BreachExchange mailing list archives

Re: Best Western Response

From: "DAIL, WILLARD A" <ADAIL () sunocoinc com>
Date: Tue, 26 Aug 2008 16:20:31 -0400




        -----Original Message-----
        From: DAIL, WILLARD A
        Sent: Tuesday, August 26, 2008 3:02 PM
        To: dataloss () attrition org
        Subject: RE: [Dataloss] Best Western Response


        Good point.  The hospitality industry is one where franchisees
or local owners participate in branding, so any given location may or
may not be company owned.
        
        

                -----Original Message-----
                From: dataloss-bounces () attrition org
[mailto:dataloss-bounces () attrition org] On Behalf Of JAMES RITCHIE
                Sent: Tuesday, August 26, 2008 2:41 PM
                To: Harris, Michael C.; dataloss () attrition org
                Cc: macwheel99 () wowway com
                Subject: Re: [Dataloss] Best Western Response
        
        
                Loophole that is found.
        
                If each local hotel gains their own merchant ID,
processes the transaction through a payment gateway that is not the
corporate headquarters, then their level will be determined on that
merchant ID, not the aggregate of all the hotels.
        
                If each hotel processes through corporate headquarters
(now becomes the gateway) to the payment gateway, then the aggregate of
all hotels would be combined into one.
        
                I have seen where each location was forced to get their
own merchant ID and payment gateway to keep the transactions down, thus
keeping the cost of audits down.
        
                
                James Ritchie
                http://www.linkedin.com/pub/1/b89/433
        
                



This message and any files transmitted with it is intended solely for the designated recipient and may contain 
privileged, proprietary or otherwise private information. Unauthorized use, copying or distribution of this e-mail, in 
whole or in part, is strictly prohibited. If you have received it in error, please notify the sender immediately and 
delete the original and any attachments.

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

Current thread:

Re: Best Western Response, (continued)
- - - Re: Best Western Response DAIL, WILLARD A (Aug 26)
    - Re: Best Western Response Jamie C. Pole (Aug 26)
    - Re: Best Western Response security curmudgeon (Aug 26)
    - Re: Best Western Response Michael Hill, CITRMS (Aug 26)
    - Re: Best Western Response Jamie C. Pole (Aug 26)
    - Re: Best Western Response Daniel Clemens (Aug 26)
    - Re: Best Western Response Jamie C. Pole (Aug 26)
    - Re: Best Western Response security curmudgeon (Aug 26)
    - Re: Best Western Response Jeffrey Walton (Aug 26)
- Re: Best Western Response JAMES RITCHIE (Aug 26)
- Re: Best Western Response DAIL, WILLARD A (Aug 26)