GS Logo
The Green Sheet, Inc

Please Log in

Banner Ad
View Archives

View PDF of this issue

Care to Share?


Table of Contents

Lead Story

Tough love in compliance and breach liability

News

Industry Update

Visa consolidates, restructures

Cabbies roll with VeriFone terminals

Negotiating the wireless security minefield

SPVA broadens membership base with global players

Features

AgenTalkSM:
Esteban Marin

MWAA raises the conference bar year by year

Embry enters payment hall of fame

ControlScan extends involvement with ETA

Selling Prepaid

Prepaid in brief

Financial storm perfect for prepaid?

Keeping patients sticky

Triumphs and travails of kiosk deployments

Views

Community counts

Biff Matthews
CardWare International

Consumers love rewards, why don't sales reps?

Lori Breitzke
VeriFone

Education

Street SmartsSM:
The proper approach to MLS hunting

Jon Perry and Vanessa Lang
888QuikRate.com

Seven reasons to avoid exclusivity

Adam Atlas
Attorney at Law

A case for case histories

Nancy Drexler
SignaPay Ltd.

The MLS opportunity

Christian Murray
Global eTelecom Inc.

Call reluctance: Diagnose it and treat it

Jeff Fortney
Clearent LLC

Digging into PCI:
Part 1 - Securing the network

Tim Cranny
Panoptic Security Inc.

Company Profile

First National Merchant Solutions

New Products

Advertise for free processing

UpClick
UpClick

Purchasing made easy and secure

codeOne
M-CodeOne

Inspiration

As in work, so in life

Departments

Forum

Resource Guide

Datebook

Skyscraper Ad

The Green Sheet Online Edition

August 10, 2009  •  Issue 09:08:01

previous next

SPVA broadens membership base with global players

A primary focus of the newly formed Secure POS Vendor Alliance is to develop its membership base. To that end, five payment organizations have joined its ranks since May 2009: Heartland Payment Systems Inc., Moneris Solutions Inc., Radiant Systems Inc., Atos Worldline and Witham Laboratories. The SPVA is a nonprofit organization dedicated to enhancing data security worldwide.

"We decided to join because we want to support all attempts to build a more secure payment network," said Robert O. Carr, Chairman and Chief Executive Officer at Heartland. He doesn't know what Heartland's role will be at the SPVA, but he expects it will be an active one.

Brian Strange, Senior Manager for Product Development for the Hospitality Division for Radiant Systems, said his company wanted to participate in the SPVA's information sharing mandate. "Exposure to other people in the payments space is just all around good for business," he said. "There is some sharing, but certainly processors aren't jumping through hoops to tell us exactly how one of our competitor's may have been breached. And so being around other people in this space is definitely important."

Australia-based Witham Laboratories has similar goals. "There are various security requirements and standards that apply around the world," said Mario Sist, Operations Manager at Witham. "Sometimes they align well and other times they don't. Membership to SPVA will provide a forum to discuss how these requirements interact."

Additionally, Witham hopes to achieve "a closer relationship with POS vendors within the industry, as well as an increased exposure for our company worldwide," Sist noted.

Structure

At the April 2009 press conference to announce the founding of the SPVA, Paul Rasori, VeriFone's Vice President of Global Product Marketing and the SPVA's first Treasurer, said, "Membership is the most important part of what we are putting together." The SPVA has two classes of membership. General membership is open to organizations in POS terminal manufacturing, such as founders Ingenico, VeriFone and Hypercom Corp. Their mission is to create secure POS terminals. An associate member is defined as any payments industry organization that offers products and solutions that interact with POS terminals.

"Obviously we want to have a much broader view of the overall environment, so we're also inviting membership to essentially any other company that is involved with the payment system, which would include banks, acquirers, merchants, point of sale vendors, software vendors, other standard setting bodies," Rasori said.

Through working groups, general and associate members will attack security issues together, Rasori added. The SPVA's management committee, which will be elected on a rotating basis after the founding members have completed their terms, will oversee the working groups.

The committee currently consists of founding members Christophe Dolique, Ingenico's Executive Vice President, Global Marketing & Transaction Services, serving as the SPVA's first Chairman; T.K. Cheung, Vice President of Global Quality and Security at Hypercom, serving as the SPVA Vice Chairman and Chief Technology Officer; and Rasori. Two additional general membership participants elected by their peers serve on the committee as well.

The goal of the management committee is to "maintain an open and inclusive membership, facilitate these technical working groups, agree on what problems we are going to try to attack in the marketplace, and then bring the entire membership together to actually solve those problems and create best practices and other types of auditable security guidelines," Rasori said.

Once security standards are formalized and ratified by the committee, the SPVA will implement an approval program where POS vendors can achieve certification and receive the alliance's endorsement, Rasori said.

Connectivity

Earlier in 2009, Carr founded the Payments Processing Information Sharing Council, which held its first meeting in May. Carr said a priority of the PPISC is to develop end-to-end security, and since that requires security parameters for the POS terminals themselves, it made sense for Heartland to join the hardware manufacturers' association.

Carr said that to do a better job of securing the payments system from destructive data breaches, it is vital that payment businesses talk to each other about security issues through facilitators like the SPVA, the PPISC and the Payment Card Industry Security Standards Council.

"The most important thing is to share information about known attacks," he said. "I think that's the key. And a lot of people, I think, agree with that."

The SPVA will hold its first meeting Aug. 26 to 27, 2009, at the Hotel InterContinental in Miami. It is scheduled to host its next meeting in Paris in November 2009.

To find out more about the SPVA, visit www.spva.org.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM | Humboldt Merchant Services