PCI Compliance at Breached Companies 50% Less Likely

Research is now showing breached organizations in the card industry are 50% less likely to be PCI compliant. Also, only 22% of organizations are compliant initially while the majority of the fully compliant organizations are veterans of the process and not required to comply with all of the requirements. This is according to the Verizon Business and its “Verizon Payment Card Industry Compliance Report” examining the importance of PCI DSS compliance. Based on findings from PCI DSS assessments conducted by Verizon’s team of PCI Qualified Security Assessors in 2008 and 2009, and a review of a sample of approximately 200 assessments, the report shows organizations meet 81% of the procedures required by PCI; 75% met at least 70% of the testing procedures; 11% met less than half the testing procedures; organizations that suffer a breach are 50% less likely to be compliant with the standard than PCI customers. Top attack methods used to compromise payment card data include malware and hacking 25% of the time, SQL injections 24% of the time and exploitation of guessable credentials 21% of the time.

Details

PlaySpan’s Achieves PCI Level 1 Compliance

PlaySpan monetization solutions for digital goods, social networks, online games and videos has received Level 1 certification of PCI-DSS for its Monetization-as-a-Service Platform from the PCI Security Standards Council. PlaySpan also achieved SAS 70 (Statement on Auditing Standards No. 70), one of the most stringent auditing standards for service companies. SAS 70 was developed by the American Institute of Certified Public Accountants (AICPA) for service providers that wish to demonstrate a high level of control effectiveness to independent auditors.

Details

Innotrac Achieves 2010 Level 1 PCI DSS Compliance

Innotrac Corporation has achieved 2010 Level 1 compliance validation with the PCI DSS, validated by Trustwave PCI DSS compliance management solutions. Innotrac Corporation is a technology-based integrated fulfillment and Customer Care solutions provider serving enterprise clients and world-class brands. The Company employs sophisticated order processing and warehouse management technology and operates seven fulfillment centers and one call center spanning all time zones across the continental United States.

Details

VHA to Provide BofA Purchasing Cards and ePayables

Bank of America Merrill Lynch has signed a three-year agreement with VHA health care network to provide purchasing cards and ePayables to VHA member organizations nationwide. This allows VHA members to enjoy rebates on charge-related activities based on volume. VHA serves 1,400 not-for-profit hospitals and more than 30,000 non-acute care providers across the U.S., with a platform for members to network and collaborate on solutions to common challenges. Bank of America Merrill Lynch purchasing card and ePayables solutions will help VHA members eliminate paper-intensive processes involved in purchases and vendor payments allowing them to manage available funds in real time, reducing risk and increasing control.

Details

VeriFone Acquires 80% Ownership in Italy’s ABS

VeriFone Systems has acquired an 80% ownership of Italy integrator and software developer All Business Solutions (ABS) from ABS’ founders and from ACI Informatica for undisclosed terms. ABS provides a single integrated technology platform and professional services for transaction-based applications including prepaid, loyalty, fare collection, ticketing and restaurant on its “ABScard” gateway and loyalty platform. The multichannel “ABScard” system is capable of processing secure transactions from mobile phones and smart phones, self-service kiosks, web browsers and traditional POS devices. ABS has developed customer solutions in multiple markets, particularly banking, transportation and hospitality. VeriFone secure electronic payment solutions meet the needs of merchants, processors and acquirers worldwide.

Details

BB&T Launches Low Volume RDC Solution

BB&T has introduced its “OnSite Deposit Low Volume” remote deposit solution for low-check-volume business clients. The “OnSite Deposit Low Volume” is designed to cost effectively meet the needs of clients who deposit less than 200 checks per month and eliminates the expense of purchasing a scanner. It allows businesses to make deposits using their computer and Internet connection until 7 p.m. ET on bank business days for same-day credit. It also provides access to two years of deposit activity and deposited check images. The service package includes an easy-to-install and use scanner and scanner maintenance.

