Tokenization Vs. End to End Encryption #PCI
A recent study conducted by PriceWaterhouseCoopers on behalf of the Payment Card Industry Security Standards Council shows that end to end encryption and tokenization are the top choices for companies seeking to employ new emerging technologies to protect payment card and other critical data. And both approaches have their public proponents, including Heartland Payment Systems [...]
Call centre data standards ‘routinely ignored’ #PCI
More than 95% of call centres were found to store customers’ credit card details in recordings of phone conversations in breach of industry rules, according to a survey conducted by a call recording technology company.
Veritape said that when it talked to 133 call centre managers, only 39% of them knew about industry rules against the [...]
Lawsuit: A Heartland Manager Resigned Because Of PCI Compliance Issues
Heartland relationship managers were told that PCI compliance was not a big deal. One of Heartland’s relationship managers resigned on or around April 23, 2009, in part because of Heartland’s statements regarding its PCI compliance
via StorefrontBacktalk » Blog Archive » Lawsuit: A Heartland Manager Resigned Because Of PCI Compliance Issues.
Visa creates guidance for merchants wanting to encrypt #PCI
Visa on Monday released a best practices document for merchants considering adoption of end-to-end encryption, an emerging technology used to mask cardholder data from point-of-swipe through processing.
The guidance is meant to fill a temporary void until industry standards are established by the American National Standards Institute, Jennifer Fischer, senior business leader in Visa’s payment system [...]
Upwards of 55% of credit card fraud comes from the hospitality industry #PCI
Upwards of 55% of credit card fraud comes from the hospitality industry (The PCI Compliance Process for Hotels, American Hotel & Lodging Association).
via PCI Compliance – Why spas, hotels and resorts can no longer ignore it! – By Fauzi Zamir, COO, ResortSuite :: Hotel News Resource.
HEARTLAND Lawsuit filed #PCI
Months before announcing the Heartland Payment Systems (HPY) data breach, company CEO Robert Carr told industry analysts that the Payment Card Industry Data Security Standard (PCI DSS) was an insufficient protective measure.
This is a class action lawsuit brought by the FI Plaintiffs,
individually, and on behalf of similarly situated banks, credit unions and
other financial institutions that [...]
PCI-DSS – I am certified, therefore I am secure #PCI
Interesting article …
PCI has done a LOT to further security in an industry where information security was never considered a topic worth mentioning. I can remember 5-7 years back when retailers were all about razor-thin margins (they still are – that hasn’t changed) and security to them meant physical security – guards, sensors, cameras – [...]
The Two Scenarios Coming From The PWC PCI Report
The consultants at PWC began with an analysis of 12 security technologies that emerged from 160 interviews with industry players, and then narrowed the list for their “deep dive” investigation to several that they concluded had the best potential to be automated, could be integrated with existing infrastructures and could have a meaningful potential impact [...]
Defending PCI: ‘Don’t Blame the QSA’s’
The problem was with the QSA.’ Okay, tell us what the QSA did wrong, why the problem was the QSA. Show us what the QSA did wrong. A lot of these QSAs have been through the QA process — they go through it once a year, have been through it, and we found nothing that [...]
PCI virtualization SIG closer to proposing changes to standard
The PCI Virtualization Special Interest Group is trying to find consensus before proposing ways to add the technology to the Payment Card Industry Data Security Standards (PCI DSS). The group is meeting this week at Mandalay Bay Resort and Casino in Las Vegas, where the Payment Card Industry Security Standards Council (PCI SSC) is holding [...]
