When we last left CardSystems Solutions, the company that exposed more than 40 million credit card accounts to fraud, it was on the ropes. They needed to meet a compliance deadline of August 31, 2005 to retain MasterCard as a customer - after losing American Express and Visa.

In the latest updates available, CardSystems Solutions, which handles transactions for 119,000 merchants, announced on Sept. 1 that AmbironTrustWave, a security assessment firm, submitted a report on compliance by the Aug. 31 deadline to its four largest accounts - MasterCard, Visa, American Express and Discover. The report, which resulted from a Payment Card Industry (PCI) Data Security Standard audit, detailed the security protocols of the company's network environment that specifically processes and/or transmits credit card data.

According to CardSystems president and CEO John Perry, "In performing its assessment, AmbironTrustWave scrutinized every aspect of our operations. AmbironTrustWave audited the security of our network, the steps that our 110 employees take to safeguard cardholder data, our vulnerability management program, our information security policy and our ability to regularly monitor and test our network."

The report stated that CardSystems had implemented a fully encrypted processing network for both data transmission and storage. In addition, by segmenting its network with a series of internal and external firewalls, CardSystems' infrastructure was now properly segregated to ensure that only appropriate communications would occur. The report concluded that CardSystems meets PCI standards.

What remains to be seen is whether CardSystems can woo back its former behemoth clients, American Express and Visa. If not, the company may not have enough business to survive. What the breach has done, however, is to shine a light on the importance of data security.

In a related story in the Atlanta Journal-Constitution, Larry De Palma, chief executive of De Palma Group, a Hudson, N.H.-based payments consulting firm said, "This [CardSystems' breach] is a wake-up call that the compromise in data security needs to be addressed." In 2004, the industry processed about 40 billion transactions worth $ 1.6 trillion in the United States alone. Security breach incidents such as ChoicePoint's, CardSystems and more left 48 million consumers - roughly one-sixth of the U.S. population - at risk for fraud, according to an Atlanta consulting firm, Internet Security Services.

Finally, Phil W. Tomlinson, chief executive officer of Columbus, Ga.-based Total System Services (TSYS), which is one of the world's largest card payment processors, managing transactions on more than 420 million card accounts, said, "Everyone in this business has got to understand that their security represents a real reputational risk, not only for them, but also for the long-term health and well-being of the entire industry." TSYS, which is 81 percent owned by Synovus Financial, moves payments between the banks of credit card holders and the banks of the merchants where those cards are used. "We can't allow these breaches to continue," he said. "If not, the regulators will do it for all of us, and it will not eliminate the sloppy or rogue players."