|
| |
|
|
|
|
|
|
Industry News
|
TJX Breach Details Revealed |
|
|
|
Attorneys suing retailer TJX have added to their original
complaint, relying on newly discovered details regarding the company’s widely
reported security breach.
In a news story in E-Week, it was revealed that TJX failed to
comply with nine of 12 applicable PCI requirements and that the data thief
managed to walk away with 80 gigabytes of data on TJX customers.
|
|
Read more...
|
|
Processing powerhouse TSYS will become an independent public company under a plan unveiled by SYNOVUS, which currently owns about 80 perxcent of outstanding TSYS shares. Under the plan, holders of SYNOVUS shares will each receive a proportionate share of the TSYS stock held by SYNOVUS.
Officials of both companies say the change in status will not lead to siugnificant changes in the identity or operations of TSYS, which will remain headquartered in Columbus, GA.
|
|
|
Visa to Push on Compliant Applications |
|
|
|
Beginning January 1, 2008, Visa will implement a series of mandates to eliminate the use of non-secure payment applications from the Visa payment system. These mandates require acquirers to ensure their merchants and agents do not use payment applications known to retain prohibited data elements and require the use of payment applications that adhere to Visa’s Payment Application Best Practices (“PABP”). PABP-compliant applications help merchants and agents mitigate compromises, prevent storage of prohibited data and support overall compliance with the Payment Card Industry Data Security Standard (“PCI DSS”) and the Visa U.S.A. Inc. Operating Regulations. A list of PABP-validated applications is available at www.visa.com/pabp.
Vulnerable payment applications have proved to be the leading cause of compromise incidents, particularly among small merchants. Visa U.S.A. Inc. Operating Regulations prohibit the storage of the full content of any magnetic-stripe, CVV2 or PIN data and require compliance with the PCI DSS. Merchants and agents that use payment applications that store prohibited data or have inherent security weaknesses will not be compliant with the PCI DSS and are at high risk of being compromised.
|
|
|
Treasury Seeks Proposals for Switching to Electronic System |
|
|
|
The U.S. Treasury asking for proposals to help it bring part of its operations into the electronic age. From the official notice:
The Financial Management Service (FMS), U.S.
Department of the Treasury, is soliciting proposals from commercial banks that
are interested in becoming the developer of the Over the Counter (OTC) channel
application and service provider for the day to day management of the
Government's OTC channel.
FMS seeks a dynamic service provider with a
pioneering spirit and a culture that supports excellence, to lead a revolution
in the way in which the Government conducts OTC revenue collection. This
solicitation represents an opportunity to transform the OTC revenue business
line from an aged paper based, multi-system business model, to a web enabled
retail business model that we envision will serve as the benchmark for the
business world. FMS requests that interested and eligible Financial
Institutions (as defined in the notice) capable of providing these services to
the Federal Government respond with a proposal, in accordance with the
requirements specified in the notice.
The full notice can be found here.
|
|
|
California Governor Vetoes Data Security/Reimbursement Legislation |
|
|
|
Gov. Arnold Schwarzenegger has vetoed legislation
that would have codified many aspects of the Payment Card Industry Data Security
Standard (PCIDSS) and held merchants (and others) responsible for the costs
associated with notice and card replacement.
The bill (AB 779) would have created specific requirements for handling
payment card data similar to those found in the PCIDSS and required entities
subject to a breach to be held responsible for “all reasonable and actual costs”
associated with notice and card replacement.
Entities that could “demonstrate compliance” with the payment data
handling requirements would have been exempt from the reimbursement
provisions.
|
|
Read more...
|
|
| | << Start < Previous 11 12 13 14 15 Next > End >>
| | Results 100 - 108 of 134 |
|
|
ETA Members Only |
| member information
membership status
member-only content | |
|
|
|
|
