PCI DSS
A Viable Solution to Skimming and Point of Sale Attacks
September 02, 2010 Added by:Robert Siciliano
Bankers are taking great losses on cards and we need to explore creative ideas to mitigate these losses. It is in the best interest of retailers, bankers, processors and card providers to find ways to limit these losses so debit and credit cards can remain a viable method of payment...
Comments (1)
Advice for Merchants on PCI DSS
August 31, 2010 Added by:PCI Guru
There are ways to minimize your organization’s PCI compliance efforts by just getting rid of the data in the first place. Stop putting forth efforts to comply and get with the movement to get rid of the cardholder data in the first place...
Comments (1)
PCI: An Open Letter To Acquiring Banks
August 26, 2010 Added by:PCI Guru
Get with the program people! The PCI program flounders in part because one of the key constituents is not on board. It is time for the PCI SSC and the card brands to educate the acquiring banks and get them engaged...
Comments (2)
PCI Security Standards Council on PCI DSS 2.0
August 26, 2010 Added by:Anton Chuvakin
Everybody knows that PCI DSS 2.0 is coming. The PCI Security Standards Council released a summary of changes for version 2.0 in PDF to be released in October 2010. The council folks have kindly granted this brief interview...
Comments (0)
Why The PCI Data Security Standards Exist
August 23, 2010 Added by:PCI Guru
It has been suggested that the PCI standards were only developed to minimize the losses to the card brands and banks and do nothing for merchants. However, the PCI standards were meant to protect everyone in the transaction process...
Comments (0)
Bootable USBs for Consumer Security
August 22, 2010 Added by:Brent Huston
The major problem facing online banking today is really the consumer system. Home PCs are so compromised or infected that they represent a significant issue for the banking process. Home systems can pretty easily be removed from the equation with a simple bootable LiveCD or USB key...
Comments (0)
Are Contactless Payment Methods Secure?
August 20, 2010 Added by:Robert Siciliano
Hackers, whether they’re black hat (bad guys) or white hat (security professionals), are always looking for vulnerabilities in technology. The bad guys’ intentions are to exploit these vulnerabilities for ill-gotten gain, and the security professionals’ are to make the technology more secure...
Comments (4)
How Do You Know That Your Software Is Secure?
August 17, 2010 Added by:PCI Guru
Software is everywhere these days, and is in almost everything from flat panel televisions to furnaces. As more devices get connected to networks, the risk that backdoors or sleeper code will be used to obtain surreptitious access to these devices increases...
Comments (0)
PCI Feels Like Something is Being Done to Me
August 09, 2010 Added by:PCI Guru
In a lot of these organizations, security has been given the short shrift and has been perpetually on the back burner. In these organizations, senior management sees security, and IT as a whole, as a money pit that does nothing for the organization...
Comments (1)
PCI DSS and Code Reviews
August 02, 2010 Added by:PCI Guru
Requirement 6.6 of the PCI DSS discusses the concept of code reviews or the implementation of an application firewall to protect Internet facing applications...
Comments (4)
ATM Security Threats Increase
August 01, 2010 Added by:Robert Siciliano
Skimming today is far more sophisticated than in the past. Skimmers can include blue tooth and texting technology that send the data to the criminal anywhere. Keypads can be compromised by devices that overlay the exiting pad and transfer the data remotely...
Comments (0)
Electronic Payment Fraud, Security and Risk Mitigation
July 28, 2010 Added by:Anthony M. Freed
The biggest risk is systematic. Criminals and hackers have multiple points to penetrate a system, so it's important for those responsible for online payment security to think of the possible risks from end-to-end...
Comments (1)
Hotels are Hotspot for Credit Card Fraud
July 20, 2010 Added by:Robert Siciliano
According to a recent study, 38% of all credit card breaches occur in hotels. Despite several high profile breaches that recently affected payment processors and banks, the financial services industry only accounts for 19% of breaches...
Comments (0)
Credit Card Connoisseur
July 08, 2010 Added by:Ron Baklarz
This authentication mechanism could be compromised and moreover, I would very much like to see the security scheme around the kiosk's ability to protect the PII associated with the driver's license as well as the PCI-DSS protections since the machines will accept credit and debit cards...
Comments (1)
Credit Card Data Breaches Cost Big Bucks
July 08, 2010 Added by:Robert Siciliano
Javelin’s survey shows that 26%, or one out of four U.S. consumers received a data breach notification last year from a company or agency holding their personal data, including credit and debit card or checking account information...
Comments (0)
Out-of-band banking transaction confirmation could buy some time … a year ago.
June 29, 2010 Added by:Eli Talmor
Security measures such as one-time passwords and phone-based user authentication, considered among the most robust forms of security, are no longer enough to protect online banking transactions against fraud, a new report from research firm Gartner Inc. warns.
Comments (5)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!