PCI Requirements [Was: Re: Windows-Based ATM Machine Hacked, Gets 'Painted']

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- "James (njan) Eaton-Lee" <james.mailing () gmail com> wrote:

> This may not be an ATM, but.. a large proportion of the security of an 
ATM is derived from the (actually fairly complex) security standards set 
for these. Visa's own "PIN Entry Device"  (PED) requirements 
(http://partnernetwork.visa.com/dv/pin/main.jsp), and the Payment Card 
Industry standards are two examples of such standards.
>


...if companies which handle credit/debit card transactions actually
follow these guidelines.

The reason I mention this is that, if I recall correctly, this was
the issues with (specifically) TJX -- they 'chose' not to follow the
PCI requirements.


- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFF4x24q1pz9mNUZTMRAm+PAJ9jKH8/IoUf2VPIBrRzpeXPtuVWJgCgu6ek
gQGi4UzzG6GkgdfyS8Yu2JI=
=ObPQ
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.