Discover creates merchant levels
Saturday, January 17th, 2009 Posted in Card Brands, Merchant | No Comments »Discover Network recently updated their DISC website and it was more than just a makeover. Discover updated their information with new merchant levels that conveniently match those of both Visa and MasterCard. Level 1 merchants are those processing 6 million or ...
Cloud Computing and PCI - VM Image Sprawl
Thursday, January 8th, 2009 Posted in Compliance, Merchant, PCI DSS, Service Provider | 2 Comments »Randy Bias posted a link about virtual machine (VM) image sprawl. Just like the housing sprawl of cities, there appears to be a dramatic increase in the number of VM images being created. This could impact regulatory issues such as ...
Society going global
Friday, December 26th, 2008 Posted in Banking, Conferences, Merchant, SPSP, Service Provider, Society of Payment Security Professionals | 1 Comment »Even though we have already trained thousands of merchants, acquiring banks, and service providers in many countries around the world, we have not yet trained these groups in Africa - until now. The Society of Payment Security Professionals (SPSP) is both ...
Call centers with VoIP phones could expand PCI scope
Wednesday, December 3rd, 2008 Posted in Compliance, Merchant, Service Provider | 7 Comments »I have always said I could talk for half a day on the scoping considerations of call centers. They are complex beasts that exist for the purpose of servicing customers, which often involved either accepting or retrieving cardholder data. I ...
Visa sets global PCI DSS deadlines
Thursday, November 13th, 2008 Posted in Asia-Pacific, Card Brands, Compliance, Europe, Merchant, PCI DSS, Service Provider | 2 Comments »Only days after Visa Asia-Pacific announced compliance deadlines within their region, Visa Inc. announced global compliance deadlines for all regions. (Thanks to Danny for pointing this out.) The deadlines apply to all Visa regions globally and appear to be a natural ...
Small merchants cannot ignore PCI compliance
Thursday, November 13th, 2008 Posted in Compliance, Merchant | No Comments »We took a lesson from Scoble's playbook and posted our phone number and email address on the blog for people to call and ask questions directly. Sometimes questions come in from people wanting to know about one thing over another ...
E-Commerce Startups deal with PCI compliance
Monday, November 3rd, 2008 Posted in Compliance, Merchant, PCI DSS, Payment Applications, Third-Parties | 11 Comments »When I see someone doing something well I light to put the spotlight on it. Damon has a great blog for startups and how they can deal with security issues. You see, small companies have different needs and interests than ...
PCI DSS version 1.2 differences and updates
Wednesday, October 1st, 2008 Posted in Approved Scanning Vendor, Compensating Controls, Compliance, Merchant, PCI DSS, PCI SSC, Service Provider, Third-Parties, Web Applications, Wireless | 11 Comments »On October 1, 2008 the PCI SSC released version 1.2 of the PCI DSS requirements. There are a number of changes as outlined previously in the update document. The PCI SSC has established a life cycle process that will ensure ...
PIN security rises in importance
Friday, August 8th, 2008 Posted in Chip PIN, Credit Card Fraud, Merchant, PCI PIN | 1 Comment »Evan Schuman of StoreFrontBackTalk reminds us that credit card compromises that result in fraudulent ATM use can mean only one thing: they had access to the cardholder's PIN. In reference to the recent indictment he reminds us about such details. But ...
CPISM certification empowers merchants
Wednesday, July 30th, 2008 Posted in Merchant, Society of Payment Security Professionals | No Comments »Congratulations to Walter Conway for his CPISM certification. If you are not subscribed to his blog, please do so, especially if you are interested in Higher Education. Rob is also one of the blogs that is syndicated via the Society ...
