Gartner misses the point of PCI
Monday, November 24th, 2008 Posted in Chip PIN, PCI DSS | 4 Comments »The goal of the PCI DSS is to prevent the electronic and paper theft of cardholder data. That said, the PCI DSS is not the only standard within the family of PCI family. The collection of PCI standards includes: PCI DSS ...
PIN security rises in importance
Friday, August 8th, 2008 Posted in Chip PIN, Credit Card Fraud, Merchant, PCI PIN | 1 Comment »Evan Schuman of StoreFrontBackTalk reminds us that credit card compromises that result in fraudulent ATM use can mean only one thing: they had access to the cardholder's PIN. In reference to the recent indictment he reminds us about such details. But ...
Hacking Chip-and-PIN
Thursday, February 28th, 2008 Posted in Chip PIN, Credit Card Fraud | 2 Comments »There's a blog post online about some computer security researchers who have found a way to compromise Chip-and-PIN terminal devices. You can check out the BBC NightNews show here. Ok, yes this is an attack against the system, but do you ...
Chip-PIN vs. PCI DSS
Sunday, March 25th, 2007 Posted in Chip PIN, Credit Card Fraud, Europe, PCI DSS | 1 Comment »We had a post a while back about the most recent APACS fraud numbers (released twice a year.) Many of us were curious why they did not include a reference to PCI. So I emailed Sandra Quinn their ...
Chip and PIN: attacks or risks?
Saturday, March 10th, 2007 Posted in Chip PIN | 2 Comments »Ed posts about a reference to Chip and PIN attacks that I feel are actually just risks. The story gets talked about because they associate the words "attack" and "Chip and PIN" making people think there is an actual ...
Contactless payments take hold
Sunday, February 11th, 2007 Posted in Chip PIN, Contactless | 1 Comment »We have discussed many things relating to the payments industry, from Chip-PIN to the details of the PCI DSS, but have not focused much on the technology side of things. There are the PCI PIN (from Visa) requirements for ...
Chip-and-PIN terminal hacked to play Tetris
Friday, January 5th, 2007 Posted in Chip PIN | 1 Comment »Engadget reports that security researchers Steven Murdoch and Saar Drimer hacked one of Britain's much-vaunted "tamper-resistant" chip-and-PIN credit-card processing terminals so that it plays Tetris. They have this YouTube video showing it: [youtube wWTzkD9M0sU] A better quality video and description is available on ...
What is the difference between PCI, EMV, and Chip/PIN?
Monday, October 30th, 2006 Posted in Chip PIN, PCI DSS | No Comments »Some people have been asking, "What is the difference between EMV standards, PCI standards, and Chip/PIN requirements?" EMV is the EuroCard, MasterCard, Visa chip card protocol standard. Here's some information from the EMVCo website. EMVCo LLC was formed February 1999 by ...
PCI DSS and Chip and PIN
Saturday, September 30th, 2006 Posted in Chip PIN, Credit Card Fraud, PCI DSS | 5 Comments »Many countries around the world are currently in the process of implementing the 'chip and PIN' system for credit card payments. This system is based on the EMV standard, and uses a card with an integrated processor (a 'smartcard') ...
Canada to implement Chip/PIN in 2007
Friday, September 29th, 2006 Posted in Chip PIN | 1 Comment »Chase Paymentech held their first international Fraud Prevention Forum on September 11th in Toronto. They announced the future movement of credit card security with the planned rollout of Chip/PIN to Canada. Chip and PIN is a proven payment technology with ...
