The PCI Security Standards Council issued a bulletin Friday saying that no version of the Secure Socket Layers (SSL) protocol for protecting Internet communications meets its definition of strong cryptography. Accordingly, the Council said it will soon revise versions 3.0 of its main Payment Card Security data-security standard and the …

Jim Daly Has the U.S. payment card industry invited federal regulation by taking so long to replace the magnetic stripe? The massive data breach at Target Corp. as well as other cyber thefts at national retailers disclosed over the past six months have raised the unwelcome possibility among merchant acquirers, …

When the payments industry broke out with a rash of data breaches in December, pundits and politicians were quick to blame technical factors such as the deliberate pace at which the industry is adopting chip cards. Why hasn’t the U.S. replaced its mag stripes with EMV chips, the cry went …

Target Corp. told a U.S. Senate committee Wednesday that the overlap in the number of consumers affected by the two-headed monster of its data breach may be 12 million or more. The nation’s No. 2 general retailer also said it is improving its data security in the wake of the …

  Merchants that think by hiring a cloud-based provider to handle their payment card security tasks they’ll never have to worry again about protecting card data had better think twice, according to the PCI Security Standards Council. “Just because people outsource to a cloud service provider, they’re not done,” says …

For years, the payments industry has hoped to see improvement in card-data security among small merchants in the U.S. But, according to a survey released last week, it’s not happening. Indeed, in some important measures, there has been backsliding on security among the nation’s smallest retailers. A little more than …

In an unprecedented effort to thwart data breaches, the three leading vendors of payment card terminals on Wednesday put aside their normally fierce rivalries to announce creation of a non-profit industry group to implement common security standards and improve knowledge about security issues. “The self interest aligns with the public …

Fraudsters planted so-called malware, or malicious software, on servers at about 300 supermarkets in or affiliated with the Hannaford Bros. Inc. supermarket chain and with it were able to steal credit and debit card data, according to a letter from a Hannaford attorney to Massachusetts officials. The thefts happened even …

News of the first big data breach of 2008 broke Monday afternoon when Scarborough, Maine-based grocery chain Hannaford Bros. Co. acknowledged a data intrusion into its computer network that resulted in the theft of a reported 4.2 million customer credit and debit card numbers. The disclosure came only after the …

As card data breaches continue to garner headlines, retailers may suffer the most in the eyes of U.S. consumers. Some 63% of consumers say merchants do the least to protect credit and debit card information, compared with 16% who say this about transaction processors and 5% who say Visa and …