Heartland Secure released to provide card data security for merchants

US payment processor Heartland Payment Systems has rolled out Heartland Secure, a credit/debit card data security solution that combines three technologies working in tandem to provide merchants with protection available against card-present data fraud. The newly introduced solution is designed to provide merchants with protection against point-of-sale (POS) intrusions, crimeware, miscellaneous errors, insider misuse and other common sources of card-present data fraud by eliminating the opportunity for criminals to monetize card data. Heartland Secure combines: • EMV electronic chip card technology to prove that a consumer’s card is genuine; • Heartland’s E3 encryption technology, which encrypts card data as it is entered so that no one else can read it; • Tokenization technology, which replaces card data with tokens that can be used for returns and repeat purchases, but are unusable by outsiders because they have no value. According to Robert O. Carr, chairman and CEO of Heartland Payment Systems, security breaches against large retailers such as Target and Neiman-Marcus get most of the publicity, but there were more than 679 data security incidents reported in the retail and accommodation merchant sectors in 2013 and 285 of them involved confirmed data losses. Unfortunately, the real breach numbers may be much higher, and the FBI believes we can expect more credit card breaches in the US. On January 2014, FBI sent a confidential, three-page report to retail companies warning them to prepare for more cyber-attacks based on their discovery of roughly 20 hacking cases that involved the same type of malicious software used against Target last December. The FBI cited the accessibility and affordability of malware on underground forums and the huge potential profits to be made from retail POS systems in the US as factors that make this type of cybercrime attractive to a wide range of cyber criminals. Based on data provided by the Open Security Foundation and RiskBased Security, the Online Trust Alliance’s (OTA) 2014 Data Protection and Breach Readiness Guide states that more than 823 million records were exposed in 2013, including credit card numbers, email addresses, log in credentials, social security numbers and other related personal information. OTA estimates that 37% of these breaches were the result of actual hacks and another 31% were due to lack of internal controls, which enabled accidental or malicious events. According to the Verizon 2014 Data Breach Investigations Report, 2013 could be characterized as “a year of transition from geopolitical attacks to large-scale attacks on payment card systems.” The report also said 2013 would be remembered as the “year of the retailer breach.” POS intrusions accounted for 31% of the retail breaches where data was confirmed stolen, with payment card skimmers accounting for another six percent. POS intrusions accounted for 75% of the confirmed-stolen accommodation sector breaches. Heartland Payment Systems delivers credit/debit/prepaid card processing, mobile commerce, ecommerce, marketing solutions, security technology, payroll solutions, and related business solutions and services to more than 275,000 business and educational locations nationwide.