San Diego’s Metropolitan Transit System (CA) has acknowledged that its Compass Card fare collection system does not meet industry security standards.
The Payment Card Industry Data Security Standards, or PCI DSS, are designed to reduce credit card fraud. PCI DSS includes standards for encrypting cardholder data, maintaining firewalls, and routinely testing security systems.
The Compass Card was developed about 10 years ago by Cubic Corporation. The San Diego Association of Governments managed the system until MTS took over in July 2014.
Read the full article at http://www.thetransitwire.com/2016/03/03/san-diego-smart-card-has-security-gaps/.