CardSystems submits PCI compliance report

Credit card processing company CardSystems is banking on an independent assessment validating its compliance with the Payment Card Industry (PCI) data security standard to convince former clients to take it back, but so far none are biting.

AmbironTrustWave filed a Report on Compliance (ROC), a summary of findings resulting from a PCI audit of CardSystems, to MasterCard, Visa, AmericanExpress, and Discover on Aug. 31.

The report details the security protocols of a company's network environment for processing and transmitting credit card data, according to CardSystems.

According to the processing company, it has implemented a fully encrypted processing network for both data transmission and storage. The company also segmented its network with a series of internal and external firewalls.

Before these measures were put in place, however, forty million credit cards of all brands were exposed to potential fraud in a breach of CardSystems' network last year. MasterCard announced the breach in June, which has spurred lawmakers to propose tighter privacy controls over consumer data.

Visa announced in July that it was terminating CardSystems as an approved Visa processor as of Oct. 31 because the company violated its data security rules. Visa, along with MasterCard and other credit card associations, require their members to comply with the PCI data security standard.

According to Visa on Thursday, its decision to cut off CardSystems is permanent.

John Perry, president and CEO of CardSystems, said in a statement that the company hopes the credit card associations accept its PCI report and validate it as compliant.

"The data security protocols in place at CardSystems make it one of the data security leaders among payment processors in the payment card industry," Perry said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.