Tag Archives: credit card processing

Two New Ethernet Machines Added To MSI’s Product Line

FOR IMMEDIATE RELEASE – January 30, 2009

South Easton, MA – Companies that want to make credit and debit card payments more accessible to their clients have two new options to choose from in the Merchant Service Inc. product line. The company’s new credit processing machines enable faster, more reliable Ethernet access to the Internet.

“We are delighted to offer our clients a better way to serve their customers,” said Chris Tobiaz, MSI’s President and CFO. “Our two new additions are designed to enable merchants to forego old fashion phone line connections in favor of more secured Internet access to billing services, if they so desire. This means transactions can take place much more expediently and companies don’t have to go to the expense of adding phone lines to accommodate credit card payments.”

The new additions to the product line are the:

Nurit 8400 IP – This is a countertop payment device that offers unparalleled flexibility. The Nurit 8400 offers configurable options that make it a favorite in a number of environments. This model is best suited for small to medium-sized businesses that need durability, reliability and performance. The machine can handle debit, credit, EMV and value added applications, such as gift cards and loyalty programs. This model offers plenty of options in regard to connectivity. In addition to LAN via Ethernet and RS-485, it also accommodates GPRS wireless connections, dialup and USB host. MSI offers the Nurit 8400 for $479 on a flat purchase basis or on a lease-to-own plan at $19.95 a month.
VeriFone Vx570 – Delivered by one of the most trusted names in the industry, the VeriFone Vx570 is a credit card machine that’s designed to be very easy for customers to read and use. It offers a large, highly visible ATM type backlit display. This device can accommodate credit, debit, gift card, EBT and even check authorization purchases. Communication options for the Vx570 include LAN via Ethernet, RS-485, GPRS wireless, USB host and even dial-up if a customer so desired. This machine costs $449 to purchase and $17.95 a month on a lease-to-own plan.

“With the days of cash transactions all but over, most businesses need to have credit card machines available to help their customers make purchases,” said Tobiaz. “Our latest product line additions help businesses close their sales without breaking their banks in the process. Both the VeriFone and Nurit models are designed to deliver a number of options while staying in a very affordable price range. They also process transactions within seconds because they are already connected to front end of the approval server. This cuts processing time way down, which is great for businesses that have extreme busy times -such as diners at lunch time, night clubs Saturday at midnight or coffee shops at 7 am.”

For more information about MSI or its products, contact Chris Tobiaz at 877-877-9592 or visit www.msimerchantservice.com.

About MSI
Merchant Service Inc. is dedicated to helping businesses of all sizes meet their needs to process payments in a secure, expedient fashion. The company carries an extensive line of credit card machines and also offers a host of options for businesses that need to be able to accept online payments. It is MSI’s goal to make doing business a pleasure for its clients and their own customers.

####

Heartland Payment Systems Security Breach

Heartland Payment Systems Security Breach
Heartland Payment Systems of Princeton, NJ reported on Tuesday that a security breach may have comprised tens of millions of credit/debit card transactions last year. If figures are accurate, this makes the Heartland incident one of the largest data breaches ever reported.

Here’s a quick run down:
1. Sometime in late 2008, there was a security breach at Heartland, which processes payments for more than 250,000 businesses nationwide.
2. Heartland uncovered the breach when they were notified by the credit card companies of fraudulent charges coming in.
3. Stolen data includes names, card numbers and expiration dates, but not Social Security numbers, addresses, phone numbers, or unencrypted PIN’s.
4. Heartland doesn’t know who is responsible and exactly how many businesses were affected, but now believes that the breach is closed.

In a press release found at the company’s website, Heartland indicates that “cyber thieves breached its system in 2008 and stole credit card information.” The company says it was alerted by Visa and MasterCard of suspicious activity surrounding cards that had all been used at merchants which rely on Heartland to process payments. An investigation uncovered malicious software that compromised data that crossed Heartland’s entire network.

President and CFO Robert Baldwin indicates that intruders had access to Heartland’s system for “longer than weeks” in late 2008; the malware was planted on the company’s network, and therefore recorded data as it was being sent for processing to Heartland by the company’s clients. Baldwin ascertains that since no SSN’s, addresses, phone numbers, or PIN’s were stolen, there is no risk for identity theft. He assures cardholders that if their information was compromised, they are not liable for the fraudulent charges.

Heartland now believes that the security breach is closed.

Deceptive Disclosure, or Just Good Timing?
With the disclosure of the security breach falling on Barack Obama’s inauguration day, many industry officials are questioning Heartland’s timing of the news release. Says Avivah Litan, fraud analyst with Gartner Inc., “This looks like the biggest breach ever disclosed, and they’re doing it on inauguration day? I can’t believe they waited until today to disclose. That seems very deceptive.”

Baldwin counters, saying that Heartland worked to disclose the breach last week, but couldn’t due to legal procedures. He claims that Heartland considered holding back another day, but ultimately decided it was important to get the information out as soon as possible, “recognizing of course that this is not an ideal day from the perspective of visibility.”

So on a day where most of America are glued to the coverage of the Presidential inauguration, is this considered deceptive, or just good timing (from Heartland’s standpoint, that is)?

Is Your Processing Company Safe?

The Heartland disclosure follows a year of similar breach disclosures at several major U.S. cards processors. In 2008, both RBS Worldpay and Hannaford Brothers Co. disclosed breaches of their payment systems that may have affected millions of credit/debit card accounts. Similarly, TJX Companies Inc. disclosed a number of breaches in 2007 that exposed more than 45 million account holders. In 2005, a breach at payment card processor CardSystems Solutions jeopardized roughly 40 million credit and debit card accounts. The increasing number of incidents suggest that cyber-crooks may be targeting payment processors more and more – sparking security concerns across the entire payment processing industry. Because Heartland maintains that they are compliant with the Payment Card Industry Data Security Standards (security controls mandated by major credit card companies), the breach adds to growing doubt about the effectiveness of PCI rules. Can what happened to Heartland happen again?

Merchant Service Inc., or MSI, is a credit card processing company that provides the merchant accounts, credit card machines, and software that allow businesses to accept credit and debit card transactions. MSI’s security has never been breached.