Removing credit card data seen as key to real security

The consensus of speakers at the just-concluded Real Security Summit is that the future of credit card payments depends on systems that remove useable card data stored anywhere at the merchant level.

What was described by Jonathan Rusch of the U.S. Department of Justice as a “global security epidemic” is fueled by terrorist groups and organized crime turning to credit card fraud as a ready source of cash. “Terrorists are always learning and exploiting the system. The key is to stop the problem at its source,” said Dennis Lormel, a former FBI white collar crime expert now with Corporate Risk International.

Merchants and other Summit attendees were urged by several speakers to assume that someone will try to penetrate their system and to choose payment processing that outsources the risk by not storing any credit card data at the merchant level. According to Dr. Heather Mark, Principal, The Aegenis Group, there is a difference between a security breach – when a hacker penetrates a system – and a data breach in which card data is compromised. “A security breach is never a good thing, but the public is really affected only when their personal data is taken,” she said.