Cartes (Exhibition & Conference) in Paris, France next week... Well, maybe Cartes America in Las Vegas next year...
0 Comments
The PCI SSC meeting (1400 participants) is over. Mostly, minor clarifications in PCI DSS and PA-DSS 3.0, changes in PTS testing requirements 4.0. Unfortunately, no significant changes in PCI standards means no good news for merchants and cardholders. No regulation or tech breakthroughs means the show will go on.
I am going to the PCI SSC community meeting in Las Vegas next week.
Anyone who knows what it is :) - see you there! PCI SSC has released a document that "highlights anticipated changes to the PCI Data Security Standard (PCI DSS) and Payment Application-Data Security Standard (PA-DSS) in order to prepare organizations for the introduction of Version 3.0 in November 2013".
I could not find any significant changes that would help to improve the security of card payment transactions. I wasn't surprised though. I have created a separate menu entry -- "PCI ISA" -- which contains a link to the one of the most popular blog entries - PCI ISA Training Experience. So everyone can just click on the direct menu link and share her/his experience about ISA certification process - training, exam, and more.
I just found a list of "PCI myths" on some website about PCI compliance. One of the myths sounds familiar and reasonable, although the explanation (they call it "fact") sounds polite but unconvincing and incomplete: Myth: PCI will make us secure. Fact: Successful completion of a system scan or assessment for PCI is but a snapshot in time. Security exploits are non-stop and get stronger every day, which is why PCI compliance efforts must be a continuous process of assessment and remediation to ensure safety of cardholder data. I have been comparing several Track/PAN detection tools and this one looks pretty good. Later on I am going to publish a comparison chart of several such products (both commercial and free). If you have any comments/links please let me know.
I thought Intel just powers my laptop. I was wrong. It also sells PCI compliance... I am sorry... PCI appliance. I am curious whether this is an indication of how important PCI or how bad CPU sales are these days.
There is a new Mastercard which has LCD screen and keyboard. It looks like the plastic becomes smarter and closer to POS terminal in its functionality which I guess will bring new security issues...
|
Books
Recent Posts
Categories
All
Archives
March 2023
|