Global | Change

Hypercom, Ingenico and Verifone, Launch New Payment Security Alliance To Clarify and Supplement Industry Security Standards

Industry association to engage multiple stakeholders, provide unified perspective  and protect against future efforts to undermine integrity of transactions April 22, 2009 Las Vegas, NV

ETA Annual Meeting and Expo ( Booths #505, Hypercom; #701, Ingenico; #219, Verifone)– Three payment industry participants – Hypercom (NYSE: HYC), Ingenico, S.A. (EURONEXT: ING) and Verifone (NYSE: PAY) today announced the formation of the Secure POS Vendor Alliance (SPVA: www.spva.org), a non-profit business organization chartered with implementing common payment security standards among vendors of secure point-of-sale (POS) devices used by retailers, acquirers and cardholders alike.

The SPVA will increase awareness of security issues, encourage adoption of best practices and ease consistency among standards that govern disparate components and participants in the payment environment. The SPVA founders recognize that stakeholders’ consistent adherence to security standards and rules are a vital necessity in the continued growth of the electronic payments industry.

The SPVA will encompass the companies that provide the key security elements among consumers, merchants and transaction acquirers and issuers. Members of the SPVA deliver a unique global experience with security standards, ensure best practice implementation and continue to evolve the security enhancements and interoperability required to reduce fraud and lower risk for all participants in card payment transactions.

Membership is open to all payment industry stakeholders. The SPVA encourages general membership among all vendors that develop secure POS payment systems, and associate membership among organizations who sell or utilize products or solutions that interact with secure POS payment devices: retailers, acquirers, software vendors, ECR vendors, banks and other standard setting associations.

Verifone, Ingenico and Hypercom, as founding members of the new alliance, will serve on the SPVA managing committee, along with two other directors to be elected by the membership in the coming months. The founding members have appointed the following individuals to serve a one year term as executive managers of the alliance:

  • Christophe Dolique – will serve as SPVA Chairman and is EVP, Global Marketing & Transaction Services at Ingenico
  • TK Cheung – will serve as SPVA Vice Chairman and Chief Technology Officer and is the VP, Global Quality and Security at Hypercom
  • Paul Rasori – will serve as SPVA Secretary/Treasurer, is the SVP, Global Marketing at Verifone

A primary objective of the SPVA will be to bring together industry experts to participate in “Technical Working Groups”. Through their participation, SPVA members can contribute to enrich and develop future security guidelines and acquire first-hand knowledge of current security threats.

Initially, the SPVA will create Technical Working Groups that will focus on critical security topics, such as:

  • Standardized Implementation of Existing Security Standards – with the goal to release a common interpretation of existing security standards. This includes fostering widespread compliance to those promulgated by the Payment Card Industry (PCI) Security Standards Council, EMVco and European Payments Council (EPC).
  • Security of the Payment Device Lifecycle – aimed at developing end-to-end lifecycle management protocols to ensure digitally signed applications, track and manage devices in the field, and suggest security standards and audit procedures over development, manufacturing, supply chain, deployment and repair.
  • End-to-End Encryption – to create recommended implementation guidelines for the encryption of cardholder data utilizing hardware level security
  • Security Threat Analysis and Intelligence – to provide education and resources to educate members of current threats and ways to mitigate them.

Once these types of guidelines and standards are fully developed, the SPVA will establish an “SPVA approval” program targeted at Secure POS system vendors wishing to display the SPVA Logo on their solutions. Merchants, Acquirers and Processors choosing SPVA-approved solutions can then be assured of the highest level of security currently available.

“Hypercom, Ingenico and Verifone hope to act as a catalyst and kick off a common initiative by establishing a forum for industry-wide cooperation. By combining their expertise in the payment systems arena, the three companies are committed to succeed in accelerating widespread adoption of enhanced security guidelines, ” Christophe Dolique, SPVA Chairman, says. Security is the cornerstone of the electronic payment industry and its continuous enhancement among the payment value chain is mandatory to protect all stakeholders’ interests. In the meantime, security must also be synonymous with convenience, cost control and the ability to be easily deployed and maintained. To address this dual challenge, the industry requires a common view through which experiences can be shared and best practices developed. This is the goal of the SPVA.”

