Dublin - Research and Markets has announced the addition of Javelin Strategy & Research's new report "Understanding How PCI-Compliant Companies Can Be Breached: Security in a Post-Heartland World" to their offering.
The Payment Card Industry Data Security Standard (PCI DSS) raises the high water mark for data security. But there's a persistent myth that PCI compliance equals security. The reality is that PCI is only a baseline, and one that needs to be monitored constantly as the threat landscape changes. In the months following what may be the largest the data breach in U.S. history at Heartland Payment Systems, many people are wondering if PCI is effective. In response, the PCI Security Standards Council has released new guidance around risk-based compliance and Qualified Security Assessor (QSA) reviews and remediation. But will these be enough to calm the concerns that merchants have with PCI? This report includes an update of PCI, an overview of emerging technologies, and lessons learned from the Heartland breach. Hashing, tokenization, end-to-end encryption, and Chip and PIN are covered in depth.
Primary Questions - Does PCI compliance equal security? - Which are the most common requirements not met by previously PCI-certified firms? - What has been learned about the Heartland breach? - How can merchants store PAN data without violating PCI? - What are the emerging technologies that can help merchants take PAN data out of scope for PCI compliance? Methodology This report is based on data collected online from a random-sample panel of 2,339 respondents in September 2008. The survey targeted respondents based on representative proportions of gender, age and income compared to the overall U.S. online population. Overall margin of sampling error is 2.03% at the 95% confidence level, for 2008.The report was also based on interviews with executives from the PCI Council, Heartland, and eight security vendors Companies Mentioned: - Merchant Bank - PCI Security Standards Council - Trustware - Merrick Bank - Princeton Payments Solutions - U.S. Department of Veterans Affairs - Micheals - Qualys - Veracode - National Retail Association - RBS WorldPay - VeriSign - NT Objectives - Securosis - Verizon - nuBridges - Shift4 - Visa - Ounce Labs - T-Mobile - WhiteHat Security - Payments Software Company - The Cadence Group - Paymetrics - TJX For more information visit http://www.researchandmarkets.com/research/3113c7/understanding_how
Find out how our patented technology can empower your financial institution.
Our secure two-factor online banking authentication eliminates dangerous passwords and usernames and replicates the same trusted process used to access cash at ATM's. (Insert Bank Issued Card, Enter Bank Issued PIN)
There is an R.O.I. as FI's also earn recurring revenue from each transaction conducted using our PCI 2.0 Certified PIN Entry Device. Our technology also provides a unique real-time P2P "Instant-Transfer" which allows your online banking customer to transfer cash from ANY of their bankcards to ANY other bankcard...with the Swipe of a card.
Help your bank eliminate phishing and your customers avoid identity theft by providing them with the ability to stop typing and start swiping. There is no safer way to conduct financial transactions online than by 3DES DUKPT encrypting the cardholder details, which we do at the mag-head "inside the box/outside the browser."
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u_yOKzg3y9OKaErKpF7N3_SwvqxaCBVIrrktAtmmh7qRD_uYPsi3ENsOqAX9P5Rw3oOIr4qg-sskr6zrzlEqM6PeFwWnOg9hH5d-64kWEEBnPf08PmZ-OmRdMFBgpaX_PGX6xIJvFGhhQRsG6zDSk=s0-d)
0 comments