LONDON, 26 April 2010 – Commidea, the leading card payment processing solution provider, and Foregenix, an independent, specialised information security business, call upon retailers, e-commerce merchants and banks to reduce the risk of card holder data breaches by taking a number of steps underpinned by the Payment Card Industry Data Security Standard (PCI DSS) framework.
Attacks against the payment card industry and retailers continue to increase in sophistication, with the use of malware and automation becoming more prevalent. The top five cardholder data attacks are SQL injection, unauthorised access through default or shared credentials, malware, third parties or trusted access and perimeter security issues such as firewalls.
“Over 90% of the businesses that our team have investigated during the last five years were unaware of which sensitive, or in some cases prohibited, data was present on their network,” said Benjamin Hosack, director, Foregenix. “This is a worrying statistic, but with the right tools in place unprotected cardholder data can easily be identified and protected or securely deleted.”
Top tips for protecting against data attacks:
“There is no ‘silver bullet’ for cardholder data protection. It requires constant scrutiny and a collaborative effort between the merchant, bank and the solution provider. But adhering to a few basic disciplines can greatly reduce your risk of a data breach.” said Ian Rutland, Marketing and Communication Director for Commidea. “The alternative, a data breach, damaged reputation and a substantial fine, is much less appealing and we would encourage all businesses handling sensitive cardholder data to follow these simple guidelines.”
- ends -
Notes to Editors
About Commidea and Point International
Commidea is part of the Point International Group of companies. Point is the leading European provider of electronic payment solutions and supports over 300,000 customers in the Nordic, Baltics and the UK through the provision of innovative and secure card payment solutions. Every day more than 7 million secure card transactions are handled through Point solutions. The Group manage more than 400.000 payment devices and customers range from large high street retail names to small independents, award winning e-commerce sites and many leading mail order companies. The Group is present in the UK, Denmark, Finland, Norway, Sweden, Iceland, Latvia, Estonia and Lithuania with and employs over 500 staff.
Commidea has built a reputation for reliability, innovation and excellence and has developed Ocius, a Chip & PIN solution which is pre-certified by the banking community that has set new standards within the industry. Ocius Sentinel, is the first UK certified solution to offer complete end-to-end encryption enabling fast and secure processing.
Working with a network of business partners throughout the UK, Commidea delivers a managed, PCI DSS compliant, multi-channel payment solution to all sizes of business. Commidea also supports many of the country’s leading specialist distributors and system integrators.
Foregenix is an independent, specialised information security business with strong experience in the PCI DSS, PA-DSS and account data compromise investigations (forensic investigations). Foregenix provides the following services to their clients across the EMEA (Europe, Middle East and Africa) region:
For more information, please visit the Foregenix website or contact us on 44 (0) 845 309 6232.
For more information or interviews with Commidea and Foregenix contact:
Lucy Marshall or Kirsty Sewter
Fourth Day PR
020 7403 4411