Site Search

  

Contact ETA | MyETA | About ETA

Home
About ETA
Join ETA
Events
News
Information Resources
Education
Advocacy
Media Relations
Employment
Contact Us
ETA Forums
Online Networking
Advanced Search
ETA Member Login
Quick Links

ATM Group Renews Security Push PDF Print E-mail
The ATM Industry Association’s Debit Council says it is renewing its push for better security best practices at POS terminals, as criminals continue to compromise cardholder information by targeting out-of-date or improperly configured POS hardware and software.

According to Fair Isaac, more than 90 percent of card and PIN compromises in 2006 took place either inside outdated POS terminals or through improperly configured POS software coupled with poor key management practices.

“All parties in the electronic payments value chain must be vigilant in the protection of our customers’ data,” said Mike Urban, a member of the Debit Council and Fair Isaac’s senior director of fraud solutions. “The compromise of cardholder data is one of the biggest security risks retailers face. States (in the United States) are moving forward with legislation placing liability on merchants who are not appropriately safeguarding cardholder information.”

An estimated 20 million POS devices are installed worldwide. The automation of credit and debit card transactions at the point of sale has been growing since the early 1980s.

In response to growing fraud trends, ATMIA has published Best Practices for Protecting the Point of Sale Lifecycle. According to ATMIA, the best-practices manual includes collaboration from both the ATM and POS industries — and represents the first time the two industries have worked together to produce security best practices for the entire POS lifecycle. The lifecycle model defines and addresses eight phases: cardholder security, compliance to existing industry standards, secure deployment of devices, physical security, PIN and encryption security, software security and security during the final de-commissioning process.

“The beauty of the lifecycle model is that it helps security practitioners to identify possible security vulnerabilities throughout the life of each POS device,” said Mike Lee, ATMIA’s chief executive and founder of ATMIA’s Global ATM Security Alliance.

This manual is intended for retailers, POS processors, encryption service organizations, auditors, and security personnel and managers who have responsibility for securing POS installations and for meeting network and PCI requirements.

ATMIA expects to host a Debit Council meeting during its ATM Security in the Americas 2007 conference, which runs from Sept. 11 through Sept. 13, in Las Vegas.
Back

ETA Members Only
Login here to access your member information, membership status and member-only content.
Upcoming Events

Strategic Leadership &
Networking Forum
October 21-23, 2008
Chicago, IL

 

2009 ETA Annual
Meeting & Expo
April 21-23, 2009

Las Vegas, NV


Electronic Transactions Association
1101 16th Street NW Washington, DC 20036
Toll Free: 800.695.5509 Tel: 202.828.2635

Privacy Statement | Antitrust Laws & Trade Associations
© 2007 ETA The Electronic Transactions Association. All rights reserved.