Many of the sessions focused on mandates put out by San Francisco-based Visa in [image-nocss] its effort to curb data theft, resulting in required upgrades to point-of-sale (POS) and in-pump card readers.
The threat to c-store operators is growing, according to James Kelly, product manager for security and compliance for Gilbarco. "What's happening is that [data thieves] used to go after the big companies because they have access to millions of credit-card transactions, but those corporations have been locking down their systems over the years," he said. "Now [thieves] are looking at [our industry] because we process millions of transactions, but we haven't put in [the proper security measures]."
He expressed added concern over chains that allow third parties to install and monitor their PCI-compliant upgrades. A poor installation or improper use of remote-access technology can create holes in a company's data loop.
But progress overall is being made. Over the past several months, Kelly (pictured) has noticed retailers starting to take "ownership" of their data-security processes. From what he has experienced, he offered a few tips: Make data security the chain's standard, operating procedure. Consider security when growing the organization.
Focus on security vs. merely compliance. Assign security to someone in the organization so he or she can "own" it. As the July deadline for compliance draws near, several issues are emerging, said John Dounoucos, product manager for payment systems for Gilbarco. Two of the biggest are logistics and future mandates.
With regards to logistics, the number of trained technicians available to upgrade devices is finite. "There are not enough bodiesand with payment installs going on as well, it's the same people who do both," he says. "It's stretching the network thin."
The other concern is the uncertainty of how mandates will evolve going forward. "[Visa] never says anything definitive," he said. "And that's hard for a chain that has to spend $5 million to update its sites."
Members help make our journalism possible. Become a CSP member today and unlock exclusive benefits, including unlimited access to all of our content. Sign up here.