It’s been over three months since the first announcement of Heartland Payment Systems’ security breach and damages from non-PCI compliant processing have cut much deeper than just financially for the company. The breach on the Ohio-based independent payment processing firm has been coined the largest PCI data breach in history with ComputerWeekly.com estimating that 45 million cases of identity theft may have resulted. Heartland has stated that they are taking steps to heighten their security and reassure their network of over 250,000 merchants that they have things under control however it most likely will be too late. Independent analysts believe that the damage done to their financial stability paired with the company’s diminished reputation, are issues potentially too deep to mend.
Total security compliance has become a difficult thing for many companies to achieve. Accompanying the additional equipment required are thoughts of the transition being both costly and painful. The true costs and pain however, come to those who continue to process their payments through POS handhelds that do not meet proper Payment Card Industry Data Security Standards (PCI DSS). Much more is at stake than just the costs associated with fees and fines acquired through non-compliance; many companies have unintentionally found that the greatest costs are to their brand, their industry’s reputation, and to the breaches in their customers’ privacy. While much focus has been with security compliance for business operations over the internet, non-compliance for in-flight retail operations is growing increasingly worrisome for many operators.
Both low-cost carriers and global brands have already graduated from simply transacting a sandwich and beer on flights and are now moving towards sophisticated and multifaceted in-flight offerings. With this trend, billions of transactions are at risk of being processed on unsecure devices. PCI DSS certifications focus on the way information is transferred and stored electronically. Previous standards allowed the transacting companies to process the information and have a payment data storage centre independently handle the protection of credit card information. Chances are many of us have our credit card numbers, birthdates, social security numbers, medical records and other highly confidential data in the possession of several data-information handling centers without our knowledge. As consumers, we realize the risks involved with infringement on our own data; as retailers, we must acknowledge the same level of risk and multiply that by the amount of transactions we process within our operations.
The truth is, new security approved devices that connect directly with the banking networks and bypass the need to store the excess data allow the retailers to avoid breaches in their operations and allow the consumer to feel confident that large charges and personal information will be safely transacted through existing networks, rather than creating new networks, leaving their information at risk. This, paired with the ability to process transactions in real-time allows in-flight retailers the comfort of eliminating risk of fraud while simultaneously increasing the average transaction values their systems can handle.
Technological advances have allowed onboard retail solution providers like GuestLogix to offer this security to each of their airline partners. By creating the industry’s only PCI PED 2.0 certified handheld device and running each customer’s operations through PCI compliant POS software and payment processing back office operations, GuestLogix’ customers are able to achieve new heights in their passenger offerings while keeping their passengers safe in more ways than one.
 Print Article
|
