Category: PCI DSS

Chip and PIN security questions cause trouble for researchers

Posted by Stewart on Thursday 30th December 2010 @ 10.21 am

The payment card industry bigwigs are on the attack, after academic researchers from Cambridge University brought into question the security measures which govern the billions of pounds worth of Chip and PIN transactions carried out by UK consumers every year. Professor Ross Anderson is leading a study into the Chip and PIN system’s potential to protect the data and finances of its users. He and his team have concluded that …

Posted in: News, PCI DSS, Security | Leave a comment

UK retailers questioned over PCI DSS compliance

Posted by Simon on Friday 17th December 2010 @ 01.16 pm

A study has found that a significant proportion of retailers operating in the UK are not in the loop concerning the revised Payment Card Industry Data Security Standard (PCI DSS). This news has come as a result of research carried out by LogLogic, which discovered that 13.8 per cent of retailers do not have any knowledge of the second edition of the PCI DSS and a further 15.5 per cent …

Posted in: News, PCI DSS | Tagged: Payment card transactions, security | Leave a comment

Hackers supporting Wikileaks distribute phoney MasterCard details

Posted by Stewart on Monday 13th December 2010 @ 01.35 pm

The deepening conflict between the activists who are hacking various major corporate websites and the authorities has taken a troubling turn, as it was announced that payment card details were stolen and then published. Over 10,000 users of MasterCard were allegedly affected by the data theft, although the veracity of the published details was quickly denied by a spokesperson for the payment card firm, who claimed that the group of …

Posted in: Data Loss, News, PCI DSS, Security | Tagged: Data Protection, hackers, Payment card transactions | Leave a comment

Updated PCI DSS rated by security experts

Posted by Simon on Tuesday 2nd November 2010 @ 06.12 pm

After launching last week the first reactions to the second version of the Payment Card Industry Data Security Standard (PCI DSS) have been voiced, with many experts in IT security expressing cautious confidence in the new regulations. The development of PCI DSS 2.0 involved many industry bodies and is intended to help improve the level of security relating to payment card transactions made across the world, from debit and credit …

Posted in: News, PCI DSS | Tagged: Data Security, Payment card transactions, PCI DSS | Leave a comment

PCI DSS noncompliance causing lapse data security

Posted by Ritchie on Tuesday 12th October 2010 @ 10.22 am

A new report into how companies are coping with the Payment Card Industry Data Security Standard (PCI DSS) has found that a large number of businesses dealing with significant numbers of transactions on a daily basis are failing to comply to the regulations, leaving themselves open to exploitation and data loss. Verizon commissioned the study and said that those firms who exhibited a willingness to comply with the PCI DSS, …

Posted in: Data Loss, News, PCI DSS, Security | Tagged: card payments, PCI DSS | Leave a comment

PCI DSS under review

Posted by Simon on Monday 16th August 2010 @ 02.54 pm

The organisation responsible for the Payment Card Industry Data Security Standard (PCI DSS) has begun the process of analysing and updating the rules that aim to protect the private details of millions of consumers and businesses around the world. The PCI Security Standards Council announced that it would be reviewing the current standards and making amendments, although it confirmed that businesses would not need to take additional action once a …

Posted in: PCI DSS | Leave a comment

PCI DSS compliance heads for UK in July

Posted by Ritchie on Monday 21st June 2010 @ 10.46 am

The enforcement of the data security standards that govern the payment card industry is beginning next month and experts believe that many UK businesses could face hefty fines as a result of non-compliance. PCI DSS is being instigated by Visa from the start of July. As a result, the electronic point of sale (EPOS) and online retail sites operated by many of the smaller enterprises in the UK could come …

Posted in: News, PCI DSS | Leave a comment

The importance of conforming to PCI DSS

Posted by Ritchie on Wednesday 11th November 2009 @ 09.30 am

PCI commentators and recent surveys have again reinforced the importance of the Payment Card Industry Data Security Standard, as well as highlighting the penalties and pitfalls of ignoring PCI DSS guidelines. Writing for Infosecurity Magazine, independent security analyst Mark Gillespie collates and analyses recent findings which support and promote PCI DDS. Gillespie identified the current confusion surrounding the application of and adherence to PCI DSS. Since its introduction in 2004 …

Posted in: PCI DSS | Leave a comment

Is PCI DSS Compliance effective? Not without Requirement 13

Posted by Simon on Friday 21st August 2009 @ 09.30 am

There has been widespread reporting this week of a recent fraud case where fully PCI-DSS Compliant businesses were victim to a huge and repeated breach which allowed the perpetrators to steal 130 million individual records. Trustwave, a computer security firm, conducted its 2008 audit of Heartland on April 30 and deemed it compliant with Payment Card Industry Data Security Standards (PCI DSS). But shortly thereafter, the intruders began stealing batches …

Posted in: News, Online Backup, PCI DSS, Security | Leave a comment

PCI – DSS Causing Backup Nightmares for Merchants

Posted by Simon on Wednesday 5th August 2009 @ 09.00 am

PCI DSS (Payment Card industry – Data Security Standard) is currently taxing the minds of merchants up and down the land. PCI – DSS is a recently introduced standard by the card suppliers to protect end user customers. It’s requirements are far reaching – here is what your business must do: Build and Maintain a Secure Network Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement …

Posted in: News, Online Backup, PCI DSS | 1 Comment