Entries from Insight-Driven Retailing Blog tagged with 'PCI'
David Taylor
I was very saddened to hear that David Taylor, founder of the PCI Knowledge Base, unexpectedly died of a heart-attack yesterday. Apparently his website will live on. Evan Shuman's note says it better than I could....
Which is Worse: H1N1 or SQL Injection?
Today Michael Barnett, one of the engineers at Oracle Retail that worked on our PA-DSS (PCI) certification, sent an email to R&D that said: SQL Injection has regained the lead as the most popular of Web attacks, including Heartland, Hannaford...
Has Tokenization Come of Age?
When I first heard about credit card number tokenization, I couldn't believe I missed such a simple solution. I was so focused on complex encryption that I didn't "think out of the box." Since then I know of several retailers...
OEM for Retail
It costs a lot to maintain all the different systems necessary to run a retail business. To complicate matters, the systems are distributed so in addition to all the computers at headquarters, there are servers located in the stores, distributions...
PCI Security Standards Are Not Good Enough
I logged into my bank account this evening and saw a message about reissuing certain cards that may have been breached. It turns out that Heartland Payment Systems, a payment processor, discovered a sniffer hidden in an unallocated disk partition....
Back from NRF 2009
Now that I'm back from NRF, retail's "big show" in NYC, here are my impressions of the event. 1. The only gadget that caught my attention was Microsoft's Tag. Its basically a barcode created to work well with mobile phones,...
Stealing Your Credit Card Number
I guess its possible that credit card theft has been happening all along but just wasn't widely reported in the press. But it seems to me that large scale attacks are just as prevalent now as they were four years...
Whitelists are Better than Blacklists
As any retailer knows, there are 12 requirements in the Payment Card Industry (PCI) regulations. Requirement 5 is "use and regularly update anti-virus software." The problem with running anti-virus on registers is that they take precious resources, both CPU cycles...
Securing the Retail Enterprise
Every retailer is well aware of the Payment Card Industry (PCI) and its Data Security Standard. Breaches exposing credit card data at several prominent retailers have been publicized ad nausea. On the one hand I'm pleased to get increased questions...
Search All Blogs
Google Search
Feed Subscription
If you use an RSS reader, you can subscribe to a feed of all future entries tagged 'PCI'.
