Fireman’s Fund Insures Payment Card Security Breach for Retail Stores

January 6, 2009

Fireman’s Fund Insurance Co. is introducing the first coverage for retailers that experience a breach of their payment card security system.

According to the insurer, a single breach of a payment card security system could cost tens of thousands of dollars in penalties and extra expenses and while most retailers, merchants, and service providers including restaurants are aware of the risks of credit and debit card fraud, they may not realize the cost and extent of the penalties and other expenses they face from a breach in their payment systems.

Main Street businesses are particularly vulnerable because they often don’t have the resources to properly manage their risk.

Large or small, any business that falls out of compliance with Payment Card Industry (PCI) Data Security Standards can face steep contract penalties or negative publicity. The cost of compliance can include the extra expenses to upgrade and certify that their software systems are up to date with the latest PCI standards.

A merchant could find itself out of compliance with applicable data security standards for a number of reasons, including improperly storing cardholder data on point of sale systems connected to the Internet or wireless networks; using system default passwords instead of customized passwords or exposing unsecured networks to the Internet.

“It is very important for merchants to be aware of and be prepared to absorb the additional expenses associated with a payment card data breach,” said Brian Gerritsen, product director, Fireman’s Fund Insurance. “A substantial contractual penalty or expensive payment system upgrade could be financially devastating for a small business.”

Payment card security insurance offers the following coverages:

Reimbursement for contractual penalties, chargebacks and payment card reissuing expenses outlined in the business’ merchant service agreement

Upgrades to software and hardware systems (including installation and re-scanning services) to bring the payment system into compliance

Extra expense for late payment fees and other bank service charges related to the data breach

Crisis management expenses to restore reputation

Extra expense for promotional items such as restaurant gift certificates or service coupons for the affected individuals in the data breach

Fireman’s Fund also offers tools to help identify data security risks and reduce the potential for losses on its Risk Management Web site. Consulting services will be offered through Trustwave, an information security and compliance company.

Source: Fireman’s Fund

Topics Cyber

Was this article valuable?

Here are more articles you may enjoy.