Heartland Payment Systems payments processors has been selected as the Michigan Lodging and Tourism Association (MLTA) exclusive endorsed provider of card processing, gift marketing, payroll services, tip management and check management services. The MLTA represents more than 500 hotels, motels, resorts, bed & breakfasts, attractions and industry vendors and is the 39th state hospitality association to join Heartland in its providing members direct access to best-in-class business solutions reducing expenses, enhance operations and increase profitability. Heartland is also the exclusively endorsed provider of card processing, gift marketing, payroll services, tip management and check management for the American Hotel & Lodging Association.Details
Trustwave, the leading provider of payment card industry compliance solutions, announces its support of the updated Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA DSS), both Version 2.0, released by the Payment Card Industry Security Standards Council (PCI SSC), October 28, 2010. The new version includes existing requirement clarifications, provides additional guidance and reveals minor changes to evolving requirements.
âAfter a thorough review of both the PCI DSS and PA DSS, we noted there were no significant changes that would adversely affect our compliant customers or customers in process to become compliant,â said Robert J. McCullen, chairman and CEO of Trustwave. âWe stand behind the decisions made by the Council and believe this new version will help further secure payment data.â
The changes to the standards include better alignment between the PA DSS and PCI DSS. In addition, changes to the Self-assessment Questionnaire will better align with the changes to the PCI DSS, and bulleted lists will be broken out into sub-requirements.
After reviewing the updates to both standards, Trustwave believes the following changes are most important to address:
PCI DSS Version 2.0
â¢Scoping the Cardholder Data Environment (CDE): The PCI SSC clarified the responsibility of the assessed organizationâs accuracy of their PCI DSS scope by identifying all locations and flows of cardholder data and ensuring they are included in the PCI DSS Scope.
â¢Additional Sources for Secure Coding for Non-Web Based Applications: The PCI SSC clarified that additional sources like SANS CWE Top 25 and CERT Secure Coding, in addition to OWASP, can be used for best practices guidance for vulnerability management.
PA DSS Version 2.0
â¢Facilitate Centralized Logging: Pertaining to requirement 4.4, the new version will mandate that payment applications facilitate a merchantâs ability to assimilate logs into their centralized log server.
â¢Cryptographic Clarification: Pertaining to requirement 2.7, cryptographic key material stored by previous versions will now be rendered irretrievable.
â¢Merger of Requirements 10 and 11: This will help further align the PCI DSS and PA DSS.
âBased on our investigations, these changes align with the problems encountered by our customers,â said Nicholas J. Percoco, senior vice president and head of SpiderLabs, Trustwaveâs advanced security team. âCentralizing logging will help organizations more efficiently investigate an anomaly that may be an indication of a cardholder data breach or an attempt.â
âWe are pleased to see the changes focused on alignment of PCI and PA DSS as well as the elimination of redundant requirements,â said James Paul, senior vice president of delivery at Trustwave. âThe changes will help clarify the relationships and demarcation between PCI and PA DSS assessments.â
To learn more about these and other key changes and how they might affect a merchant, Trustwave has archived its recent webinar, âPCI DSS 2.0: What Can You Expect?â and posted it here for review, on-demand.
The changes to both standards take effect January 1, 2011. The sunset date for the existing standards is December 31, 2011. Any organization submitting a Report on Compliance or Report of Validation after December 31, 2011 will have to comply with the Version 2.0 standards.
For more information about the PCI DSS and PA DSS, please visit www.pcisecuritystandards.org.Details
American Express rolling out its “Blue Sky Preferred” Credit Card,
offering travelers an annual $100 Airline Allowance to cover checked
baggage, in-flight meals, entertainment or Wi-Fi purchases on any
airline. It also offers double points on hotel, car rental and dining
purchases, and one point on all other eligible spending, with an annual
fee of $75. To use the allowance, cardholders must use the “Blue Sky
Preferred Card” to book the flight and to pay for any eligible
incidental fees such as checked baggage, in-flight meals, entertainment
and Wi-Fi purchase. To be reimbursed, travelers simply contact American
Express within 60 days after the airline incidental is first billed to
their Card. Points earned can be redeemed for travel on any airline, any
hotel, any cruise, any car rental and more with no travel restrictions
and no blackout dates. Redemptions start at 7,500 points, which can also
be redeemed for a $100 statement credit.
