EmailSafety.net - Gartner: No need to drop Heartland over PCI delistings

Gartner: No need to drop Heartland over PCI delistings

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Recent News

A Gartner Inc. analyst is urging companies that do business with Heartland Payment Systems Inc. and RBS WorldPay Inc. not to switch to other payment processors just because of Visa Inc.'s decision this month to remove Heartland and RBS WorldPay from its list of service providers that are compliant with the PCI data security rules.

Visa dropped the two payment processors from its PCI-compliant list on March 12, in the wake of their recent disclosures that they had been hit by data breaches last year. The credit card company said it would "consider" putting Heartland and RBS WorldPay back on the list, but only after they are recertified by third-party assessors.

The action by Visa had raised some questions about whether merchants and other organizations could continue using the two payment processors without being penalized for noncompliance themselves. Visa requires all entities that accept credit and debit cards issued under its name to work only with service providers that comply with the PCI rules, which are formally known as the Payment Card Industry Data Security Standard (PCI DSS).

But in a research bulletin issued yesterday (download PDF), Gartner analyst Avivah Litan said that customers can continue to utilize Heartland and RBS WorldPay without facing any fines from Visa.

Related Content

Both payment processors are likely to soon be recertified as PCI-compliant, Litan said in the bulletin. In the interim, their customers have nothing to fear despite the recent delisting, she added, citing a statement that Visa issued to Gartner last week.

The statement clarifies "much of the confusion" that resulted from the delisting, according to Litan, who went on to say that the move was meant to serve as an indication of Visa's willingness to get tough with companies that fail to adequately protect cardholder data. At the same time, "Visa clearly did not want to risk putting the processors out of business, partly because of the potentially enormous disruption to their hundreds of thousands of merchant customers," Litan wrote.

A Heartland spokesman said that "several merchants" had expressed uncertainty over the consequences of Visa's delisting last week. "But Visa has been very good in recent days about clearing up this confusion," the spokesman said via e-mail. He also welcomed Litan's bulletin as being very helpful, "because a third party now reinforces what we believe - that we will return to the PCI DSS compliant list very soon."

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.

Recent News:

· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High

Site Map | Recent News | Related Sites