The head of Heartland Payment Systems, which washit by a massive data breach last year, has called for industry collaboration to combat cyber-crime attacks.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Cyber-criminals gained access to potentially millions of credit card transaction details after planting spy software on Heartland systems.
Heartland chief executive Robert Carr has held meetings with others in the payments industry following the public disclosure of the data security breach.
There is growing concern in the industry about the increasing success and frequency of cyber-attacks, according to Carr.
He has called for greater information sharing to prevent cyber-criminals from using the same or similar techniques in multiple attacks.
"I believe that had we known the details about previous intrusions, we might have found and prevented the problem we learned of last week," Carr said.
The Heartland boss is also advocating the adoption of data encryption throughout the payments industry, as well as improved and safer standards of payments.
Encryption is not a requirement of the Payment Card Industry Data Security Standard (PCI DSS). The omission is regarded by security commentators as a key weakness.
Lack of encryption is a key reason that PCI compliance is not enough to guarantee the security of credit card details, say experts.
These gaps create excellent attack points for hackers as data is fully exposed, said Mark Bower, director of information protection at Voltage Security.
Like Carr, Bower sees end-to-end encryption as the only way to eliminate the threat to transaction data.