. While PCI compliance is an industry wide concern, a breach is costly to all of us. It requires the issuing bank (the bank that gave you the credit card) to reprint new credit cards for every consumer who may have been compromised. That is no small feat. For the consumer, they are concerned about identity theft.
What can you as a merchant do? Nothing, other than to find another credit card processing company. If you would like to better understand PCI compliance and better protecting your business and customers through new technology, please give us a call at 817.857.3557 or toll free 877.577.3779.
For an indepth article on this subject can be read at The Technical Herald.