-
Enterprise Encryption Meet Corporate Reality
Posted on October 15th, 2009 No commentsIT execs want to know how the implementation of an end-to-end encryption approach can be integrated with their million-dollar-plus investments in enterprise encryption and key management systems.
Here is the original post:
Enterprise Encryption Meet Corporate Reality -
Ghirardelli Chocolate Sweetens Its M-Commerce Taste
Posted on October 1st, 2009 No commentsAmong the torrent of retailers and manufacturers jumping on the M-Commerce bandwagon, almost all are focusing on adding capabilities to the M-Commerce direct Web experience, but Ghirardelli saved its creativity for a standalone mobile application. It’s iPhone app, for example, taps into the phone’s database—including the address book—to accelerate checkout.The site—delivered from Digby—also seems to need a little work, as it didn’t indeed seem able to actually access that database data, forcing us—during a test of the site—to have to type in full E-mail address and name three times (that’s annoying, even on an iPhone). It also crashed four times during 30 minutes of testing.
Read the original here:
Ghirardelli Chocolate Sweetens Its M-Commerce Taste -
The Two Scenarios Coming From The Pwc Pci Report
Posted on October 1st, 2009 No commentsAt the PCI SSC Community Meeting last week, the biggest highlight was the presentation of a report the group sought from PricewaterhouseCoopers (PWC). The first presentation of the PWC report of PCI Emerging Technologies made it clear that by expanding the technological scope of PCI DSS, companies will be able to reduce the scope of their PCI compliance efforts. High priorities over the next year will be end-to-end encryption, tokenization and virtual terminals.
Go here to read the rest:
The Two Scenarios Coming From The Pwc Pci Report -
Prepare Ye List Of PCI Grievances
Posted on September 16th, 2009 No commentsDepending on your perspective, the upcoming Community Meeting of the PCI SSC members is a “chance to provide feedback” or a place to “share ideas” regarding the standards or “Whinefest 2009.” PCI Columnist David Taylor is taking a perspective that dates back to the founding fathers and preparing a “List of Grievances.”Among the complaints: No guidance, the standards are designed for a bygone era of technology, the standards are anything but standardized, why should banks have to not comply with PCI?, compliance gamemanship and “We Don’t Need No Stinkin’ Credit Card Data.”
More here:
Prepare Ye List Of PCI Grievances -
MasterCard Vs. Visa: Dueling Compliance Philosophies
Posted on August 19th, 2009 No commentsPeople don’t seem to “get” MasterCard. For most of the last 4 years, MasterCard has been criticized for their apparent willingness to let Visa play the “bad guy” who issues fines to acquiring banks (and, through them, to merchants), who extends the PCI standards to application vendors (through PABP, now PA-DSS) and who generally takes the heat for PCI.Now MasterCard is taking what can only be called a “get tough” policy, issuing larger fines and, most significantly, forcing both Level 1 and Level 2 merchants to use assessors rather than take on the task of self-assessment.
Follow this link:
MasterCard Vs. Visa: Dueling Compliance Philosophies -
PCI Talk is Cheap: Even Small Merchants Can Afford It
Posted on August 13th, 2009 No commentsWhen the National Retail Federation published a report this week about a survey of Level 4 merchants and PCI concerns, it presented an optimistic—but potentially misleading—picture, points out PCI Columnist David Taylor, who had been actively involved in the report’s research. “One of the problems with multiple choice surveys is that it’s hard to present realistic tradeoffs to the respondents
View original post here:
PCI Talk is Cheap: Even Small Merchants Can Afford It -
Mobile Payments May Make PCI Obsolete
Posted on August 6th, 2009 No commentsAs more people start paying for goods and services using their phone, rather than a credit card, they are venturing into that ethereal netherworld that is “beyond PCI” – in this case, literally, as their daring actions challenge the Payment Card Industry to drop “card” from their name.But there’s more to the challenge than semantics, argues PCI Columnist David Taylor.
The rest is here:
Mobile Payments May Make PCI Obsolete -
Securing Mobile Payments – It’s Still Early
Posted on July 30th, 2009 No commentsMobile payments are exciting, no question about it, writes PCI Columnist David Taylor. The very idea of allowing consumers to buy stuff anywhere, at any time, with the touch of a button, gets retail, banking and communications executives to the point where you almost have to hose them down. So, what better way to ruin the party than to bring up security and compliance issuesActually, the need for this emerging payment “channel” and the specific payment platforms, software and services to be PCI compliant should be obvious, Taylor said.
-
“What’s an Acquirer?” And Other Noteworthy SME Questions
Posted on July 15th, 2009 No commentsSmall business owners may be too ignorant to ever be PCI compliant. PCI Columnist David Taylor recently participated in a webinar, a live seminar and a survey all aimed at small business, and all part of separate efforts aimed at building awareness about the importance of PCI compliance to small to medium size enterprises (SMEs). In each case, the presenters were struggling, trying to figure out just how “basic” to be when explaining PCI compliance.Pretty darn basic, actually.
Continue reading here:
“What’s an Acquirer?” And Other Noteworthy SME Questions -
Mercury Offers $40K Compensation For Its Breached Retailers
Posted on July 14th, 2009 No commentsFollowing word of a “if breached, we’ll cover some of your costs” program from Heartland, fellow payment processor Mercury Payment Systems has launched its own program, one featuring $40,000 of reimbursement from any of its retail customers that are breached. Mercury officials stress that it’s far from a reaction to Heartland, as Mercury started its program in late June and Heartland is only promising it for later this year.The Mercury program is limited to retailers who “have successfully completed their SAQ and quarterly scans and remedied any highlighted issues,” said Kim Mackay, Mercury’s VP of marketing. “This is as much as 15K towards a 3rd party forensic audit and as much as 25K toward fees and fines.
Continue reading here:
Mercury Offers $40K Compensation For Its Breached Retailers
Recent Comments