End-To-End Encryption

Standards body to certify PCI end-user experts

By

The PCI Security Standards Council is planning to soon launch a program where one can certify their expertise in preparing their organizations for PCI assessments.

Encryption bans in the name of fighting terrorism hurt security

Encryption bans in the name of fighting terrorism hurt security

Governments need to fight terrorism in ways other than prohibiting the encryption of networks, a technology that is essential to locking down business' private communication.

Firefox add-on allows session hijacking of popular sites

By

A computer researcher has released a plug-in for the Firefox web browser that lets anyone scan open Wi-Fi networks and hijack, for example, Twitter and Facebook accounts.

PCI Council releases guidance on emerging technologies

By

The PCI Security Standards Council, tasked with managing the Payment Card Industry Data Security Standard (PCI DSS), on Tuesday issued two new guidance documents assessing the impact of emerging data security technologies on payment card security. One paper focuses on point-to-point encryption (P2PE), also commonly known as end-to-end encryption, an emerging technology used to mask cardholder data from point-of-swipe through processing. Properly implemented, P2PE will allow merchants to reduce their scope in complying with the PCI DSS, according to the document. A separate guidance document is focused on EMV, a global standard for authenticating credit and debit card payments. EMV and PCI DSS should complement each other and not be seen as competing standards, according to the PCI Council. — AM

Developments to the PCI standard: Interview with Jeremy King, European head of the PCI Security Standards Council

By

SC Magazine's Angela Moscaritolo recently traveled to Orlando, Fla. to the PCI Security Standard Council's annual North American Community Meeting to learn about the latest changes to the payment security standard and what merchants can expect in the form of additional guidance to reduce their compliance scope. During her trip, she sat down with Jeremy King, who heads the PCI Council's European operations, to discuss the developments.

A fraud by any other name still smells as nasty, Part I

To get a basic understanding of what drives cyber fraudsters, ESET's Jeff Debrosse provides some insight as to what makes them tick.

Sign up to our newsletters

POLL