Page 97 - Pay Magazine s2014
P. 97
Wake-Up Call
Twenty-five percent of consumers have reported being the victim
of payment card fraud in the last five years. And, according to a study by ACI Worldwide and Aite Group, more than 60 percent of respondents who were fraud victims said they’re likely to use their cards less.
While none of the industry experts Paybefore consulted believes consumers are going to ditch their cards in favor of cash, they agree the high-profile data breaches of the past few years are a wake-up call for many businesses along the payments value chain.
“Data breaches absolutely damage businesses and their reputations, so it’s essential that reasonable measures are taken to make sure they don’t happen,” says Greg Pierson, CEO at Portland, Ore.- based fraud prevention company iovation. “Businesses don’t want their names in the media for leaking sensitive consumer data.”
Whether a company has suffered
a security breach or not, poor data security can greatly diminish a company’s valuation, according to John Walsh, CEO and president at SightSpan, a Mooresville, N.C.- based risk management and se- curity solutions provider. “We’re seeing a lot of companies failing security audits because the people in charge don’t have the right skill set,” Walsh says, adding that this becomes a costly problem for companies looking to sell.
1.
2. 3. 4.
5. 6. 7.
“If the target firm doesn’t have the proper security infrastructure in place, it can hurt the deal value by as much as 40 percent,” he says. “Does the acquiring firm use this information against the target? Absolutely, because the acquirer is looking for indemnification, and unless the target is willing to [address its security issues], the deal doesn’t go through.”
As a third-party vendor providing identity verification and fraud prevention services, Atlanta-based IDology Inc. sees first-hand that companies are paying more atten- tion to data security, according to CEO John Dancu.
Security reviews performed by client companies on vendors are extensive, he says, because clients are ensuring their vendors’ and subcontractors’ security and treat- ment of personal information are completely aligned with the clients’ best practices. “In the past year, the reviews have gotten more inten- sive,” Dancu adds. (See the Govern- ment Watch section on page 68.)
Security is a journey, not a destination
Get buy-in at the top Hire the right people
Implement policies, don’t just write them
Use multiple layers of security Review your systems
Collaborate with colleagues and competitors
Amir Wain, CEO of Redwood City, Calif.-based processor i2c Inc., agrees there is a greater willingness among companies in the payments industry to tighten up security. The security issue, he says, is “becoming more real to companies, and you can see it in their willingness and level of commitment to improving security.” While the willingness is there, he isn’t as confident that the ability is.
“Just because a CEO is more afraid of the consequences, is he really able to fully comprehend all the complexi- ties?” Wain asks. ”That’s where the scorecard isn’t filled out yet. We have to see how effectively some of these people now implement security policies in their organizations.”
Security Checklist
Nobody has the magic formula, the be-all and end-all solution to protect companies from a security breach. Industry experts, however, share several tenets to form the foundation on which to build the security of any company in the prepaid value chain.
The 7 CommandmenTs of daTa seCuriTy
volume 7 • fall 2014
paybefore.com 95
