According to the global 2015 Cost of Data Breach Study by the Ponemon Institute, the average total cost of a data breach for the participating companies increased 23 percent over the past two years to $3.79 million. Now breach costs are likely to rise further as banks...
Payments
It’s Not Just a Check The Box Exercise: Building a Culture of Compliance
Last week I outlined ideas on implementing appropriate best practices in structuring effective compliance programs. Leveraging program management disciplines can streamline the logistics of compliance management. However, process alone is not sufficient without the...
Joint Advisory Bulletin: Mobile Payment System Vulnerability
Earlier this month, the U.S Secret Service, in collaboration with the Payment Card Industry (PCI) Security Standards Council, released a Joint Advisory Bulletin: Mobile Payment System Vulnerability. The advisory discuses the Growing Criminal Exploitation of...
PCI and Tomorrow’s Payments Security Environment
Every so often it’s useful to sit back and reexamine a subject from a 40,000 foot perspective. In the last six to eight weeks, three unrelated items have caused me to do just that as I think about security issues in the payments card arena, never an easy subject even...
Happy New Year EMV
2014, on balance, was a very good year for progress in securing electronic retail payment transactions. Most importantly, many of the key payments stakeholders seemed to coalesce around the general understanding that three basic tools, EMV chip cards, payment...
Apple Pay is Live and Has (Just) A Few Hiccups
Apple Pay hit the streets with the release of IOS 8.1 the week of October 20th and at least at the physical point of sale, the mechanics largely seem to be working as planned. With the exception of about 1000 Bank of America customers who experienced quickly corrected...
Apple Pay – And Dynamic Payment Tokens
Although Apple’s payments announcement on Tuesday was not a surprise, the platform’s mechanics were largely unknown before Tim Cook’s on-stage introduction at the Flint Center in Cupertino. Cook set the context for Apple’s payments vision quite accurately: “Most...
Payment Token Implementation Do’s and Don’ts
With an estimated 70% of US credit cards likely to be EMV chip ready by the end of next year ((70 Percent of U.S. Credit Cards to Include EMV Chips 2015, Computer World, June 16, 2014,...
Holiday Reading
One of the great things about the holiday season is the time it provides to read and explore items that might otherwise be passed over and forgotten. This season, payment gurus had lots of eye candy in the form of 187 responses to the Federal Reserve Board’s request...
PCI 3.0
Although it seems as if the Payment Card Industry Data Security Standard (PCI DSS) was launched yesterday, the standards organization was in fact created in 2006 to consolidate and better promulgate the major credit card organizations’ then overlapping data security...