SEARCH RESULTS
 
Showing 1-10 of 15 records
 
Expand article

New attack trend pushes POS encryption to the fore

2008-05-20 07:23:13 by Editor in Computerworld Security News
 
The recent rash of data thefts from retail point-of-sale systems is prompting security vendors and payment processing firms to offer tools for encrypting POS information
 
Tags: retail point-of-sale systems, recent rash, pos information, data thefts, security vendors, offer tools, firms, payment
 
 
 
 
Expand article

New attack trend pushes POS encryption to the fore

2008-05-22 00:00:00 by HASH0x84731a4 in Network World on Security
 
The relatively scant attention that retailers have paid to securing their point-of-sale systems over the past few years is making the POS setups increasingly attractive targets for cybercrooks who are looking to steal payment card data
 
Tags: payment card data, point-of-sale systems, scant attention, retailers, cybercrooks, past
 
 
 
 
Expand article

Technology Tales from Thailand: KBank Fraud Management

2008-08-20 07:16:51 by Tim Bass in The Complex Event Processing Blog
 
...possibility of on-line credit card fraud; and in Keyloggers: Why Banks Need Two-Factor Authentication I described how KBank uses SMS-based one-time-passwords (OTP) to authenticate transactions In addition to the above services, KBankoffers a service that permits users to receive an SMS message that details any change in account balance and/or...
 
Tags: visa debit card, debit card, card, visa card, kbank, kbank card, transaction, transaction notification services, fraudulent transaction
 
 
 
 
Expand article

Data security and the "chasm of protection"

2008-06-17 13:25:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...POS devices, encrypted with the POS application as cards are read in. As this data is required by another application, it has to be first decrypted so this in-store application can read it. It may then encrypt it again as it stores on in-store servers. Now assume you have another application in the data centers that is used for card...
 
Tags: protection, data, data protection, data centers, data element, application, pos application, data-centric, in-store application
 
 
 
 
Expand article

A Friday Afternoon Conversation About PCI DSS

2008-12-05 20:42:09 by Alex in RiskAnalys.is
 
...post up on a whim (for Twitter conversations that are happening in parallel) so be polite/nice 1.) As Jack likes to say, all control efforts are centered around Prevent/Detect/Respond. An if we can prevent at 100% efficiency, we dont really need to care about D & R. Similarly, if we can D/R at 100% efficiency, we dont really need to care...
 
Tags: pci, pci dss, pci pii, subsequent pdr efforts, pci compliance, pdr, credit cards, credit, threat actions
 
 
 
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...posed up to 4.2 million credit and debit cardholders to potential fraud The result of this breach so far has been about 1,800 instances of fraud as reported by company officials, all company information has been removed from their website (Im assuming while they reevaluate their transaction strategy and architecture) except for a news brief...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

Security of "Rogue" or "Shadow" IT?

2008-04-03 12:27:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...pos t raises some of the alarms with "shadow IT Both tools [ iPhone and Google Apps ] were marketed directly to the appeal of the end-user and made every effort to create a tool (or set of tools) which could be brought into the business environment by an end-user with as little effort as possible Corporate IT is left fighting the new battle...
 
Tags: business environment, environment, enable businesses properly, business, users strangle, users, end-user, harsh guidelines, shadow
 
 
 
 
Expand article

Hannaford Supermarkets

The Article has images
2008-03-22 12:27:00 by Random InfoSec Guy in Security Coin
...posts below - about the ATM authorizations ? If you look at the message formats, they have card numbers and expiration dates. What was compromised ? Card numbers and expiration dates. (ISO 8583 seems to have track data in its message transmissions - but not until a long way into the stream, and for some reason, I didn't notice it in my raw...
 
Tags: card, debit card, pci, track data, pci dss, data, hannaford supermarkets, hannaford, pci compliant
 
 
 
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...posed up to 4.2 million credit and debit cardholders to potential fraud The result of this breach so far has been about 1,800 instances of fraud as reported by company officials, all company information has been removed from their website (I???m assuming while they reevaluate their transaction strategy and architecture) except for a news...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures