October 27, 2020 •
I’d like you to think about something: What, in your mind, is going to be the next mass exploitation of cardholder data affecting the secure e-commerce of small and medium online retailers? What simple mistake or mistakes are being consistently made by these retailers that will lead to the next rash of mass theft of credit card data? We’ve actually just seen a sign of the coming attacks.
E-Commerce Security • Website Security
May 1, 2020 •
We can learn a lot from the same protective measures that are working to defeat this insidious coronavirus enemy. The parallels are striking between the social and professional measures that are swiftly becoming business-as-usual, and the security measures that should have been business-as-usual all along. Now may be the perfect time to remind ourselves of a few.
Coronavirus • Endpoint Security
March 23, 2020 •
While quantum capabilities are still a few years out, it’s important to be thinking about their future impacts to our crypto systems today. How will we prepare and upfit our systems to meet the challenge of tomorrow’s adversaries? There are four important things we need to be thinking about when building crypto-agility into our applications and systems for the coming quantum era.
Encryption • PCI Compliance
March 10, 2020 •
The more we think about data privacy, the more we realize how complex it truly is. From both the technical and the legal side, there are new capabilities that are exciting and offer an incredible capacity for use cases we haven’t even considered. Some of the topics discussed at the RSA 2020 Conference that are worthy of consideration focus on these new and emerging services, and how they must be viewed through the lens of personal privacy.
Encryption • Privacy
October 10, 2019 •
As of last week—October 1 to be exact—all new assessments for protection of payment card personal identification number (PIN) data must be performed against the latest Payment Card Industry (PCI) PIN Security Requirements and Testing Procedures, version 3.0. The now-effective PCI PIN Security Standard includes changes to requirements and sunset dates that may have a […]
Encryption • Payment Security • PCI Compliance
August 13, 2019 •
A new exploit known as e-commerce skimming is making the rounds. The PCI SSC recently released a blog warning of the growing threat of digital skimming, followed immediately by a bulletin from Visa warning of the same. There are three important areas to consider that will help protect your website from e-commerce skimming.
Coronavirus • Payment Security • Website Security