Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Information Security News: Credit card companies form security council

Credit card companies form security council

From: InfoSec News <alerts_at_infosecnews.org>
Date: Fri, 8 Sep 2006 03:03:46 -0500 (CDT)

http://news.com.com/Credit+card+companies+form+security+council/2100-1029_3-6113512.html

By Erica Ogg
Staff Writer, CNET News.com
September 7, 2006

The five major credit card companies have teamed up in the interest of
better security.

American Express, Discover Financial Services, JCB, MasterCard Worldwide
and Visa International announced Thursday the creation of an
organization to develop and maintain security standards for credit and
debit card payments. It's the first time the five brands have agreed on
a single, common framework.

The newly formed Payment Card International (PCI) Security Standards
Council will manage the PCI Data Security Standard, first established in
January 2005 with the intention of making its implementation more
efficient for all parties involved in a payment card transaction. That
includes merchants, payment processors, point-of-sale vendors, financial
institutions and more than a billion card holders worldwide.

The companies have come together despite being in competition with each
other because they say ensuring better security will benefit everyone.

"First of all, it's to protect the information of our mutual customers
and to make the process of data security compliance easier," said Rob
Tourt, vice president of network services for Discover.

Having a single data security standard is a critical issue for the
entire industry and will simplify the process, said Brian Buckley,
Visa's senior vice president of international risk management.

"Our view is that this is first and foremost an important initiative to
get data security in place for payment cards," he said.

Having the common accepted set of rules should foster broader
compliance, said Bruce Rutherford, MasterCard's vice president of
payments. Those rules include instructions on proper data encryption,
common technical standards and security audit procedures.

The first action of the new council was to update the PCI security
standard, which was promised in May. The revision gives instructions for
how to implement the new standards and clarifies language that was
previously considered vague. For example, terms such as "periodically"
and "regularly" were swapped for definite deadlines like "annually" or
"quarterly" where appropriate. A statement released by the newly formed
council said the revisions were the result of feedback from vendors,
merchants and payment processors.

_________________________________
HITBSecConf2006 - Malaysia
The largest network security event in Asia
32 internationally renowned speakers
7 tracks of hands-on technical training sessions.
Register now: http://conference.hitb.org/hitbsecconf2006kl/
Received on Sep 08 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]