Low Apr
Credit Cards		 Instant Approval
Credit Cards		 Travel Reward
Credit Cards		 Prepaid
Debit Cards		 Bad Credit
Credit Card		 Business
Credit Card		 Student
Credit Cards

September 21, 2009

  • Heartland CEO Speaks on Encryption, Pt.1
       What was the problem?

    As the dust settles on the last and, possibly, worst credit card heist of our time, we are still left with an unsettled feeling. We wonder if the vulnerability has been remedied and if this awful thing could ever happen again. Remembering the Denzel Washington flick, "Siege" and recalling how El Qaeda were actually trained to do what they do under cover by our own federal experts, we now must wonder how one of our own hand-picked credit card master thief could be trained and hired by our own government in credit card security to catch other thieves. How could we have trusted such a person. Why was he put on the government payroll and then trusted?

    We may never know but, we do have some new insight on the plans of Heartland Payment Processors to build a better mouse trap for the future. Heartland still processes millions of credit card transactions every month as do four or five other credit card processors. These are companies like Vital (probably the largest), Paymentech, First Horizon and First data, all larger than Heartland. Normally, the public never hears of these entities unless there's an incident.

    So what was the Achilles Heel -- the weak spot that made it all possible this time? Encryption gaps in credit card data-flow. Although The security are called PCI, has worked so hard to shore up this vulnerability, much of the industry has lagged behind in reaching the compliance level specified by PCI. Most of the violators are small businesses and pose little threat because their transaction volume is low. A few large ones, however, like TJ MAX and Heartland have, somehow, slipped through the PCI safeguards. TJ Max have long since corrected their weak-spot after paying out millions of dollars in compensation. Heartland are fairly serious about security but did have one vulnerability. In their data processing chain, one particular interconnect between two disparate (dissimilar) systems had to be bridged. At that tiny little point, encryption was lapsed for that data conversion. This was the Achilles Heel.

    Continued...
    Back to Articles Main Page

Copyright © 20011, All rights reserved Extra Credit Cards