Breach Assist provides a layer of financial protection to safeguard the merchant’s business by providing up to $100,000 per merchant location and up to $500,000 per event involving multiple locations*. Additionally Breach Assist provides up to $25,000** of coverage for post-breach hardware and software upgrades to allow for investment in new payment card industry technologies such as EMV dual interface terminal.*Worldpay is not an insurance company and Breach Assist is not insurance. Breach Assist provides a contractual indemnity waiver for amounts the merchant would otherwise be obligated to reimburse/indemnify Worldpay and is subject to the terms and conditions of participation in the program. **$25,000 coverage for hardware and software upgrades will apply against the $100,000 total for the merchant.
Breach Related Expenses
The cost of a data security breach can vary depending on the size and duration of the compromise, but it could easily be enough to jeopardize your business if you don’t have a program in place to help with your expenses in the event of a breach.
Breach Assist can help with the following expenses:
Forensic Audit Expenses
- Cost associated with the mandatory third party forensic investigation required by the card associations for suspected or confirmed breaches.
- General cost range: $8,000 to $20,000 for Level 4 merchants involving a single location.
Card Replacement & Monitoring Costs
- Issuer cost associated with compromised card replacement or account monitoring to watch for potential fraud.
- General cost range: $3 to $5 per card replacement.
- Association non-compliance fines that may be assessed depending on the size of the business and circumstances that led to the breach.
- General fine range: $5,000 to upwards of $500,000.
Account Data Compromise Recovery Costs
- Issuer fraud loss recovery from fraudulent transactions attributable to the compromise.
- General cost range: Can vary depending on the size and scale of the breach.
We understand that PCI DSS compliance can be intimidating, especially for smaller merchants. That’s why Worldpay has partnered with Trustwave®, an industry leader in information security and compliance, to help you simplify the process with PCI Assist.
PCI Assist is a set of online tools that have been specially developed with Level 4 Merchants* in mind. With a wizard-style interface and an online security advisor, you’ll be advised on adopting best practices and following important steps that lead to your PCI DSS compliance and validation.
*Level 4 Merchants are those processing less than 1 million transactions annually from all acceptance channels with one card brand, or those processing less than 20,000 e-commerce transactions annually with one card brand.
Data security is constantly evolving. That’s why PCI DSS compliance must be maintained and validated every year. PCI Assist walks you through the process step-by-step and provides tools and best practices to help keep your business secure.
PCI Assist includes access to:
- The Trustwave TrustKeeper® compliance portal for PCI DSS validation services, featuring the PCI Wizard to help identify your business’ steps for compliance
- The Security Policy Advisor to help you comply with PCI DSS policy requirements and develop your own unique internal best practices
- TrustKeeper’s external monthly vulnerability scanning tool to schedule and test for over 5,000 vulnerabilities
- Online help, tutorials, and educational materials
Encryption helps protect merchants from data compromise by changing sensitive cardholder data and making it unreadable within the merchant’s environment. Encryption protects customer transaction data in transit from the time the card information is read at the point of sale to when it reaches Worldpay’s processing center. Encryption conceals sensitive payment information rendering it useless to hackers. This added security can also help reduce the scope of compliance requirements for merchants.
Tokenization also helps merchants reduce the risk of keeping card data in their systems. Where Encryption protects data in transit, Tokenization protects data at rest by replacing sensitive data with surrogate data, or a token, that looks card data but is meaningless outside merchant environment to anyone that gains unauthorized access to the data. Worldpay tokenization requires a separate field besides the Primary Account Number (PAN). Our tokens have the option of preserving some of the original PAN digits (last 4 digits or first 6 and last 4 digits) in order to provide safe interaction by merchants using tokens.