Call centre data standards ‘routinely ignored’ #PCI
More than 95% of call centres were found to store customers’ credit card details in recordings of phone conversations in breach of industry rules, according to a survey conducted by a call recording technology company.
Veritape said that when it talked to 133 call centre managers, only 39% of them knew about industry rules against the [...]
Lawsuit: A Heartland Manager Resigned Because Of PCI Compliance Issues
Heartland relationship managers were told that PCI compliance was not a big deal. One of Heartland’s relationship managers resigned on or around April 23, 2009, in part because of Heartland’s statements regarding its PCI compliance
via StorefrontBacktalk » Blog Archive » Lawsuit: A Heartland Manager Resigned Because Of PCI Compliance Issues.
IT managers under-estimate the impact of data loss: survey
A mere seven per cent of respondents to a survey on data management believed data loss has a “high” impact on a business.
via IT managers under-estimate the impact of data loss: survey – Network World.
PCI Security Standards Council Invites Industry Feedback
In response to a letter from several retail trade associations suggesting changes in PCI (Payment Card Industry) data security standards, the PCI Security Standards Council here invited the trade groups to participate in the feedback process beginning on July 1 to shape the next version of the standard.
“We encourage all Participating Organization stakeholders, including the [...]
PCI and Fraud Analysis: To Have and Have Not
As merchants work to reduce the scope of PCI compliance and the risk due to having credit card data in their environment, some companies are actually taking access to this data away from people who need it to do their job, including the managers who are charged with investigating fraudulent credit card transactions. Instead of [...]
SAS 70 audits and PCI DSS: Four critical keys for cost-effective compliance
SAS 70 audits and PCI DSS assessments are fast becoming two of the most widely recognized and “must have” compliance initiatives for many businesses in today’s growing regulatory environment. Sarbanes Oxley, HIPAA, and other federally mandated legislative acts have pushed Statement on Auditing Standards No. 70 (SAS 70) into the forefront of compliance. Similarly, the [...]
Heartland Hit With $12M Breach Tab – InternetNews.com
Compliance was already on every manager’s mind before Heartland Payment Systems reported that a breach early this year cost it $12.6 million during Q1, 2009 in expenses and accruals.
Of those costs, $6 million were in fines from MasterCard and almost $1 million from Visa for alleged failures in PCI compliance.
via Heartland Hit With $12M Breach [...]
PCI Security Standards Council Expands PIN Entry Device Security Requirements Program – DarkReading
WAKEFIELD, Mass., Apr. 20, 2009 — The PCI Security Standards Council, a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PCI PIN Entry Device (PED) Security Requirements and the Payment Application Data Security Standard (PA-DSS), today expanded its PIN Entry Device Security Requirements program to cover [...]
Visa leads effort at PCI conference to minimise payment information vulnerability
Visa opens PCI Dubai Conference
Dubai, UAE 14 April 2009: Visa International, the leading payment solutions provider, has participated in PCI Dubai, the leading payment industry conference and addressed stakeholders from across the GCC payment industry on various issues surrounding data security and payment card fraud. Participants also shared best practices, emerging technologies, and discussed ongoing [...]
PCI Compliance: Frequently Asked Questions
Payment card industry compliance is confusing for many ecommerce merchants. But it potentially affects every merchant that accepts credit cards payments. Failure to understand the PCI compliance standards could result in higher merchant account fees and fines from the credit card issuers.
Merchants oftentimes have similar general questions on PCI compliance. We posed some of them [...]
