The Federal Trade Commission has settled charges with CardSystems Solutions, Inc. and its successor, Solidus Networks over the firm’s failure to protect sensitive financial and personal information of tens of millions of consumers, which led to millions of dollars in fraudulent purchases.
This settlement will require CardSystems, doing business as Pay By Touch Solutions to implement a comprehensive information security program and obtain audits by an independent third-party security professional every other year for 20 years.
This case is similar to prior FTC actions involving alleged failures to secure credit and debit card information. As in the prior cases, CardSystems faces potential liability in the millions of dollars under bank procedures and in private litigation for losses related to the breach.
“CardSystems kept information it had no reason to keep and then stored it in a way that put consumers’ financial information at risk,” said Deborah Platt Majoras, chairman of the FTC in a statement.
According to the FTC, CardSystems provided merchants with products and services used in “authorization processing”
Network
