A seven-member industry executive panel ― consisting of restaurant merchants, retail executives and industry association representatives ― highlighted data security and PCI compliance as key concerns that “keep them up at night,” during the Retail Solution Providers Association (RSPA) annual event in Orlando last week.
Moderated by Abigail Lourden, Editor of Hospitality Technology Magazine, the panel discussion touched on a number of topics, including the economy, mobile technology and business challenges, but the discussion heated up when the topic of data security arose. Dave Hogan, representing the National Retail Federation (NRF), and Dave Matthews from the National Restaurant Association (NRA) agreed that retailers and restaurateurs cannot let their guard down when it comes to data security. “It takes just one breach to permanently damage a brand,” said Matthews.
Hogan stressed the importance of merchants working toward the goal of no longer storing customers’ data, although that could be a challenge based on requirements from the card companies, including Visa and Mastercard. “Wouldn’t it be great if we could have pin numbers for credit card transactions the same way we use them for debit transactions?,” Hogan queried. Currently, the experts agreed, Visa and Mastercard are not motivated to change their card practices because they are receiving substantial incomes from chargebacks and other fees.
Advertisement
Panel members also emphasized that becoming PCI compliant does not necessarily mean that customer data is secure. For example, when 4.2 million cards were breached at Hannaford Bros., between 2007 and 2008, the company had just been certified PCI-compliant the week before, noted panel member Terry Morgan from Macro Integration Services, previously the CIO for Delhaize Group, the parent company of Food Lion and Hannaford.
Also, because PCI requirements seemingly change on a regular basis, some retail companies are taking a longer-term look at data security. “We have moved beyond PCI,” noted panel member Kathleen Hohenstein, Director of Store Systems at Food Lion and Delhaize America. “Security is no longer an afterthought…it’s part of our everyday process.”
Other panelists included John Green from Beall’s, Mihn-Man Lavigne from Kobe Japanese Steakhouse and David Hadelman from Hooters America.
Earlier in the day Hogan and Matthews joined Joe Finizio, RSPA President and Bob Goldberg, legal counsel for RSPA from SFNR, for a session titled “RSPA and Industry Partner Update on PCI & Data Transaction Security.”
