Compliance Software » mastercard

Roundup of largest data breaches / incidents

compliancesoftware — Tue, 07 Sep 2010 14:31:31 +0000

records date organizations 130,000,000 2009-01-20 Heartland Payment Systems, Tower Federal Credit Union, Beverly National Bank 94,000,000 2007-01-17 TJX Companies Inc. 90,000,000 1984-06-01 TRW, Sears Roebuck 76,000,000 2009-10-05 National Archives and Records Administration 40,000,000 2005-06-19 CardSystems, Visa, MasterCard, American Express 26,500,000 …

3-D Secure (3DS) – Verified by Visa insecure

compliancesoftware — Thu, 04 Feb 2010 17:16:35 +0000

Security Researchers in the UK say that the 3-D Secure (3DS) system for credit card authorization, a protocol that was “developed by Visa to improve the security of Internet payments,” has significant security weaknesses. It is used by both of the …

PCI DSS Names New Chair

compliancesoftware — Thu, 28 Jan 2010 00:07:16 +0000

On Jan 25th, the PCI Security Standards Council, a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) Security Requirements and the Payment Application Data Security Standard (PA-DSS), …

MasterCard: December PCI Deadline Change Not For Holiday Conflict

compliancesoftware — Thu, 07 Jan 2010 13:52:20 +0000

MasterCard’s decision to reverse itself on its end of year 2010 deadline for new Level 2 PCI requirements was not based on retail complaints or on avoiding the hectic holiday period for merchants, according to a key MasterCard manager heading …

MasterCard Blinks, Drops Dec. 31 Level 2 PCI Deadline

compliancesoftware — Sat, 19 Dec 2009 03:13:32 +0000

The first MasterCard change made this month was pushing the Dec. 31, 2010, deadline back six months, to June 30, 2011. But MasterCard has also made two other key PCI changes. It has redefined what Level a retailer is (Level …

PCI Human Train Wreck Coming Next Year For Level 2s

compliancesoftware — Tue, 01 Dec 2009 02:01:43 +0000

Many Level 2 merchants are just now realizing that their PCI world has changed. Under rules announced this summer, Level 2 MasterCard merchants—like their Level 1 brethren—will require an onsite assessment by a QSA starting in 2010. via StorefrontBacktalk » …

MasterCard Vs. Visa: Dueling Compliance Philosophies

compliancesoftware — Wed, 19 Aug 2009 12:27:56 +0000

People don’t seem to “get” MasterCard. For most of the last 4 years, MasterCard has been criticized for their apparent willingness to let Visa play the “bad guy” who issues fines to acquiring banks (and, through them, to merchants), who …

MasterCard Becomes The First Card Brand To Publish PCI Fines

compliancesoftware — Thu, 06 Aug 2009 13:39:04 +0000

The noncompliance assessment structure now contains escalating assessments per violation within a calendar year,” said the document sent to members earlier this summer. “Maximum assessments for initial noncompliance for Level 2 and Level 3 merchants have increased to $25,000 and …

MasterCard seeks to clarify remote POS security upgrades policy #PCI

compliancesoftware — Sat, 11 Jul 2009 03:13:36 +0000

MasterCard today clarified a June 15 bulletin about the use of remote key injection (RKI) services for upgrading encryption protocols on merchants’ point of sale (POS) terminals, saying it was not an edict. via MasterCard seeks to clarify remote POS …

MasterCard halts remote POS security upgrades #PCI

compliancesoftware — Thu, 09 Jul 2009 12:02:10 +0000

In a purported second major security change in recent weeks, MasterCard has decided to disallow merchants’ use of remote key injection (RKI) services to install new encryption keys on point-of-sale (POS) systems, says a Gartner analyst. via MasterCard halts remote …