As promised, I finished my PCI usefulness post. It can be found on the Shift4 4titude site:
As the title suggests, it is not a glowing review of PCI, or more specifically PCS DSS compliance. Anyway, I don't want to give away too much here. Enjoy.
Thursday, May 24, 2012
Thursday, May 17, 2012
The latest reports I read are that the Global Payments breach started in January 2011 -- more than a year earlier than initially thought. To me the story here is that during this timeframe Global Payments went through at least two onsite PCI audits and neither caught the breach in progress. Since Visa and MasterCard were so quick on pulling Global Payment's PCI certification, should they not also pull the QSA's certification(s) as well? I'm not sure if there were more than one QSA involved nor am I certain who it was -- but that does not really matter as my next post will describe. I am currently writing a post on the usefulness of PCI, or lack thereof. Stay tuned...
Monday, May 7, 2012
I think by now everyone knows my stance on Dodd-Frank. File this under "color me surprised": http://www.americanbanker.com/issues/177_84/fed-durbin-debit-rate-cuts-1048944-1.html