RBS WorldPay and Heartland back on the validated Visa PCI DSS compliant list
Jul 02, 2009
By SearchFinancialSecurity.com staff
21 May 2009 | SearchFinancialSecurity.com
Good news for Heartland and RBS WorldPay being back on the Visa Inc. PCI compliance list in a very short time frame. The breach's were discovered end of last year early 2009 and both organizations worked diligently with the investigative teams and their auditors to restore their PCI DSS compliance quickly. Congratulations!
Maintaining the compliant security process requires strict due diligence and monitoring as the criminal syndicates operate with extreme sophistication today. They are able to quickly find and penetrate holes in processings systems take off with the cardholder data as if they literally had keys to the bank vault.
It remains difficult for law enforecement to find and arrest these criminals easily due to jurisdictional law. Criminals operate online without borders to stop their progress unlike our law enforcement agencies, although that is changing.
We need a collaberative and cooperative team effort between merchants, consumers, financial institutions, security professionals, the Card brands, governments, and law enforcement agencies world-wide to stem the criminal epidemic. The PCI DSS and PA-DSS are programs that if followed and enforced are the beginnings of an effective proactive approach to preventing the continued rise of criminal activity online.
RBS WorldPay said Wednesday it is back on Visa Inc.'s list of service providers that are validated as compliant with the PCI Data Security Standard.
Visa removed the Atlanta-based payment processor and Heartland Payment Systems Inc. from its list of PCI compliant service providers in March after data breaches at both companies were revealed. Heartland announced early this month that it was placed back on Visa's PCI compliance list.
RBS WorldPay, the U.S.-based payment processing division of the Royal Bank of Scotland Group plc, said it returned to both Visa's and MasterCard's lists of validated service providers following a successful completion of its PCI DSS assessment. The company said it's now certified on PCI DSS version 1.2.
In late December, RBS WorldPay disclosed that personal information of about 1.5 million pre-paid cardholders and other individuals was compromised when its computer system was hacked. The Social Security numbers of 1.1 million of those cardholders may also have been compromised, the company said.
The stolen data was used in a highly-coordinated ATM scam involving cloned payroll debit cards and reloadable gift cards.
The breach at RBS WorldPay was followed by Heartland's Jan. 20 announcement that intruders installed malware to pilfer data crossing the company's network.
< Previous Article
Next Article >
Apr 20.09 | PCI DSS is not design to be attained like your Girl or Boy Scout Badge
Sep 30.08 | Second Annual Payment Card Industry Community Meeting - Oh What a Difference A Year Makes!
Aug 25.08 | TOP 10 List of Ways to Create a “Security Culture” Within an Organization
Al Decker and Rebecca Whitener, two security experts from Texas technology services company EDS, have compiled a top 10 list of ways to create a "security culture" within an organization. The two say that with security breaches and identity theft on the rise, protecting information is the responsibility of everyone in an organization. read more
Jul 25.08 | Ted Hart launches Green Nonprofits organization www.greennonprofits.org
"For years I've heard from nonprofits around the world of their interest to support and protect the environment. Because they did not perceive themselves to be experts, it was unclear what they could do to make a difference and still run a successful nonprofit/NGO. Today, GreenNonprofits, Inc. provides that answer; provides that path for every nonprofit around the world to make significant changes that when combined together will create a powerful force for the greening of this industry." - Ted Hart, CEO
Jan 14.08 | Convio Security Breach and (PCI DSS) Payment Card Industry Data Security Standards
GreenNonprofits was founded to be an accessible source of information about greening your nonprofit workplace, and to be a desktop tool for any nonprofit to become green[er].
As people and corporations around the world become more "green" they in turn expect the nonprofits they support to also take proactive steps to protect the environment. GreenNonprofits will lead the way in helping Nonprofits/NGOs around the world meet this challenge. "Ted Hart, CEO" read more
I find it interesting that I see no mention in any of Convio's follow up information of the required and mandatory Payment Card Industry Data Security Standard's compliance certificate for service providers in our industry. read more
Sep 20.07 | What a Difference a Week Makes!
PCI DSS First Global Community Meeting! read more
Sep 10.07 | PCI DSS! Is The Payment Industry Serious About Getting and Keeping Itself Secure?
The PCI DSS program has been in place in its original incarnation as AIS/CISP since 2001! Why is it then that so few organizations world wide are not compliant? Why is it then that so many service providers are still doing business "flying under the radar screen"??? read more
Nov 17.06 | I’ll Take a Ticket on You Kid!
About 6 pm, Wednesday evening October 25, Jimmy, my dearest friend and mentor, transitioned into heaven to begin the next phase of his life! A time for great sorrow and great celebration! read more
May 26.06 | Big Money, Bigger Lifestyle, Biggest Lies!
You know my two sons consistently tell me that I am too honest to be in business. My consistent reply back to them is nonsense. There is no such thing as being too honest in business. I take great pride in always standing in my truth and knowing that my word can be trusted. read more