Tokenization News, Articles and Updates
When it comes to credit card fraud, the hospitality industry has offered an attractive target for cyber criminals. Now, one trade group is helping these properties overcome security and compliance hurdles with a new framework.
Tokenization solutions can simplify the requirements of PCI DSS by taking systems that no longer contain sensitive credit card numbers out of scope, according to a new guidance document from the PCI Council.
Five days after RSA announced that its systems were breached by a sophisticated attack, details remain scant about how customers of its SecurID two-factor authentication products may be affected.
The group responsible for managing payment security rules plans to release two new guidance documents early next month assessing the impact of emerging data security technologies on payment card security.
Security professionals must consider all the options available to them to secure cardholder data.
Visa on Wednesday released a four-page document that offers best practices for tokenization, the process by which 16-digit credit card numbers are replaced with unique symbols. The guidance is meant to reduce risk for merchants, vendors, service providers and acquiring banks. It covers such areas as detecting suspicious activity so attackers cannot compromise the token system. In addition on Wednesday, Visa, in conjunction with the National Retail Federation trade group, clarified its operating rules around storage of sensitive information. According to the card brand, issuing banks must accept a disguised or truncated card number on transaction receipts for dispute resolution. Also, merchants are permitted to store disguised or truncated card numbers to reduce the amount of data that could be retrieved by attackers. — DK
SC Magazine Articles
- Blasphemy! Godless malware preys on nearly 90 percent of Android devices
- 'Password attacks' continue; Citrix becomes latest victim
- Guccifer 2.0 out - Cozy Bear, Fancy Bear hacked DNC, Fidelis analysis shows
- Acer breach caused by improperly stored data
- Check Point tracks two waves of Cerber ransomware hitting U.S., UK
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- MIRCOP ransomware blames victim for attack, demands $28K ransom
- CYBERCOM 'reluctant' to cut off Islamic State internet
- Chinese tech professional caught selling secrets
- How 154M U.S. voter records will affect Americans' security - industry reacts