Blog Posts Tagged with "PA-DSS"
August 09, 2012 Added by:PCI Guru
The PA-DSS has a procedure that the PA-QSA can follow to determine that version changes have not affected cardholder data processing and the application’s PA-DSS validation. Without that validation, as a QSA, our hands are tied and we must conduct a full assessment of the application under the PCI DSS...
April 26, 2012 Added by:PCI Guru
There is a lot of discussion on network segmentation, and this year’s presentation material indicates there are apparently still a lot of QSAs that do not understand the concept of network segmentation and what constitutes good segmentation from poor segmentation...
January 30, 2012 Added by:PCI Guru
Hackers could decrypt the PAN given the high likelihood that the PIN to decrypt the PAN could be derived from information on a smartphone. The nightmare scenario would be development of malware delivered through the smartphone’s application store that harvests the PII...
January 19, 2012 Added by:Fergal Glynn
What is a compliance framework? It’s an architected system of policies, controls and objectives designed to keep your business out of trouble and operating securely. It should measure risk and effectiveness, and keep constituents aware and up to date, since risk changes...
October 04, 2011 Added by:Andrew Weidenhamer
As a QSA it is very frustrating to walk in, ask the merchant for the PA-DSS Implementation Guide, and receive a glazed over eye look. It's even more frustrating when you then ask the Vendor/Reseller for the Implementation Guide and they look at you as if you have three heads....
June 30, 2011 Added by:PCI Guru
"Until such time that it has completed a comprehensive examination of the mobile communications device and payment application landscape, the Council will not approve mobile payment applications used by merchants to accept and process payment as validated PA-DSS applications..."
February 25, 2011 Added by:PCI Guru
While iPhone is the “Big Kahuna”, it does not mean that Android and Windows Phone devices are not also used for credit card payments. Unfortunately, Android and Windows Phone devices have similar issues that make them difficult, if not impossible, to have PA-DSS certified applications...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013