Global Payments Inc. has "essentially completed" its data intrusion remediation efforts and will soon have its response to last year's massive breach of merchant and consumer card data reviewed by the major card networks—the final step before it can return to the networks' list of approved PCI-compliant vendors, according to executives of the Atlanta-based merchant processor.

In an earnings call with analysts Jan. 8, CFO David Mangum said the company is "right on the goal line," in moving past the attack it suffered in January and February 2012, when data from as many as 1.5 million card accounts was exposed.

Global Payments is awaiting final certification from the outside qualified security assessor that reviewed the steps it took to ensure compliance with Payment Card Industry security standards. With that, the company can submit itself for the card networks' evaluation.

"We believe we are looking at a matter of weeks to return to the list of PCI-compliant companies," Mangum said on the call.

When news broke of the breach in March, trading of Global Payments stock on the Nasdaq exchange was temporarily suspended. Visa then removed the company from its list of PCI-compliant vendors.

The breach went beyond consumer card data and included merchant data used in underwriting new applicants. While Global Payments said it did not have evidence that fraudsters obtained or misused the merchant applicants' information, the servers that contained that information were possibly accessed by an unauthorized party.

Global Payments' net income rose 15% to $70.2 million from a year earlier in its 2013 fiscal year second quarter, which ended on Nov. 30. Its revenue rose 11%, to $588.5 million.

The company also reduced its estimate of fraud losses, fines, and other charges by $31.5 million.

"We have now reached resolution with certain networks, resulting in charges that were less than our initial estimates," Mangum said. "However, we continue to anticipate that full-year 2013 expenses for the data intrusion will total $25 million to $35 million, as insurance proceeds will now possibly occur in fiscal 2014 rather than 2013."

Subscribe Now

Authoritative analysis and perspective for every segment of the payments industry

14-Day Free Trial

Authoritative analysis and perspective for every segment of the industry