LOGIN | SIGNUP

• Credit
• Data Breach
• Fraud
• Identity Theft
• Other News
• Privacy
• Reviews
• Scams
• Tips
• Truston

See our certifications »

« Previous Post | Blog Home | Next Post »

Credit Card Industry Says Restaurants are Data Sieve

Posted on Mar 24, 2007 by Tom Fragala

Electronic payment processors, including Visa and Mastercard, say that restaurants are the biggest source of credit card data breaches and security leaks. In a way, no surprise since there are millions of restaurants, many of which are small operations, that clearly can’t handle or don’t care about payment card industry standards.

According to an article in the Wall Street Journal,

Since January 2005, restaurants represented about 40% of incidents in which intruders gained unauthorized access to credit-card information, according to data tracked by Visa. That is the largest percentage of incidents among merchant groups.

Meanwhile, Chicago-based AmbironTrustWave, which conducts security audits for merchants, says that 62% of the security breaches it has seen over the past 18 months came from the restaurant industry.

The problem outlined in this article is not about skimming, where an employee uses a clandestine device to steal the data from the magnetic strip. Rather it’s about the lack of security around the transmission and storage of credit card (and even more risky, debit card) data. Think about it how many point of sale systems at restaurants are storing credit/debit card data. How secure do you think those systems are (not very). Even the largest point of sale (POS) vendor in the world, Micros, is punting on the issue:

says Peter Rogers of Micros Systems Inc., which makes restaurant software. "It's not really our job to tell the restaurateurs what they need to do to be compliant with credit-card regulations."