SEARCH RESULTS
 
Showing 1-10 of 15 records
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...merchant, over a merchant that isnt PCI compliant, will reduce your chance of having your credit card data stolen isnt always accurate Now Im not saying PCI isnt important, after all this breach may have never been found if PCI measures werent put in place, but enterprises have to look beyond the task of being compliance and take whatever...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...merchant, over a merchant that isn???t PCI compliant, will reduce your chance of having your credit card data stolen isn???t always accurate Now I???m not saying PCI isn???t important, after all this breach may have never been found if PCI measures weren???t put in place, but enterprises have to look beyond the task of being compliance and...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

Aegenis eLearning for Merchants

The Article has images
2008-03-28 15:09:49 by Michael Dahn in PCI Blog - Compliance Demystified
...merchants regarding their responsibilities for the protection of Cardholder Data and compliance with the Payment Card Industry Data Security Standard (PCI DSS This means that we are now offering merchant training for all merchant types, with a focus on educating the Level 3-4 (smaller) merchants. Its both scalable and global in its reach. You...
 
Tags: merchants, merchant, merchant association, merchant base, level-4 merchants, pci dss, level, aegenis, payment card industry
 
 
 
 
Expand article

Our Data, Ourselves

2008-05-15 18:00:00 by Bruce Schneier in Wired Security
 
...merchant, or even how we're treated by customer support. A potential employer can, illegally in the U.S., examine our medical data and decide whether or not to offer us a job. The police can mine our data and decide whether or not we're a terrorist risk. If a criminal can get hold of enough of our data, he can open credit cards in our names,...
 
Tags: data, medical data, enforce data deletion, data shadow, limit data collection, limit, data banks, data controls, information brokers
 
 
 
 
Expand article

KimsCrafts e-commerce breach affects 4,500

The Article has images
2007-12-14 16:08:39 by Evan Francen in The Breach Blog
...merchant " according to VISA. As a Level 4 merchant, KimsCrafts is required to complete an annual PCI Self-Assessment Questionnaire and quarterly network scans (by an "Approved Scanning Vendor"). I wonder if KimsCrafts was complying prior to this breach report. If they were, then this leads to questions about why the Approved Scanning Vendor...
 
Tags: kimscrafts, breach, e-commerce, credit file, credit, credit card data, kimscrafts e-commerce site, data, data security firm
 
 
 
 
Expand article

500th Member Joins PCI Forum

The Article has images
2008-03-07 19:54:49 by Michael Dahn in PCI Blog - Compliance Demystified
...merchant who we added to the Merchant Only area. This is a private forum only accessible by vetted merchants. While most merchants choose to post their questions in the public area, there are some who want more discretion As always, we have our email address and phone number listed on this website. I dont know many other places where you can...
 
Tags: 500th, forum, pci forum, lucky 500th person, merchants choose, merchants, security people, industry, people
 
 
 
 
Expand article

Stagpliance? Yes, we do need PCI Education

The Article has images
2008-03-03 16:46:26 by Michael Dahn in PCI Blog - Compliance Demystified
...merchants and many small merchants. Anyone who has investigated cardholder data breaches over the last five years can tell you that attacks are becoming more complex and hackers are moving to smaller merchants. But this is not the only explanation What has this experience shown us? I believe the reason for our current stagpliance is due to...
 
Tags: pci, based, risk based approach, cardholder data, cardholder data breaches, education, classes merchants, merchants, cardholder data security
 
 
 
 
Expand article

Confidential information sent to PinPay.net and SoftCard.biz is exposed

The Article has images
2008-05-08 13:26:03 by Evan Francen in The Breach Blog
...Merchants, Agents and customers Number Affected Unknown Types of Data Name, mailing address, phone number, email address, date of birth, city of birth, sex, and one or more of the following (chosen from drop-down Passport Voting ID card PAN card Driving License card Government issued ID card Social Security Card Military ID card Consular...
 
Tags: information, drivers license card, license card, card, free card, social security card, sensitive information, sensitive personal information, encrypt sensitive information
 
 
 
 
Expand article

Do you trust the merchants to protect your credit cards?

2007-12-11 09:01:26 by Khalid Kark in Security & Risk Management
 
...merchants to store complete card numbers. Currently, some merchants are required to keep credit card numbers for up to 18 months to satisfy card retrieval and dispute requests. The letter said, "Instead of making the industry jump through hoops to create an impenetrable fortress, retailers want to eliminate the incentive for hackers to break...
 
Tags: card industry, card, payment card industry, credit card, merchants, credit card companies, provide merchants, merchants change, security
 
 
 
 
Expand article

S&K Menswear two-phased attack

The Article has images
2008-01-03 10:40:36 by Evan Francen in The Breach Blog
...Merchant . Is it safe to assume that S&K is PCI DSS compliant? It sounds like they don't store prohibited data (CVV2, Full Magnetic Stripe, or PIN / PIN Block), but only 55% of Level 3 Merchants are PCI DSS validated as of 9/30/07 . It should be easier for customers to find the status of an organization's compliance and information security...