Details

RegaloCard Partners to Add Over 300 Locations

FL-based RegaloCard mobile payments company is welcoming Unicomer Group Central American retailer to its mobile payments network. For use on any mobile phone and carrier worldwide, the RegaloCard service allows users to send instantly and for free as little as $10, now through the over 300 Unicomer retail locations spanning Guatemala, Honduras, El Salvador, the Dominican Republic, Nicaragua and Costa Rica. With this, RegaloCard can be used to purchase computers, furniture, toys, home furnishings, children’s items, mobile phones, sporting goods, and consumer electronics offered at any of their numerous locations in Central America.

Details

MasterCard to Host Tour of Card Data Security Conferences

MasterCard is set to kickoff its annual European “Global Risk Management Conference” in Barcelona, Spain from Nov. 1-5. The association will then host two concentrated forums in Dubai, United Arab Emirates on Nov. 7-8 followed by Johannesburg, South Africa on Nov. 11-12. The conferences will offer strategies and tactics to help ensure data security professionals anywhere in the world are up-to-speed on the payment card fraud prevention best practices. The Conferences will also consider global fraud issues and challenges specific to the respective markets. Also featured will be the MasterCard “Plastic Card Vendor Seminar,” to focus on its “Global Vendor Certification Program” and the new Card Structure and Integrity Program, as well as recent developments with contactless, near-field communication, Chip and PIN, and mobile payment card technologies.

Details

PMC-Sierra Showcases Semiconductors at EXPO/COMM

PMC-Sierra will showcase PON, Converged Carrier Ethernet and OTN semiconductor solutions that enable high-performance broadband connectivity at P&T EXPO/COMM from October 11-15. It will demonstrate high-performance, field-proven end-to-end FTTH solutions combined with innovative Ethernet over Coax partner technology that offers cable operators capabilities to enable FTTx deployments that efficiently drive fiber deeper into the cable networks. Several customer GPON ONTsolutions will also be on display. PMC-Sierra is an Internet infrastructure semiconductor solution provider, offering semiconductor solutions.

Details

Port of Houston Buys Intellicheck Mobilisa TWIC Readers

Port of Houston, Texas purchased the Intellicheck Mobilisa access control and wireless security “TWIC” readers. The Port of Houston is the busiest port in the United States in terms of foreign tonnage, second-busiest in the United States in terms of overall tonnage, and sixteenth-busiest in the world. As of early September, over 124,000 TWIC credentials had been activated in the Houston metropolitan area. The Transportation Worker Identity Credential, or TWIC, program is a Transportation Security Administration and U.S. Coast Guard initiative to provide tamper-resistant biometric identification cards to port facility workers.

Details

EMVCo Qualifies COMPRION Test Tool for EMV Testing

The “IT³ EMV” by COMPRION handset test equipment provider for the (U)SIM interface, has been qualified by EMVCo of American Express, JCB, MasterCard and Visa as a recognised test platform for payment terminal Contact Level 1 Electrical Type Approval. COMPRION is the global leading manufacturer of comprehensive standard test equipment for Smart Card interfaces with more than 15 years experience in Smart Card technology. COMPRION develops, manufactures and markets test and measurement equipment for Smart Card Vendors, Smart Card Issuers and Terminal Manufacturers across various market sectors and technologies. With its EMV Specifications, EMVCo advances global interoperability and compatibility of chip-based payment cards and acceptance devices. Banking and other payment terminals need to be successfully tested and approved by an EMVCo accredited test laboratory to conform to the EMV Test Specifications. For EMV Contact Level 1 Electrical Testing, the IT³ EMV has been appointed as a qualified Contact Level 1 Electrical Type Approval Test Tool.

Details

MEDHYBRID

First Data’s TeleCash network operator has begun marketing the Hypercom “medHybrid” multifunction healthcare and credit/debit card payment terminal. The high security “medHybrid” incorporates two card readers to process the German health insurance cards (KVK and eGK) as well as credit and debit card payments. The Hypercom “medHybrid” has received e-Health BCS (Basic Command Set) approval from Gematik, the German healthcare organization. It is approved as compliant with the current EMV POS terminal specification from the Central Credit Committee (Zentraler Kreditausschuss — ZKA) in Germany, and approved by BSI (the German Federal Agency for Security in Information Technology).

Details