News from the Wire

Coalfire validates Vodat’s Unified Payment Service

Tuesday, October 21, 2014 — 18:09:18 (EDT)

Dallas and Bredbury Stockport, U.K., Oct. 15, 2014 – ‘Vodat International, the leading communications provider, is offering the retail and hospitality industry a viable and cost effective route to full Payment Card Industry (PCI) compliance through their own networks. Vodat has launched its Unified Payment Service to simplify and cut the cost of PCI compliance by removing sensitive card holder data completely from the retailer’s point of sale network.

With validation of its solution by Coalfire, a leading independent information technology governance, risk and compliance firm, Vodat’s Unified Payment Service enables card data to be processed and stored in Vodat’s secure datacentres, which are PCI DSS compliant. This approach enables most retailers to address 9 of the 12 PCI DSS requirements[1].

Kevin Burns, Head of Solution Architecture at Vodat International said, “With only 38 percent of over 1000 businesses surveyed compliant, and only 19 percent understanding the penalties for non-compliance, we are on a mission to smash the myths around compliance and ensure businesses can benefit from a safer, more affordable, manageable and sustainable way to secure customers’ payment data[2].”

Vulnerable and under continuous assault, card payment data remains one of the easiest types of data to convert to cash, and therefore the preferred choice of criminals. 74 percent of attacks on retail, accommodation and food services companies target payment card information[3].

Per company, the average cost of a breach is £2.21m, up 8 percent from 2013, due mostly to increased customer churn, proving that consumers are becoming more aware of payment security and voting with their feet[4].

Burns continued, “Retailers are spending more money, more often, on ensuring they are PCI DSS compliant across their business. And the latest version three standards released by the council have led to another wave of merchants looking to, or at least feeling that they might have to replace their equipment or software.

“The need to update in-store equipment and software to ensure cardholder data is closely protected will never go away but with Coalfire’s validation of our solution, we can provide an easy to integrate solution at the same time as reducing scope for PCI DSS compliance for retailers. We might even save costs because many retailers now face the issue of XP end of life which will likely force PoS hardware and software upgrades to retain PCI DSS compliance. But with Vodat’s solution, the PoS is out of scope and therefore this costly upgrade can be deferred.”

Andrew Barratt, managing director of Coalfire Europe said: “The cost of implementing P2PE will almost certainly be higher than most retailers appreciate. Worse, it will not reduce the scope of PCI quite as much as has been suggested. The result might be that merchants end up with two headaches: one for PCI and one for P2PE, both of them painful, expensive to remove, and likely to return unless carefully managed every day.

“P2PE only covers the customer-present environment, excluding both online and the call centre. In addition, some so-called P2PE offerings are not validated solutions, as listed on the PCI web site, running further risk that these recommendations will not be accepted by a QSA such as Coalfire.”

Vodat recently implemented its Unified Payment Service across Welcome Break’s estate, radically improving the speed of service to customers and streamlining the day-to-day management of transactions. Catering for 80 million people a year, Welcome Break wanted to ensure more customers were being served throughout each day.

For more information on PCI compliance and the options available, please visit Vodat’s dedicated community site www.thepaymentsnetwork.co.uk .

About Coalfire

Coalfire is a leading, independent information technology Governance, Risk and Compliance (IT GRC) firm that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Dallas, Denver, Los Angeles, New York, San Francisco, Seattle, Washington D.C. and England and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire’s solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, HITRUST, NERC CIP, Sarbanes-Oxley, FISMA and FedRAMP. For more information, visit www.coalfire.com .

About Vodat International

Vodat International is a specialist telecommunication provider for retail who has leveraged that experience to deliver the Vodat Unified Payment Service. Vodat’s client base includes Poundland, Beaverbrooks, Coast, Dune, EAST, Fat Face, Ted Baker, L.K.Bennett, Spar, Welcome Break, Whistles and White Stuff making it the leading player in retail communications. For more information, visit www.vodat-int.com .

[1] Level One merchants processing more than 6 million Visa or MasterCard transactions per annum will not be able to complete a Self-Assessment Questionnaire (SAQ)

[2] Sage Pay, The Payments Landscape, 2014

[3] Verizon, Data Breach Investigations Report, 2013

[4] IBM/Ponemon Institute, Cost of Data Breach Study: United Kingdom, 2014

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information: bankcardlife.com?orid=33533&opid=1 .

Source: Company press release.