The Cincinnati-based payments technology provider Mercury Payment Systems has launched a new initiative, Security Pays, which is designed to educate payments partners and business owners on how to protect themselves from data breaches and other security threats.
Mercury, a Vantiv company, said it is working to drive adoption of security standards, protocols and products in the payments space. Through Security Pays, Mercury supplies resources to point-of-sale developers to accelerate the integration of security software to the Mercury payments platform. The program also includes incentives for developers, dealers and their staff to focus on practicing secure behaviors and selling more secure solutions.
“Securing payment data is more important than ever for businesses,” Matt Taylor, group president of integrated payments and emerging channels for Vantiv, said. “Research shows that 80% of security attacks happen at small businesses, and 60% of the small businesses that are hit by a data breach, go out of business within six months of the breach. We want to help our payments partners – and the businesses they serve – to take steps to be more secure. When it comes to security, it's crucial to be proactive.”
“We're on a mission to help businesses of all sizes protect themselves and their clients against the ever evolving set of threats,” Matt Downs, senior vice president of channel for Vantiv integrated payments, said. “Our merchants' business survival depends on it, as well as the vitality of our channel partners across the developer and reseller network. We believe the POS provider is the key to changing this troubling narrative.”
Security Pays also allows Mercury to offer training and testing to payments partners to help them meet Payment Card Industry Data Security Standard version 3.1 requirements. Certified Qualified Integrators and Resellers receive a three-year renewable credential.
The Wakefield, Mass.-based PCI Security Standards Council's PA-DSS 3.1 aligns with the recent release of PCI Data Security Standard 3.1, which primarily addresses vulnerabilities in the Secure Sockets Layer encryption protocol that can put payment data at risk. Through this revision and supporting guidance, the council urges organizations to understand if and how their payment applications are using SSL and to upgrade to a secure version of TLS. In June, PCI revised its Payment Application Data Security Standard to address vulnerabilities in encryption protocols that primarily affect web servers and browsers that drive payment terminals.
“In the more than 400 investigations conducted by the U.S. Secret Service last year, the service found improper payment platform set-up and system maintenance to be a common point of attack and compromise,” PCI Security Standards Council General Manager Stephen W. Orfei said. “We also see this across the global marketplace. As U.S. businesses migrate to EMV and update their POS environments, they need to be confident the technology is set up correctly to protect their customer base. Taking this risk off the table is significant. The council applauds Mercury and RSPA for their commitment to train merchant partners through the QIR program. The right training will ensure merchants who are trying to do all the right things have the resources they need to protect themselves and their customers.”
By participating in Security Pays, developers and dealers will also be empowered to quickly institute critical security standards and adopt products that will help them integrate the added security benefits of end-to-end encryption, tokenization and EMV acceptance. It also equips participating developer and dealer partners with subsidies to financially assist merchants with the necessary security hardware or software upgrades required for the upcoming liability shift.
The Security Pays campaign runs through the end of 2015.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
