Visa, MasterCard at Center of Lawsuit over PCI Security Standards

January 12, 2012

Two Utah business owners are suing US Bank after the merchant acquirer attempted to collect on $90,000 in fines imposed by Visa and MasterCard, according to Finextra.

The card companies allege that a lack of stringent payment security at Cisero’s Ristorante and Nightclub resulted in a data breach in which customers’ account details were used later used to facilitate fraudulent transactions.

(Tokenization Report: How to Reduce PCI Compliance Costs)

US Bank withdrew $10,000 from the restaurant’s account and took legal action against owners Stepehen and Cissy McComb in order to collect the outstanding $80,000 in fines.

The owners in their countersuit claim the card industry’s PCI security standards are outdated, and that Visa and MasterCard have yet to offer evidence that the restaurant’s system was attacked. The suit goes on to allege that there was nologic to how the amount of the card companies’ fines were determined, calling them “various shifting numbers based on unexplained calculations”.

“The process is little more than a scheme to extract steep financial penalties from small merchants,” the suit claims.

Click here for more details on the case.