GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

What will be in merchants' stockings this year - caviar or coal?


Industry Update

Farewell PABP, hello PA DSS

Visa, AmEx settlement no biggie for merchants

More public steps for bankcard heavyweights

Optimal socked by Internet gambling regs

Go international in real-time

It sings, it instructs, it's a gift card

Mobile checkout moving up


Data breaches pique interest

Travis K. Kircher

Growing on the 'Inside'


Art imitates life or does life imitate art?

Patti Murphy
The Takoma Group

Stay ahead with a checklist

Biff Matthews
CardWare International


Street SmartsSM:
We're all in the PCI loop, like it or not

Dee Karawadra
Impact PaySystem

What to watch in the coming months

Rob Drozdowski
Electronic Transactions Association

Using e-mail effectively: Copy and design

Nancy Drexler
Marketing Moguls

Security breaches costly to all

David Mertz
Compliance Security Partners LLC

Turning negatives into positives

Steve Schwimmer
Renaissance Merchant Services

Opportunity knocks at your online door

Curt Hensley
CSH Consulting Inc.

Liability limbo: Where will you land?

Adam Atlas
Attorney at Law

Company Profile

FirstView Financial LLC


New Products

A cherry of a keyboard

Cherry LPOS Qwerty Keyboard
Cherry Corp.

Sign on the dotted line - online

ContractPal Inc.


Holiday survival guide





Resource Guide


A Bigger Thing

The Green Sheet Online Edition

November 26, 2007  •  Issue 07:11:02

previous next

Legal ease
Liability limbo: Where will you land?

By Adam Atlas

With all the talk of Payment Card Industry (PCI) Data Security Standard (DSS) compliance, something has to be said about who carries liability for security breaches. There are various kinds of security breaches that may lead to liability in our industry.

The most common breaches occur at merchant locations. A less prevalent, but more direct kind of breach occurs at ISO or merchant level salesperson (MLS) locations. The most serious kind of security breach occurs at the processor or bank level.

It's not worth talking about security breaches at the bank or card Association level because I doubt the card Associations would impose fines or penalties on themselves for such breaches.

Tips to the wise

Here are tips to keep in mind when thinking about your liability for security breaches:

ISOs and MLSs are not necessarily required to know all the fine details of the PCI DSS. However, everyone in our industry should know the importance of PCI compliance for merchants who handle cardholder data and other parties to which the standard applies.

In publishing The Green Sheet, neither the author nor the publisher is engaged in rendering legal, accounting or otherprofessional services. If you require legal advice or other expert assistance, seek the services of a competent professional. For further information on this article, e-mail Adam Atlas, Attorney at Law, at or call him at 514-842-0886.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Simpay | USAePay | Impact Paysystems | Board Studios