Merchant who store, process or transmit cardholder data, must be compliant with the PCI Data Security Standard. More often than not, PCI DSS Compliance is a starting point for protecting payments, not an achievement that can be crossed off a check list.
Headlines remind us of the ongoing risk of data compromise. A franchising company is the latest example. According to the company’s press release, an internal forensic investigation, launched after fraudulent activity was found on several payment cards that had been used at the company’s locations, identified suspicious files, including malware, on the licensees’ computer systems at 108 locations in 10 states. The franchising company is concerned that the suspicious files could indicate that an attacker(s) may have accessed data, including credit and debit card information. It is yet to be determined whether credit or debit card data was exposed.
To help you better understand how TrustCommerce’s security products could have helped prevent this “malware” attack, here are some key points.