September 1, 2005, 12:00 AM

Card processor complies with security standards but Visa still cuts ties

Embattled CardSystems Solutions Inc. met the Aug. 31 deadline for complying with the Payment Card Industry Data Security Standard, but it wasn’t enough to prevent Visa U.S.A. from cutting ties with the processor.

 

Embattled CardSystems Solutions Inc. met the Aug. 31 deadline for complying with the Payment Card Industry Data Security Standard, but it wasn’t enough to prevent Visa U.S.A. from cutting ties with the processor.

CardSystems processes transactions for more than 119,000 small to mid-size merchants, including online retailers. Its partners include Authorize.net, geocerts.com and USA.NET.

AmbironTrustWave, an independent data security assessment firm, yesterday submitted an audit verifying the processor’s compliance with data security standards to Visa, MasterCard International, American Express and Discover Financial Services.

“We believe that the report on compliance concludes that CardSystems meets the PCI standard,” said John Perry, president and CEO. “We are hopeful that MasterCard, Visa, American Express and Discover will accept this PCI report and validate that CardSystems is PCI compliant.”

CardSystems said it has implemented a fully encrypted processing network for both data transmission and storage and has segmented its network with a series of internal and external firewalls.

Visa and American Express Co. in July announced they will terminate their relationships with CardSystems, effective Oct. 31, because the company’s lax security enabled a hacker to gain access to data for 40 million cardholder accounts.

Visa said in a statement today that while it will review the audit, “the fact that CardSystems has now submitted a report on compliance does not undo the damage the processor has done.”

“Visa cannot overlook the significant harm the data compromise and CardSystem’s failure to maintain the required security protections has had on Visa member financial institutions and merchants as well as the significant concerns it has raised for cardholders.”

American Express has no plans to reconsider its decision to end its relationship with CardSystems, a spokeswoman says.

MasterCard said it`s now reviewing the audit. "We expect our review to require several days or longer, should additional inquiry be necessary," a spokeswoman says.

Discover, which had deferred action on ending its relationship with CardSystems, is reviewing the report and plans to conduct a site visit within the next few days, a spokeswoman says. “Once we’ve completed our review of the ROC, our onsite visit and discussions with CardSystems, then we’ll make our decision,” she says.

 

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Patrick Smarzynski / E-Commerce

What the changes at eBay mean for sellers

The online marketplace introduced new rules for sellers last month. It’s crucial that sellers understand ...

FPO

Mark Feinstein / E-Commerce

A quick guide to global e-commerce opportunities

Consumers in many countries are buying more online each year. Understanding the nuances of each ...

Advertisement