YOU ARE AT:Network InfrastructureWith new guidelines, products, Wi-Fi vendors hope to guard against credit card...

With new guidelines, products, Wi-Fi vendors hope to guard against credit card theft: Moto, Aruba shill new WLAN products to securely conduct wireless transactions

With new restrictions in place for businesses that use wireless local area networks to process credit card transactions, two rivals are now offering solutions that meet the security guidelines issued by the Payment Card Industry Security Standards Council. Aruba Networks Inc. and Motorola Inc. each recently launched new products that are geared to comply with enhanced security guidelines for merchants and service providers that store, process and transmit cardholder data through wireless networks.
Aruba unveiled its AirWave Wireless Management Suite 6.2. Motorola’s Enterprise Mobility Unit showed off an array of solutions that are not only geared to meet the new guidelines but enhance the shopping experience for customers, the company said.
Last year, the Payment Card Industry council approved new guidelines after two years of examining the issue. The security standards are geared to protect consumers and ward off hackers from stealing credit and debit card information through wireless networks.
The council is a global standards body that oversees the PCI security standards and was formed by major card brands including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.
The new standards went into effect at the start of this year, and businesses that don’t comply could face penalties, including fines or restrictions on accepting card payments.
In 2007, authorities made 11 arrests after more than 40 million customers had their credit and debit card information stolen from TJX Companies, which operates retail stores TJ Maxx and Marshalls. A major reason why the hackers were able to steal the credit card information between 2003 and 2007 was because of an unsecured wireless access point, according to authorities.
To comply with the new guidelines, retailers must build and maintain a secure network, which includes installing and maintaining a firewall to protect cardholder information. Retailers must also encrypt transmissions when using a public network and use and update anti-virus software.
Retailers must also track and monitor all access to network resources and cardholder data, and regularly test the network. Companies must also do an annual audit.
New products on the scene
Aruba’s management suite addresses the new guidelines and compliance reporting requirements, the company said. Aruba’s suite has enhanced rogue access point detection, password authentication and maintains an external audit trail.
“What we are offering is a management suite that solves all the problems in regard to compliance with one product,” said Manav Khurana, who heads up industry marketing for Aruba.
Bryan Wargo, general manager of Aruba’s Airwave division, said the company not only put a heavy emphasis on security but also on meeting PCI standards for comprehensive reporting and auditing – which could take hundreds of hours if done manually.
“Retailers are spending a lot of dollars to make sure they are secure and compliant,” he said. “This is an automated process for retailers. It will save a company money and time.”
Petco Animal Supplies Inc. is using Aruba’s solutions to achieve PCI compliance. Petco has 950 stores in 50 states that offer pet-related products and services. The company recently updated its wireless system with Aruba solutions to enhance security and cut costs, said J. Smith, Petco VP of network and store systems.
“Aruba has been a stellar partner for us, and helped us field a solution tailored specifically to our needs,” Smith said in a statement.
Wargo said Aruba’s new management suite will be available in February, and existing customers will be able to download the new version for free.
A rival offering
Motorola is offering a new mobile payment module and a wireless firewall.
“Motorola is helping retailers tailor their offerings to meet the changing needs of shoppers through secure access to data and information, when and where they need it,” Frank Riso, Motorola senior director of retail solutions, said in a statement.
Motorola’s mobile payment module is PCI compliant and is designed to allow businesses to conduct transactions while customers wait in line at a store or sit at a table at a restaurant.
Motorola’s firewall provides a clean separation between wireless and wired networks, the company said. The wireless firewall is designed to ensure that credit and debit card information is safeguarded at all times, with traffic inspection at every network layer. Motorola officials also said that its access points, switches and mobile computing devices also meet the new PCI security standards.
To help retailers comply with the new standards, PCI has information on its Web site and the National Federation of Retailers has issued a guide that details how leading retailers are dealing with the new requirements.

ABOUT AUTHOR