CardSystems Solutions, an online payment processing firm involved in a massive breach of security involving customer information earlier this year, has lost custom from Visa and American Express as a result. Experts said the incident should serve as a stark warning to firms about the need for good IT security.
CardSystems has tightened up security since the breaches, deploying eEye Digital Security's SecureIIS Web Server. But in a statement, Visa spokeswoman Rosetta Jones said CardSystems "has not corrected, and cannot at this point correct, the failure to provide proper data security for Visa accounts".
The credit card giant has given its issuing banks until October to find another processing firm.
American Express has also announced that it will sever its relationship with CardSystems from October.
Security experts said that the incident shows firms why it is important to have a secure online environment for business partners.
"Data is valuable, if you lose it you will lose both clients and face," said Michael Coyle, founder of law firm Lawdit. "It is up to each firm to decide how much to spend on security, but they must have a security policy, and police it regularly."
Ian White, a principle consultant at Cybertrust, advised firms to adopt acknowledged best practices when entering into partnerships where security is crucial. "Ask what [partners'] compliance rules are, find out what standards they follow, check their hiring and firing policies, and see what change-management they have in place," he added.
