Payment Security News, Articles and Updates
Visa is advising its customers to be wary of phone scams in which fraudsters request their credit card information under the guise that they need it for "security reasons" in light of the major data breach that affected Global Payments, according to a Tuesday alert from Visa.
Over the past few years, adoption of and compliance with PCI standards has made it more challenging for criminals to steal large volumes of credit card data.
Visa has enhanced the security of its electronic credit card authorization system, known as VisaNet, to improve the speed and accuracy of fraud detection, the card brand announced Thursday. Earlier this year, Visa improved the processing platform of its Advanced Authorization technology so that it can analyze more information and perform more functions faster. "This provides Visa with a comprehensive view into the global payments system, leading to high levels of intelligence around spending patterns and improving the company's ability to detect and prevent fraud in near real-time," Visa said. The company believes the improvements could lead to a 29 percent gain in fraud detection over 2009. - DK
Grocery chain Aldi is warning customers that their payment card information may have been stolen after fraudsters placed altered point-of-sale terminals at a number of Aldi stores in 11 states.
Developments to the PCI standard: Interview with Jeremy King, European head of the PCI Security Standards CouncilSeptember 29, 2010
SC Magazine's Angela Moscaritolo recently traveled to Orlando, Fla. to the PCI Security Standard Council's annual North American Community Meeting to learn about the latest changes to the payment security standard and what merchants can expect in the form of additional guidance to reduce their compliance scope. During her trip, she sat down with Jeremy King, who heads the PCI Council's European operations, to discuss the developments.
Visa on Tuesday announced best practices for companies to use when implementing, installing and managing programs that process payment applications. The guidance will complement the existing Payment Application Data Security Standard (PA-DSS), which prescribes 14 requirements for software developers that build programs that process credit card payments. The Visa payment application best practices, developed in conjunction with the SANS Institute, include 10 guidelines and can be downloaded here. They are meant for vendors, integrators and resellers. — DK
The body that manages PCI guidelines has released a summary of expected changes, but merchants will not find any mention of emerging data security technologies.
A new configuration of the Zeus trojan is targeting the customers of 15 leading U.S. banks by injecting a phishing page that seeks to steal sensitive information.
SC Magazine Articles
- WordPress Summer of Pwnage: 64 holes in 21 days
- Deal with the devil: Ransomware experiment proves you can negotiate price down
- 2.3 million 'Warframe,' 'Clash of Kings' accounts compromised
- Microsoft EOP exposes users to data breaches, whitepaper
- Cerber ransomware C&C server shut down by research firm and CERT-Netherlands
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- Russian hackers take the stage at DNC convention
- TSA master key hackers expose dangers of physical and digital key escrow policies
- Patchwork cyberespionage campaign branches out to strike businesses
- Proliferation of hacker culture helped keep Anonymous from being branded terrorist org
- SC wins three top national honors from ASBPE