Got 100 grand to spare? Or would a breach be a death sentence for your small business? Seems like just about every day there’s a familiar company name in the news, along with the words “hacked” or “breached.” These are typically medium to large-sized businesses … Read more
According to recent statistics from Visa, 80% of small-business data breaches are associated with insecure implementation and/or servicing by point-of-sale (POS) integrators and resellers. The activities leading to these breaches are in direct violation of the PCI DSS, and Visa has taken action by issuing … Read more
“A QSA’s Deja Nightmare” A QSA walks into a bar (or gas station chain, or retail organization, etc.) to perform a PCI assessment. The bartender/owner says, “We just have some policies for you! We use <<insert POS company name>> POS, and it is PCI compliant.” … Read more
“Bureaucratic bull crap.” “A waste of my time.” “Simply not relevant.” Many small business owners wonder why they would ever need to comply with a security standard like the PCI DSS. Some wonder quietly and some more vocally. Either way, it’s an important question to … Read more
Know Your Customer There’s an acronym we use in the payments industry: KYC. With KYC, which is Know Your Customer, we’re referring to ISOs’ and acquirers’ need to know the type of business each of their merchants conducts. If due diligence for KYC doesn’t take place, … Read more
The United States Computer Emergency Readiness Team (US-CERT) has issued an advisory warning of a new POS malware that, “at the time of discovery and analysis…had low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could … Read more