Small Merchant Integration with Moneris Canada
Sunday, January 27th, 2008 Posted in Compliance, Merchant, Point of Sale | 6 Comments »A Canadian merchant wrote in to ask: We are looking at integrating with Moneris for payment processing. Moneris would have a DLL on the merchant computer. We would pass the amount of the transaction to the Moneris DLL. The DLL would communicate ...
5 Steps to Your Next (Secure) POS
Saturday, November 24th, 2007 Posted in Credit Card Fraud, Merchant, Payment Applications, Point of Sale, pa-dss | 5 Comments »So you might have read the recent Visa (USA) timeline for migrating to more secure point-of-sale (POS) technology. Or maybe you are looking at your aging systems and wanting to take the plunge and upgrade to a sexier, ...
Petroleum Industry and Franchise Operations
Wednesday, November 7th, 2007 Posted in Compliance, Conferences, Merchant, Point of Sale | 2 Comments »I just got back from speaking at the American Petroleum Industry's IT Security Conference in Houston, TX. I presented on the impact of PCI on the petroleum industry and the main focus was on the point of sale (POS) ...
PCI SSC adopts PABP as PA-DSS
Wednesday, November 7th, 2007 Posted in Card Brands, Merchant, PCI PIN, Payment Applications, Point of Sale, pa-dss | 4 Comments »In early September the PCI SSC added the PIN Entry Device (PED) standard to its dossier of oversight items. Then at the end of September they announced the success of the first ever Community Meeting for Participating Organizations. Now in ...
All I have is a hardware terminal, do I need PCI compliance?
Friday, August 31st, 2007 Posted in Compliance, Merchant, Point of Sale | 2 Comments »Someone wrote in to ask about a small merchant who uses a stand alone hardware terminal (i.e. EFTPOS machine) to accept credit card transactions. This is not an IPOS (integrated point of sale) but simply a terminal that has dial-out ...
PABP informational
Sunday, July 1st, 2007 Posted in Card Brands, Payment Applications, Point of Sale | 10 Comments »These days many large (Level 1) and medium sized (Level 2) merchants are working towards compliance deadlines, but so are the smaller (Level 4) merchants for reasons of security. Probably one of the most critical things to the security ...
Does The Right Hand Know What the Left Hand Is Doing?
Friday, June 8th, 2007 Posted in Card Brands, Encryption, Merchant, PCI DSS, Point of Sale, Service Provider, Third-Parties | 3 Comments »According to Digital Transaction News, Visa USA is ready to introduce account-level processing (ALP). “Visa claims ALP will allow smoother transitions to new cards for cardholders, and will let merchants, in partnership with issuers, design more effective rewards programs.†Sounds good ...
Shift4 bypasses MICROS with free driver
Thursday, April 5th, 2007 Posted in Merchant, Payment Applications, Point of Sale, Vendors | No Comments »Shift4 corporation has made a bold move of providing merchants an alternative approach to POS compliance. They independently developed a driver for the MICROS POS system, widely used in restaurants, that allows the retail merchant to obtain compliance without a ...
TJ Maxx - Largest Card Data Compromise in History
Friday, March 30th, 2007 Posted in Credit Card Fraud, Encryption, PCI DSS, Payment Applications, Point of Sale | 1 Comment »The new sites have been awash this week with reports (here, there, and everywhere) on how the TJ Maxx credit card compromise is shaping up to be the worst ever - just tipping the scales on the CardSystems compromise from ...
Bootable POS systems are the future of retail
Monday, March 26th, 2007 Posted in Compensating Controls, Merchant, Payment Applications, Point of Sale | 5 Comments »I was talking with someone (at this age I forgot who) about compensating controls for file integrity monitoring and they suggested a bootable point of sale (POS) system with read-only access. What an excellent idea, and if it was ...
