Fixed Isnt Good Enough for Payment Protection
News Analysis: CardSystems violated contracts by not encrypting data and retaining data it wasn't supposed toand then became the nation's largest data-theft victim. Now it wants bygones to be bygones.When credit card processing firm CardSystems announced Thursday that an independent auditor had declared its systems sound, one CardSystems executive said he now wants Visa and American Express to take it back. CardSystems Inc. was at the center of the nations largest known data security breach back in May, when it reported that someone had broken into its systems and stolen the details of as many as 40 million payment cards, including names, account numbers and expiration dates. CardSystems might have been seen as the victim had it not admitted that it violated its contracts with Visa International Service Organization, American Express Co. and others, by failing to encrypt credit card transaction data and by keeping on file card verification numbers that are never supposed to be stored.
Those transgressions made the data theft much more dangerous, company officials conceded.