By now everyone is aware of the alleged card data breach at Home Depot. Though the company is not admitting it yet, they are doing everything to confirm it, including reassurances that card holders are not liable and now we hear they are going to implement EMV by year’s end. My colleague Ed Learned has blogged about this several times after the last round of mega-breaches but it needs to be said again - EMV does not prevent card data theft. Period, end-of-story.
We are a few weeks away from PCI Community Meeting and as everyone should be aware by now that PCI 3.0 is now in effect. There were a lot of changes with this new version. You can learn about the changes being made with the enforcement of PCI 3.0 from one of our previous blog posts: PCI 3.0 Preview: Old Themes and New
It’s summertime! It barely seems like the year should be half way over. I like to take this time of year to reflect on what has happened in both hospitality and in the payments space, as well as look forward to things yet to come. We are after all, still “only” half way through the year.
In reflection, it has been a very busy year at Merchant Link with conferences, trade shows and events not to mention product releases and new client boarding.
Our year kicked off with participation at NRF (National Retail Federation) annual conference in New York. The Merchant Link team took advantage of having so many top-level retailers in one location to learn more about what they consider “pressing technology” and immediate innovation needs. This of course was a little overshadowed by the then recent breach and several Tier 1 retailers. Helping to break down the barriers and misconceptions between Point-to-Point Encryption and EMV (Euro/Mastercard/Visa) with the attendees was enlightening. It always amazes me how the media can make the simplest thing so confusing – referencing of course, P2PE and EMV is not simple.
Since 2008 Verizon has been putting together a report outlining the impact of global cybercrime and the importance of information security. Often our memories are “short” and we cling to the last thing we heard in the news. This year of course it is the breach that Target experienced; which is disappointing, in that Target was not the only big box retailer to be hit, but for some reason they were the most memorable. Verizon works with the top security companies and agencies in putting together the Data Breach Investigation Report and in spite of headlines surrounding breaches at Target and other retailers, the news on closing security holes is actually positive.
There was an unprecedented new development in the aftermath of the Target data breach this week. By now everyone living above ground is aware that hackers were able to penetrate the Target network to install malware on POS systems by hijacking the credentials from Target’s HVAC vendor. The hackers were able to take off with 100 million account records including some 40 million card numbers. The projected costs to Target are expected to be in the billions.