West moves to hack-proof systems
Over 150 locations in the territory to update credit card processing
The Western Territory launched an effort to better safeguard the personal information of its supporters from theft and hacking.
The Long Beach (Calif.) Family Thrift Store became the first facility in the territory to install new, safer point of sale (POS) systems as part of a territory-wide initiative to update credit card processing at adult rehabilitation center (ARC) Family Stores, Kroc Centers and websites by June 2015.
“Once complete, every customer, supporter or member should feel safer about doing transactions with The Salvation Army,” said Tim Schaal, Information Technology (IT) director in the Western Territory, adding that updating these systems will better protect The Salvation Army from the type of security breach that hit Target late in 2013.
The retail giant reported that 40 million customers had credit or debit card information stolen and that as many as 70 million customers had personal information such as their name, address, phone number and email address hacked due to malware on point of sale systems.
Sales at Target stores nationwide subsequently dipped up to 6 percent, and the company said that the costs associated with the hacking would negatively impact its earnings.
The West’s IT, Business Administration, Kroc Community Centers and ARC Command are working to divert the Army from a similar fate.
The Payment Card Industry (PCI) Compliance standards place each retailer on a scale of 1-4—one being the highest—depending on its number of annual Visa or MasterCard transactions. Elavon, which processes the Army’s credit card transactions, recently promoted the Army from a level 4 to a level 2 after its number of annual transactions increased to over 1 million.
With the upsurge in transactions comes a greater level of scrutiny on the Army’s security measures.
The POS systems in ARC Family Stores process the payments that directly fund the in-residence rehabilitation program offered through the ARC.
According to Schaal, the Army’s new POS systems “instantly encrypt” a customer’s credit card information the moment the card is swiped, allowing for a safe and seamless transaction.
The technology will also be incorporated into the Army’s credit card processing on the web for transactions such as Kroc Community Center sales, event registrations and TradeWest purchases.
Moreover, the new systems will be compatible with emerging credit card payment technologies such as Apple Pay and Chip and PIN.
While it may be impossible to totally eliminate the possibility of a security breach, IT Project Manager Jamie Ehrl said the move toward PCI Compliance helps the Army maintain its status as a trusted brand and financial steward.
“Ultimately,” she said, “this reduces liability for the Army and it’s safer for the customer.”