September 1, 2005, 12:00 AM

Card processor complies with security standards but Visa still cuts ties

Embattled CardSystems Solutions Inc. met the Aug. 31 deadline for complying with the Payment Card Industry Data Security Standard, but it wasn’t enough to prevent Visa U.S.A. from cutting ties with the processor.

Paul Demery

Managing Editor, B2B E-commerce

 

Embattled CardSystems Solutions Inc. met the Aug. 31 deadline for complying with the Payment Card Industry Data Security Standard, but it wasn’t enough to prevent Visa U.S.A. from cutting ties with the processor.

CardSystems processes transactions for more than 119,000 small to mid-size merchants, including online retailers. Its partners include Authorize.net, geocerts.com and USA.NET.

AmbironTrustWave, an independent data security assessment firm, yesterday submitted an audit verifying the processor’s compliance with data security standards to Visa, MasterCard International, American Express and Discover Financial Services.

“We believe that the report on compliance concludes that CardSystems meets the PCI standard,” said John Perry, president and CEO. “We are hopeful that MasterCard, Visa, American Express and Discover will accept this PCI report and validate that CardSystems is PCI compliant.”

CardSystems said it has implemented a fully encrypted processing network for both data transmission and storage and has segmented its network with a series of internal and external firewalls.

Visa and American Express Co. in July announced they will terminate their relationships with CardSystems, effective Oct. 31, because the company’s lax security enabled a hacker to gain access to data for 40 million cardholder accounts.

Visa said in a statement today that while it will review the audit, “the fact that CardSystems has now submitted a report on compliance does not undo the damage the processor has done.”

“Visa cannot overlook the significant harm the data compromise and CardSystem’s failure to maintain the required security protections has had on Visa member financial institutions and merchants as well as the significant concerns it has raised for cardholders.”

American Express has no plans to reconsider its decision to end its relationship with CardSystems, a spokeswoman says.

MasterCard said it`s now reviewing the audit. "We expect our review to require several days or longer, should additional inquiry be necessary," a spokeswoman says.

Discover, which had deferred action on ending its relationship with CardSystems, is reviewing the report and plans to conduct a site visit within the next few days, a spokeswoman says. “Once we’ve completed our review of the ROC, our onsite visit and discussions with CardSystems, then we’ll make our decision,” she says.

 

Comments

Sign In to Make a Comment

Comments are moderated by Internet Retailer and can be removed.

Not a member? Signup for free today!

Advertisement

Advertisement

Advertisement

Relevant Commentary

FPO

Jason Squardo / Mobile Commerce

Five tips for achieving high mobile search rankings

Searches on mobile devices will soon exceed those on computers, Google says. Retailers that keep ...

FPO

Sergio Pereira / B2B E-Commerce

Quill turns to its B2B customers for new ideas

Coming in April is a new section of Quill.com that will let customers and Quill ...

Advertisement