FTC Loses Data Security Case, But Defendant Loses Too

November 18, 2015 • Published by David Abouchar Industry TopicsData Breaches, FTC, Healthcare, LabMD, Legal Case

Like the Wyndam Hotel case, the FTC was going after LabMD for suboptimal data security practices that led to consumer harm. Despite winning the case, LabMD has been affected in a big way. The cost and distraction of the legal battle drove the company out … Read more

How To Select A PCI Compliant Service Provider: Advice For Small Business Owners

June 13, 2013 • Published by David Abouchar PCI 101Merchants, QSA, Service Providers, Small Business, SMB

Service providers are a key component to ensuring compliance. Outsourcing to a PCI-compliant service provider is one of the best ways business owners can help reduce their PCI obligations and risk of a data breach. As a business owner, it is your responsibility to make … Read more

The PCI SSC Releases New Mobile Payment Acceptance Security Guidelines for Developers and Device Manufacturers

September 25, 2012 • Published by David Abouchar Archive, Industry TopicsAcquirers, Cloud, Council, Device Manufacturers, Encryption, ISOs, Mobile, P2PE, SSC

The Payment Card Industry Security Standards Council (PCI SSC) released new guidelines during its recent Community Meeting in Orlando. The new Mobile Payment Acceptance Security guidelines apply to the payment applications identified in Mobile Payment Acceptance Application Category 3, and they give software developers and mobile … Read more

The PCI SSC Releases its P2PE SAQ

July 5, 2012 • Published by David Abouchar Archive, Industry TopicsAcquirers, AoC, Council, Encryption, ISOs, Merchants, Mobile, P2PE, P2PE-HW, SAQ, Small Business, Smartphone, SMB, SSC, Tablet

In May the PCI Security Standards Council (SSC) published a fact sheet to offer guidance for merchants evaluating technology to accept payments using a smartphone or iPad/tablet. Read More