MasterCard Requires ‘Authorized’ QSA for Level 1 & 2 Merchants
MasterCard announced a new requirement for Level 1 and Level 2 Merchants, mandating these two groups must use an authorized Qualified Security Assessor (QSA) to conduct a PCI DSS security assessment....
View ArticleJust What Is the Cost of a Breach?
What is the cost of a breach to a retailer?We get asked this question all the time. Putting a number on this is exceptionally hard with so many variables coming into play. We expect that it is “a lot”...
View ArticleMasterCard’s changes could affect 2000 merchants
SearchSecurity’s Marcia Savage put together a great summary and industry response to increased PCI requirements announced last week by MasterCard. The new rules, she reports, will mean that merchants...
View ArticleHas your third party vendor put you at risk?
Since 2006, over 70 retailers and payment processors have disclosed breaches that involved tens of millions of credit and debit card numbers, this according to the Privacy Rights Clearinghouse.As more...
View ArticleNearly 90% ‘trying to implement PCI Compliance process’ says report
A new report out from the Institute of Internal Auditors reveals that nearly 90 percent of companies surveyed are trying to implement a PCI compliance process. The report also says that 56 percent of...
View ArticleNew research: Biggest card security risk is at merchant level
Malware, counterfeit card fraud and card-not-present fraud are at the top of the list of threats to merchants today, according to a new report from the research firm Aite Group this month. The research...
View ArticleUnwelcome holiday present: small merchant data breaches
Black Friday is a few days away, the holiday shopping season will soon be in full swing, and retail sales reports will be read like tea leaves for signs that the recession will soon be just a bad...
View ArticleCaveat merchant: new keylogger stealing credit card data
Just in time for holiday shopping, the forensics team at SecurityMetrics has discovered a new keylogger that is being used to pilfer cardholder information. The new hacking tool – Logixoft’s Revealer...
View ArticleThree Ways Merchants Can Beat Hackers
In the last 8–10 years the expertise of hackers has grown immensely. It is imperative that your company and your merchant portfolio are PCI DSS compliant at all times to protect against these...
View ArticlePANscan, a Tool you Can't Afford to Miss
Are you unknowingly storing unencrypted cardholder data on your computer?Sound like a reasonable question?It’s certainly an inquiry that many businesses don’t usually even consider.An inquiry that if...
View ArticleWireless Security Tips
Many merchants lose credit card data simply because their wireless security is not up to par. Here are a few, simple tips that will help merchants attain a higher level of security.In the security...
View ArticleCredit Card Data Discovery - Part 1 of 2
"We're not endorsing any discovery tools. But before you bring in a QSA, you really need to use some kind of methodology to find where cardholder data is on the network. Before, we hadn't really talked...
View ArticleCredit Card Data Discovery - Part 2 of 2
Regardless of the search tool you choose you must have some ideas of where to look for card data. As mentioned above, the most important part of this discovery process is to do a thorough analysis of...
View ArticleRenewal
Recently, I’d received multiple renewal notifications from my auto insurance provider prompting me to renew my policy. When I received the first email reminder I clearly understood the benefits of...
View ArticleSimplify PCI
To fulfill SecurityMetrics objective of simplifying PCI Compliance for its customers, SecurityMetrics has invested heavily in technology and in our staff who work directly with customers.A major...
View ArticleClik here to view.
7 Reasons a Business Should Use SecurityMetrics PANscan
SecurityMetrics PANscan was officially launched in March 2011. The software helps many merchants find and eliminate unencrypted payment card data stored on their computer networks. The following seven...
View ArticleA Guide to PCI Validation
The following list provides recommendations to help merchants before, during, and after PCI validation is achieved. This list was created to help merchants avoid fines that often result from...
View ArticleAre All Approved Scanning Vendors Alike?
Businesses on the Payment Card Industry Security Standard Council’s (PCI SSC) approved list of scanning vendors (ASVs) undertake extensive testing. The tests cover how potential ASVs handle scan...
View ArticleClik here to view.
Successful Merchant Portfolios Do Exist
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 16.0px 'Times New Roman'} p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 16.0px 'Times New Roman'; min-height: 18.0px} p.p3 {margin: 0.0px 0.0px 0.0px 0.0px;...
View ArticleClik here to view.
Not Validating IRS TIN Records May Mean 28% Revenue Withholding
When you receive a letter from your merchant processor asking you to validate your Tax Identification Number (TIN) and legal business name with your merchant processor, it's important that you do it....
View Article