Merchants caught in middle of Heartland, VeriFone dispute

Computerworld - Tens of thousands of customers of Heartland Payment Systems are finding themselves caught in the middle of an escalating war between the payment processing vendor and point-of-sale terminal vendor VeriFone Inc.

Both companies are angrily accusing each other of a litany of misdeeds and have filed a total of four lawsuits in three courts over the past two months.

The dispute is threatening to push back industry efforts to implement new encryption technology for protecting credit and debit card data. It has also left thousands of merchants in serious doubt about the quality of support they will receive for their point-of-sale (PoS) systems over the next few months.

At the center of the dispute is a tamper-resistant security hardware design for payment processing terminals that Heartland is planning to use in its new E3 end-to-end encryption system.

The technology is designed to enable merchants to encrypt card data from the moment a card is swiped at a payment terminal to the point where it comes to rest at the card issuing bank. Besides offering E3 to other PoS vendors, Heartland is planning on manufacturing its own terminals featuring E3 technology.

Heartland launched the encryption effort in the wake of the disastrous systems intrusion last year that exposed data on more than 100 million credit and debit cards. It's the first major end-to-end encryption effort in the industry.

The Princeton, N.J.-based Heartland is one of the largest payment card processors in the country with more than 250,000 merchants using its transaction processing services. Of those, about 175,000 merchants use VeriFone's payment terminals. Heartland claims that less than 50% of its customers user VeriFone terminals.

VeriFone sued Heartland in September, claiming infringement of VeriFone's tamper-resistant security technology in building E3. VeriFone claimed that Heartland was gearing up to be a competitor by manufacturing its own PoS terminals featuring the E3 technology.

In the weeks since filing the lawsuit, VeriFone has mounted a vigorous communication campaign warning Heartland customers about the potential disruptions they could face if they fail to register with VeriFone by Dec. 31. In statements posted on its Web site, press releases and court filings, VeriFone has questioned Heartland's ability to continue supporting VeriFone terminals after Dec. 31.

Verifone has also filed a second lawsuit over misleading claims by Heartland.

"If Heartland were to be cut from any support, its customers would be forced to reach out directly to VeriFone," a VeriFone spokesman said today in an e-mail. After Dec. 31, Heartland merchants who do not make other arrangements have no assurance of software updates, troubleshooting or other intervention by VeriFone, the spokesman said. "Heartland certainly cannot by itself update and maintain VeriFone code and to claim otherwise is ludicrous," he said.