From: security curmudgeon (jerichoattrition.org)
Date: Wed Jul 01 2009 - 13:20:41 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://supermarketnews.com/news/heartland_encrypted_0701/

Heartland Receives Encrypted Card Data From Retailer
Jul 1, 2009 6:00 AM

PRINCETON, N.J. Heartland Payment Systems here, the payment processor
that announced in January that it had been hit by a major data breach,
successfully completed the first phase of an end-to-end encryption pilot
project designed to enhance its security.

This first step involved the transmission of live AES (Advanced Encryption
Standard)-encrypted card transactions from an unnamed merchant to
Heartlands processing platform.

According to Robert O. Carr, Heartlands chairman and chief executive
officer, to his knowledge, this is the first time encrypted transactions
have been sent from a merchants card reader to and through a major
processors payments network.

Yesterdays transactions involved a Texas-based merchant and multiple
credit card, prepaid and signature debit card transactions testing each of
the major card brands, Carr said. Cardholder data, he added, is typically
unencrypted as it leaves a merchants terminal and is not encrypted until
it is either tokenized in a gateway or at rest in the processing platforms
data warehouse.
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]