Vlad:
As the CEO of GRS / FireFly, I’d like to address these posts directly. First, let me say that we are disappointed to hear of any client who is not satisfied with our products or services. I would like the chance to speak with you directly to clear up any problems and see if we can turn things around. Please contact me at 800-750-3947 or send me a PM so that we may try to improve the situation for you.
Regarding the credit card breach that was mentioned, I wanted to share some information that is important to all restaurant owners. We’ve all heard of PCI compliance, but many restaurant owners are not taking it seriously enough. At GRS, we take it very seriously. The FireFly POS software is certified PA-DSS compliant. Since 2008, FireFly shipped and recommended network security devices that met PCI guidelines.
We also took steps to communicate to all clients, some of whom were using older equipment, that network security upgrades were recommended. Unfortunately, not all clients took steps to upgrade and secure their networks as suggested. And unfortunately, a small number of FireFly clients were among the nearly 5,000 merchants nationwide who were victims of credit card fraud in 2011, a 286% increase over 2010 levels.
I want to be clear - Starting in 2008, we provided updated security recommendations to our customer base. 100% of our clients that acted our security recommendations and followed strict security guidelines were never breached. Only those few that did not act on those recommendations were impacted.
This type of fraud is epidemic, and, like in the case experienced by these clients, is often directly related to insecure network practices, NOT the POS software itself. While GRS does not provide network security services, we do partner with VendorSafe, a PCI managed network expert, whom we recommend to assist clients with securing their networks and meeting other PCI-related obligations. We also recommend that clients upgrade their credit processing solutions - for instance we offer a 100% encrypted and tokenized solution that keeps all card data out of the store completely.
Network security practices are constantly evolving in an attempt to stay one step ahead of the bad guys. All restaurant owners should take a serious look at their technology, especially if installed prior to the PCI mandates that occurred in 2010, and ensure that they have the latest upgrades to their software and network security to keep them safe.