Want CNET to notify you of price drops and the latest stories?

MasterCard kicks off data security push

Credit card association offers merchants help and discounts to encourage them to protect consumer data.

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
Joris Evers
2 min read
MasterCard International launched an initiative on Wednesday to help credit card-accepting merchants tighten up their protection of sensitive consumer data.

The credit card association is working with merchants to provide them with information, tools and support to help safeguard consumer data, Chris Thom, MasterCard's chief risk officer, said in a statement. It is part of a broader effort by MasterCard to safeguard payment systems and to improve security in commerce.

"This is a critical part of our strategy for ensuring security in the payments system," Thom said.

The effort is designed to combat credit card fraud amid increasing concerns about identity theft.

It comes after a series of high-profile security breaches involving credit card data, including at retailers. Last year, information on more than 1.4 million credit card transactions and 96,000 check transactions was stolen from 108 DSW shoe stores. In another incident, a problem with point-of-sale software at Polo Ralph Lauren compromised the credit card data of as many as 180,000 people.

A main component of the new initiative focuses on online transactions. MasterCard is providing lower rates to sellers who adopt MasterCard SecureCode, a program that allows cardholders to enter a security code similar to a PIN when they make online purchases.

Online merchants that support SecureCode will be eligible for rates comparable to those for face-to-face transactions, up to a 16 percent reduction, MasterCard said. Typically credit card companies charge merchants more for online transactions.

To help merchants meet credit card industry rules for security, MasterCard will offer free vulnerability scans. Such a scan is one of the steps required for many businesses to achieve compliance with the Payment Card Industry (PCI) Data Security Standard, which went into effect last year.

MasterCard aims to educate vendors about the importance of security through advertising, Web content and online seminars. Rival credit card association Visa USA has itself introduced a similar effort. It even organized a nine-city tour on PCI rules for merchants.