Global Cash Access Holdings cash access products and related marketing services in the gaming industry will be presenting at the Wells Fargo Securities Technology, Media & Telecom Conference on Tuesday, November 9 in New York City. The CEO will speak on Technology, Media & Telecom, to which investors and interested parties may listen to the live audio webcast at www.gcainc.com at the appropriate time. NV-based Global Cash Access provides cash access products and related services to over 1,100 casinos and other gaming properties in the United States, Europe, Canada, the Caribbean, Central America and Asia.Details
DR Collect debt collection has completed upgrades to include a fully automated front end for the implementation of the system as well as the automation of the registration process, the payment process for monthly agency fees and the upload process to load accounts into the system. The DR Collect system is now capable of importing placement files in almost any format so that clients will no longer have to follow other data standards. Clients can use file formats they already use for other vendors or a standard export from their operating collection floor system. The frequency of upload is also determined by the client. In order to further promote adoption of the DR Collect platform, the Company has implemented a new pricing schedule for the agency and law firm market that is simple and cost effective.Details
Allianex has kicked off the “My Tech Card Computer Care Gift Cards” at CVS/Pharmacy stores throughout the United States, at which the gift cards will be available at highly visible point of purchase displays. The “My Tech Card Computer Care Gift Cards” from Allianex offer customers the ability to purchase a Computer Care Gift Card valid for either a session with a live operator to repair a computer related problem or an annual subscription to a proprietary PC Optimization Suite software that contains 22 utilities designed to optimize PC performance and protection.Details
The PCI Security Standards Council (PCI SSC), Payment Card Industry Data Security Standard manager, PIN Transaction Security requirements and the Payment Application Data Security Standard (PA-DSS), Launched v 2.0 of the PCI DSS and PA-DSS. Focused on providing greater clarity and flexibility to facilitate improved understanding of the requirements and eased implementation for merchants, the new version 2.0 is slated for availability in January. More than 1,500 people from 600 organizations around the world participated in contributing input to the Council received from merchants, banks, processors and the PCI community throughout the development process. With it, however, are no new major requirements, rather, they consist of modifications to the language to clarify the meaning of the requirements and make understanding and adoption easier for merchants and serve to reinforce the need for a thorough scoping exercise prior to assessment in order to understand where cardholder data resides. This begins the new three year lifecycle for standards development allowing for minor revisions or errata to be issued throughout as necessary.Details
Flint Telecom Group has fully completed the acquisitions of the entire issued capital of Ingedigit International debit cards and Gotham Ingedigit Financial Processing. Power2Process. Each company will operate as separate entities within the Flint Telecom group of companies. Ingedigit International Inc. is a U.S. based independent sales organization (“ISO”) offering International pre-paid debit card services in partnership with international banks and other program sponsors, to offer debit cards and other related products to their customers. Ingedigit International will be rebranded Power2Process in the coming weeks to enhance its international appeal and presence and is a U.S. based advanced financial transaction processing and technology company.Details
MoneyPass inked agreements with MasterCard to make MoneyPass the preferred surcharge-free ATM solution for MasterCard debit issuers and ATM acquirers, including banks, credit unions, ISO ATM acquirers and ISO card issuers. MoneyPass was chosen based on its open structure, serving the best interests of a wide variety of potential participants in a highly flexible manner. MasterCard customers that choose MoneyPass as their surcharge-free solution will gain access to nearly 20,000 surcharge-free ATMs across the United States and Puerto Rico. MoneyPass growth over the past five years demonstrates the commitment to becoming the surcharge-free ATM solution of choice, as well as the growing interest within the financial institution and ISO community to offer a value-added service desired by consumers, with over 1250 participating bank and credit union members and nearly 40 million cardholders.Details
With 69% of CFOs most concerned with the challenge of managing cash flow, only 7% plan to slash expenses in 2011. Meanwhile, 39% expect their capital investments to increase next year, mostly on new technology, and 41% will focus on proper capital allocation and cash flow management. Additional findings, according to a recent TD Bank survey of small and medium sized companies, shows 78% projecting the recovery to take up two years to materialize, with the surest signs of a lasting upturn accredited to falling unemployment rates for 46%; 21% depending on sustained growth in their own organization’s sales; and 9% looking to an influx of new customers as an indication. Also, 45% of financial executives have seen their sales increase in the past year, of which 25% say by 10% or more; 58% project their sales to increase in the next year, of which 25% say by 10% or more; 46% believe the most likely constraints on capital investments will be cash flow; 18% blame unsure levels of funding from clients and government; 13% say the political climate is strangling cash flow.Details
OSHIBA TEC will unveil its new label printer with NCR two-sided thermal (2ST) technology at the Pack Expo 2010 trade show in Chicago from Oct. 31-Nov. 3. NCR’s 2ST(TM) two-sided printing technology improves the efficiency of the direct thermal printing process by allowing simultaneous printing on both the front and back side of a label or other media. 2ST labeling improves operational throughput which reduces operating costs and environmental impact.Details
The job loss rate in September hit the brakes and dropped steeply to
a 9.2% unemployment rate, the lowest since 2009. The corresponding
credit card charge off rate, after having skyrocketed to 10.93% in March
of 2010- at which point unemployment was at 10.2%- and lazily meandering
its way back to earth, took a steep nosedive from 10.03 in August to
8.9%. This follows months of soaring past the 6% mark in December of
2008, the 8% mark that following spring, and finally the 10% mark in
September of ’09, comes as sweet relief to rampant fear last year credit
card-backed securities would realistically near 12% by this time.
According to CardData (www.carddata.com), average charge-offs for the
first quarter were an unprecedented 10.93% with an unemployment rate of
10.2%. With this, Moody’s expects charge-offs to continue declining
into 1H/11, thanks to credit card issuers having already written off
balances from borrowers with weak credit over the past couple of years
and tightening underwriting standards. Meanwhile, with the unemployment
improving, so too are card delinquency rates, down a full percentage
point year-over-year to 4.65%. For complete details on credit card charge-offs visit Carddata.com
Jun/08: 5.7% 5.3%
Sep/08: 6.0% 5.5%
Dec/08: 7.1% 6.0%
Mar/09: 9.0% 8.7%
Jun/09: 9.7% 9.5%
Sep/09: 10.4% 10.1%
Dec/09: 9.7% 10.6%
Mar/10: 10.2% 10.93%
Jun/10: 9.6% 10.28%
Sep/20: 9.2% 8.9%
Source: CardData (www.carddata.com)