Posts by Randy Gainer
In the past, critics of the Payment Card Industry (PCI) Data Security Standard (DSS) have alleged that the DSS requirements either (1) provide little more than a minimal baseline for security with a “check-the-box” compliance approach; or (2) are written vaguely so that the Council can retroactively allege non-compliance and impose fees on merchan… Read the rest
On November 25, 2013, Chief Judge William Haynes filed the latest order in Genesco v. Visa, Civ. No. 3:13-cv-00202 (M.D. Tenn.). In his one-line order, Judge Haynes denied Genesco’s motion for partial summary judgment “without prejudice to renew after a reasonable period of discovery.” Dkt # 217. Genesco had asked for judgment as a matter of… Read the rest
At LSI’s Second Annual Mobile Payments Law Conference in Palo Alto, CA, DWT partner Randy Gainer gave a presentation entitled “Lessons From Recent Data Security Cases.” The presentation focused on the following topics:
What types of alleged damages allow data breach plaintiffs to avoid dismissal of their claims?
Does the economic loss doctrin… Read the rest
In August 2013, the Payment Card Industry (PCI) Security Standards Council released Highlights of new versions of the Data Security Standard (DSS) and Payment-Application Data Security Standard (PA-DSS). The Council is releasing Versions 3 of each of the Standards to about 700 Participating Organizations, including banks, merchants, security as… Read the rest
On May 7, 2013, DWT partner Randy Gainer gave a presentation to the Bank Executive Management Committee on the topic of “Preventing Damages to the Bank and its Customers from Account Takeover Fraud.” His presentation touched on the following issues:
What is account takeover fraud?
How can such fraud damage the Bank and its customers?
What’… Read the rest
The attached presentation entitled “Security of Payment Card Data on Cloud-Based Mobile Payment Platforms” was given by DWT partner Randy Gainer at American Conference Institute’s 5th National Forum on Emerging Payments in San Francisco, CA on March 21, 2013.
The presentation covered topics including:
Cloud-based mobile payment solutio… Read the rest
A federal Magistrate has recommended dismissal with prejudice of all of the cardholder plaintiffs’ claims against payment processor Global Payments, Inc. in a widely-reported data breach case. The plaintiffs seek to recover damages allegedly caused by the 2012 theft of a reported 1.5 million sets of card data from Global Payments’ computer networ… Read the rest
DWT partner Randy Gainer spoke at the Electronic Transactions Association’s annual Compliance Day event in Dallas on November 14. His presentation focused on Mobile Payment Litigation Risks
Such risks include:
Weak computer network and mobile security may permit theft of payment data
Businesses may collect user information from smartphones w… Read the rest
This presentation was originally given at the RAMP Advanced Commerce and Mobile Retail Summit in Chicago, IL on April 4, 2012.
DWT lawyers Randy Gainer, Andrew Lorentz, Ronnie London, and James Mann covered the following topics:
An Overview of the Mobile Payments Ecosystem
Financial Privacy Requirements
Data Security and PCI Compliance
Mobile Communi… Read the rest
The 2011 Payment Card Industry Compliance Report by Verizon once again indicates widespread non-compliance with the Payment Card Industry (“PCI”) Data Security Standards. Only 21% of organizations were compliant at the time of their initial assessment, essentially the same as last year. Organizations are also failing to prioritize their… Read the rest