Blog Posts Tagged with "Payment Processors"
PA-DSS Validation Clarification
August 09, 2012 Added by:PCI Guru
The PA-DSS has a procedure that the PA-QSA can follow to determine that version changes have not affected cardholder data processing and the application’s PA-DSS validation. Without that validation, as a QSA, our hands are tied and we must conduct a full assessment of the application under the PCI DSS...
Comments (0)
Global Payments Breach May Include Merchant Account Data
June 13, 2012 Added by:Headlines
"The Company's ongoing investigation recently revealed potential unauthorized access to servers containing personal information collected from a subset of merchant applicants. It is unclear whether the intruders looked at or took any personal information... however, the Company will notify potentially-affected individuals..."
Comments (0)
A Reason Why the PCI Standards Get No Respect
May 11, 2012 Added by:PCI Guru
The PCI SSC only requires its assessors document the services they provide in their assessment reports. While that offers a certain amount of transparency, when you read some of these ROCs, it becomes painfully obvious that some QSACs are assessing their own security services...
Comments (0)
What Good is PCI-DSS?
May 02, 2012 Added by:david barton
Credit card processors have valuable information that bad guys would love to get their hands on. So processors are the Fort Knox of the modern world. When bad guys are motivated, no amount of security can keep them out. Does that mean PCI-DSS standards are worthless?
Comments (9)
Financial Institutions – Your Time is Coming
April 04, 2012 Added by:PCI Guru
Most financial institutions purchase their software applications from third party development firms. With all of the regulatory changes going on in the financial institution industry, these software firms have been focused on those regulatory changes and not PCI compliance...
Comments (0)
Update on the Visa - MasterCard - GPN Breach
April 03, 2012 Added by:Pierluigi Paganini
Global Payments' announced that Track 2 data was stolen, which is used by the bank. Track 1 data generally refers to the information reported on the front of a bank card. So if this information was stolen along with that contained in Track 2, it is possible to clone a card...
Comments (0)
Visa and MasterCard Alert Banks of Massive Processor Breach
March 30, 2012 Added by:Headlines
"Visa Inc. is aware of a potential data compromise incident at a third party entity... Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards..."
Comments (0)
Cyber Security for 2012 Olympics Focus of Business Continuity Forum
March 19, 2012 Added by:Headlines
"The market-wide exercise showed that the banking community is prepared to handle some aspects of a cyber attack, but must shore up other areas. I encourage all managers to think about whether they are have adequate, practical plans in place..."
Comments (0)
PCI Compliance: On Redirects and Reposts
December 08, 2011 Added by:PCI Guru
A number of clients recently prompted me on my take regarding Redirects and Reposts as they attempt to shrink their PCI compliance footprint as small as possible. A lot of them like the idea of the repost because it requires only a simple change to their existing e-Commerce sites...
Comments (0)
Affiliate Marketing Scam
November 21, 2011 Added by:Mark Baldwin
Just about every adult website has an affiliate program and it is not uncommon for scammers to look for ways to take advantage of these programs. I was recently informed by a large payment gateway operator of a scam that is currently in operation. Here is how it works...
Comments (1)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)