Why POI Tamper Inspections are so Important | blog | Control Gap
It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed in a retail...
Posts about:
Credit cards
Control Gap Blog - 12 Tips To Avoid Credit Card Data Breaches
PCI DSS: 12 Requirements to Protect Your Customer’s Credit Card Data
Traditionally, ill-intentioned criminals have targeted banking institutions to reap financial gain....
Why did my PCI DSS Scope Explode?
It can be extremely frustrating for a compliance team to realize that additional systems are in-scope. It means additional and unexpected security controls and validation. The most stressful time of year for PCI compliance staff, during an onsite assessment, is the worst time to discover new scope. Yet, this problem affects many organizations. Report on Compliance assessments often uncover these unknown scope components, so you are not alone if this happened to you.
Don’t Tie Yourself in Knots Thinking you can Store Payment Card Verification Codes/Values
Card Not Present Security Codes/Values are the 3 and 4 digit printed numbers on your payment cards used to verify card-not-present transactions. PCI DSS has been crystal clear for many years that payment Card Verification Codes/Values are Sensitive Authentication Data (SAD) and can't be stored after transaction authorization except by card Issuers. Specifically PCI says:
How can I tell if the site I shop from is secure? | blog | Control Gap
Payment card breaches concern customers and businesses alike. A recent epidemic of e-commerce breaches is focusing attention on what makes a website more or less secure than others. The old advice of looking for the “security lock” and the “green location bar” are simply not-adequate anymore.