The chief executives of the three companies issued the following statements:
“Security is paramount. Hypercom is aggressively focused on providing standards-based security solutions that give customers and consumers confidence that their payment transactions are protected against criminal and negligent acts. Today’s standards have served the industry well, but as criminal attacks become more sophisticated, this industry’s security implementations must evolve to cover the complete secure POS lifecycle. The SPVA will advance security implementations based on the unique perspective and experience of payment vendors around the world,” said Philippe Tartavull, CEO and President, Hypercom.

“Ingenico is strongly committed to further promoting security compliance globally. The formation of an alliance of secure POS payment system vendors will dramatically enhance our customers' ability to fight fraud, while making security more convenient to deploy and to maintain for all stakeholders of the payment ecosystem,” said Philippe Lazare, CEO, Ingenico.

“Secure POS devices represent the entry point for all transactions in retail environments. In this age where criminals are able to pinpoint any weaknesses in the end-to-end system, the obvious place security strategy must begin is as at the point of sale. The SVPA will build on the unique experience of its members and their ‘entry point’ position to advance more secure solutions that lower risk for consumers, merchants and acquirers,” said Doug Bergeron, CEO, Verifone.

To see a Webcast of the announcement, please visit www.spva.org Popup

About Hypercom (www.hypercom.com)
Global payment technology leader Hypercom Corporation delivers a full suite of high security, end-to-end electronic payment products and services. The Company's solutions address the high security electronic transaction needs of banks and other financial institutions, processors, large scale retailers, smaller merchants, quick service restaurants, and users in the transportation, petroleum, healthcare, prepaid, unattended and many other markets. Hypercom solutions enable businesses in more than 100 countries to securely expand their revenues and profits. With its acquisition of Thales e-Transactions in 2008, Hypercom became the second largest provider of electronic payment solutions and services in Western Europe, and solidified its position as the third largest provider globally.

About Ingenico (www.ingenico.com)
Throughout the world, banks and retailers rely on Ingenico for secure and expedient electronic transaction acceptance. Ingenico solutions leverage proven technology, established standards and unparalleled ergonomics to provide optimal reliability, versatility and usability. This comprehensive range of products is complemented by a global array of services and partnerships, enabling businesses in a number of vertical sectors to accept transactions anywhere their business takes them.

About Verifone Holdings, Inc. (www.verifone.com)
Verifone Holdings, Inc. (“Verifone”) (NYSE: PAY), a global leader in secure electronic payment technologies, provides expertise, solutions and services for today with a migration strategy for tomorrow. Verifone delivers solutions that add value to the point of sale, resulting in improved merchant retention and the generation of new sources of revenue for its partners and customers. Verifone solutions are specifically designed to meet the needs of vertical markets including financial, retail, petroleum, government and healthcare.

Safe Harbor Statement under the Private Securities Litigation Reform Act of 1995
This press release includes statements that may constitute forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995, including statements regarding the development, adoption, implementation, interoperability, performance and effectiveness of electronic payments industry security standards, the development of future security standards and guidelines intended to reduce and prevent fraud and other threats to electronic payment transaction integrity, and lower risk for all participants in card payment transactions. These forward-looking statements are based on current expectations and beliefs and are subject to risks and uncertainties that could cause actual results to differ materially from those described in the forward-looking statements. In particular, factors that could cause actual results to differ materially from those in forward-looking statements include: the ability of the Alliance to attract significant industry membership and participation in its activities and adherence to its policies and guidelines; industry, technological and regulatory changes; industry and market acceptance of and compliance with new security standards and guidelines; compliance with disparate certification requirements and government regulations; the state of the U.S. and global economies in general and other risks detailed in the companies’ filings with the Securities and Exchange Commission, including the companies' most recent 10-K and subsequent 10-Qs and 8-Ks. Forward-looking statements speak only as of the date made and are not guarantees of future performance. We undertake no obligation to publicly update or revise any forward-looking statements.

Editorial Contacts:
Candace McCaffery/Carol McEntee
SPVA
404.816.2037
678.640.7822 Mobile
candace@cookerly.com
cmcentee@cookerly.com