Compliance Software » PCI

uPromise and FTC

compliancesoftware — Thu, 12 Jan 2012 16:07:58 +0000

The FTC alleged that after the personalized offers feature was enabled, extensive information was collected from the user and transmitted to Upromise, including the names of all websites visited, all links clicked by the user and information that users entered …

Study sees 8 percent rise in unencrypted payment card data

compliancesoftware — Tue, 20 Dec 2011 15:45:02 +0000

A study published today by merchant data security leader SecurityMetrics shows 71 percent of merchants who entered the study were found to store unencrypted payment card data in 2011, which is an increase of 8 percent since 2010. via Study …

2011 PCI Community Meetings Break Record for Number of Attendees #pcicm

compliancesoftware — Fri, 21 Oct 2011 00:13:33 +0000

Marking the PCI Council’s 5th year in existence, close to 1600 stakeholders representing 650 organizations globally attended the 2011 meetings, compared with 323 at the Council’s first gathering in 2007 via 2011 PCI Community Meetings Break Record for Number of …

This Year’s PCI SSC SIG Proposals

compliancesoftware — Fri, 21 Oct 2011 00:12:32 +0000

At the Special Interest Group (SIG) session at this year’s PCI Community Meeting, a number of presentations were made regarding the potential PCI SIG topics that will be addressed in the coming year. via This Year’s PCI SSC SIG Proposals …

PCI Expands Encryption Standards to Mobile Payment Card Readers

compliancesoftware — Tue, 18 Oct 2011 15:00:10 +0000

There are already hundreds of devices, such as the Square that clips on to a mobile phone, to enable remote mobile acceptance of credit cards, says Bob Russo, general manager, PCI Security Standards Council via PCI Expands Encryption Standards to …

Going cheap: stolen credit cards

compliancesoftware — Wed, 12 Oct 2011 12:22:21 +0000

Security specialists Imperva has reported that it’s found stolen card for as little as $2 for a Visa card, climbing up to $6 for a Discovery card. The particular site selling these details is not, I would argue, at the …

The (EMV/Contactless) World According To Visa « PCI Guru

compliancesoftware — Sat, 24 Sep 2011 15:18:06 +0000

The PCI SSC stated that while Visa is not requiring merchants to file a ROC or AOC, the merchant still has to ensure that it is PCI DSS compliant. This means that the merchant still must go through the PCI …

PCI point-to-point encryption guidelines raise new questions

compliancesoftware — Thu, 15 Sep 2011 20:17:33 +0000

The PCI Security Standards Council today is expected to issue guidelines on use of point-to-point encryption in protecting sensitive payment card data, but the narrow approach — which is focused on hardware — is raising questions. via PCI point-to-point encryption …

Q&A: Teresa Carlson of Amazon Web Services Discusses GovCloud | WHIR Web Hosting Industry News

compliancesoftware — Wed, 07 Sep 2011 12:18:21 +0000

The new AWS GovCloud Region offers the same high level of security as other AWS Regions and supports existing AWS security controls and certifications such as FISMA, SAS-70 Type II, ISO 27001, FIPS 140-2 compliant end points, and PCI DSS …

Kicked Out Of “The Club” #PCI

compliancesoftware — Mon, 22 Aug 2011 22:33:43 +0000

A Qualified Security Assessor Company (QSAC) has finally had their status revoked by the PCI SSC. In a little noticed release dated August 4, 2011, the PCI SSC announced through an FAQ that as of August 3, 2011, Chief Security …