Credit-Card Data Breaches Drive Security Solutions Bonanza
Credit-Card Data Breaches Drive Security Solutions Bonanza : "Security experts say every time a retailer ends up in the headlines for losing customer credit-card data, a PCI project gets its wings. And,as more companies look to the channel for help with securing their networks for PCI compliance, it's turning out to be a wonderful life for solution providers.
Companies are paying more attention to the PCI Data Security Standard (PCI DSS), a set of requirements drawn up by major credit-card companies for securing cardholder data. In PCI, liability for negligence rolls downhill--from the card companies to the banks that process credit-card transactions and, finally, to the merchants, who face fines, and even revocation of credit-card processing rights, if they don't comply.
The steady drumbeat of recent major credit-card information breaches has been keeping PCI in the spotlight. Last August, hackers got their hands on credit-card account data and personal information for approximately 19,000 customers of AT&T's e-commerce site, and then launched a targeted phishing campaign a few days later that was apparently designed to extract additional information from the affected customers.
In September, Chase Card Services, a division of JP Morgan Chase & Co. that handles credit-card transactions for Circuit City, informed 2.6 million current and former Circuit City credit-card holders that tapes containing their personal information had been accidentally dumped in a landfill.
Then in January, TJX, the parent company of T.J. Maxx, Marshalls and several other retailers, revealed that hackers had broken into its network and accessed credit-card data and personal information of customers in the United States, Ireland, the United Kingdom and Canada.
Last month, TJX said credit-card information on at least 45.7 million customers had been stolen, making it the largest breach of customer data in history. Although the card companies haven't commented on the TJX breach due to the ongoing legal investigation, many security experts believe TJX violated the terms of PCI by improperly storing cardholder data on its network.
As PCI-related business begins to boom, security VARs and integrators find themselves in the enviable position of having almost too much work to handle. And there's plenty of room for the market to grow: Visa estimates that just 36 percent of Level 1 merchants (which process more than 6 million credit-card transactions annually) and 15 percent of Level 2 merchants (which process at least 1 million) have complied with PCI.
"
Twitter
Digg
StumbleUpon
Technorati
del.icio.us
Facebook
Furl
LinkedIn
YahooRecent blog posts
- In Bid to Sway Sales, Cameras Track Shoppers
- Unprecedented 25-Year Sentence Sought for TJX Hacker
- EFF Appeals Dismissal of Warrantless Wiretapping Case
- Viacom Makes Its Case Against Yesterday's YouTube
- Obama supports Senators draft plan to rework U.S. immigration policy - Includes National Biometric ID card for all.
- Domain Names Can't Defend Themselves
- Hacker Disables More Than 100 Cars Remotely
- Judges Approves $9.5 Million Facebook ‘Beacon’ Accord
- Hooking Up The Big Brother Machine... And Fighting It
- Court: State Can Dump Non-Sex Offenders Into Registry
