PCI
I Wonder If My Card Issuer Has A ROC?
The question is, because issuers demand retailers and service providers be PCI compliant, should they not practice the same discipline, go through the same process and lead the way by complying with the same guidelines to protect cardholder data? Let’s look at each of the three reasons I think issuers should want to ensure they [...]
QSA’s View on PCI Compliance for Mail Orders
Many orders still flow through this payment channel and, as is the case with all cardholder data, it must be secured, handled in compliance with the PCI DSS via QSA’s View on PCI Compliance for Mail Orders.
Merchants lose $89m in credit card fraud
THE huge growth in the payment of goods or services over the internet, or by phone or mail, is responsible for the loss by merchants of about $89 million last year through fraud when credit cards used in a business transaction are not seen by the seller. via Merchants lose $89m in credit card fraud [...]
Visa Clarifies Security Rules
This week Visa Inc. said it’s going to reduce unnecessary storage of sensitive card information in merchant payment systems. Specifically, Visa is clarifying that existing operating regulations ensure acquirers and issuers allow merchants to present a truncated, disguised or masked card number on a transaction receipt for dispute resolution in place of the full 16-digit [...]
13 essential steps to integrating control frameworks – CSO Online
# The organization must understand which frameworks or framework elements are needed to address, at a minimum, the critical security concerns. When addressing control requirements, more is not necessarily better, and each additional control entity represents an investment in time, money, and effort. # Choose a base framework to use. An organization should identify a [...]
Visa tightens rules for small sellers • The Register
From 1 July small and medium enterprises using electronic point of sale terminals and e-commerce systems need to reach basic compliance with an entry-level version of the standard or face higher merchant fees or, in extreme cases such as in the aftermath of security breaches, the withdrawal of merchant statuses. Larger firms need to comply [...]
Tokenization and encryption for #PCI compliance
Tokenization and encryption may be the best solution to one of the biggest data-security challenges facing merchants: how to protect confidential payment card information against emerging threats without disrupting normal business operations. That’s according to a security brief released on Tuesday by RSA, the Security Division of EMC. Security experts from processor First Data Corp. [...]
PCI Standards Stretched To Three-Year Cycle
Merchants have gained some welcome breathing room for complying with PCI: The PCI Standards Council today announced its standards cycle will move from a two- to three-year cycle.The extra year between new versions of the PCI DSS, PA-DSS, and PCI DTS standards came in response to complaints from merchants and others in the secure payment [...]
Do You Have What It Takes To Pass Your Payment Card Industry Audit? #PCI
With every company reliant on software to run its business, an alarming rise in data breach incidents across industries, but especially credit card processing, means application security is becoming an increasingly critical part of any organisation’s overall IT security strategy. For organisations that store, transmit or process credit card information, it is vital as they [...]
Ukrainian arrested in India on TJX data-theft charges
Ukrainian national has been arrested in India in connection with the most notorious hacking incident in U.S. history. Sergey Valeryevich Storchark was one of 11 men charged in August 2008 with hacking into nine U.S. retailers and selling tens of millions of credit card numbers. He was arrested in India earlier this week, according to [...]
