Welcome to Delicate template
Header
Just another WordPress site
Header

On October 1, 2015 Visa, MasterCard, Amex, and Discover will be instituting a liability shift for fraudulent transactions. If either the merchant or the issuer (the customer’s bank who issued the credit/debit card) are not EMV-compliant and the other is EMV-compliant, then the party with the lesser technology will bear the liability for card-present transactions that are found to be fraudulent. In other words, the party that has made investment in EMV deployment will be protected from financial liability for card-present counterfeit fraud losses. If neither or both parties are EMV-compliant, the fraud liability remains the same as it is today.Read more

Geoff Wilson

Geoff Wilson

Geoff Wilson currently serves as a Principal Security Consultant at TRUE and is also an Adjunct Professor teaching a graduate-level Information Security course at the University of Oklahoma. He specializes in IT GRC, security program development, compliance, risk and vulnerability assessments, web application security, and security training and awareness. Mr. Wilson holds an M.S. in Information Security Technology and Management from Carnegie Mellon University and a B.S. in Computer Science from the University of Oklahoma. Additionally, he holds a CISSP certification and is a PCI QSA.

More Posts - LinkedIn

In light of the recent Target event, there has been an uptick in activity around malware that specifically targets Point of Sale systems. The most common ones that seem to be referenced are the following:

BlackPOS: Affects Windows-based Point of Sale systems. The attack essentially sits in between the card reader and the POS application. Track data (data that can be used to replicate a physical credit card) is extracted and uploaded to a remote server via FTP.Read more

Jerald Dawkins

Jerald Dawkins

Dr. Jerald Dawkins is the CEO and Founder of TRUE and has extensive experience in regulatory compliance, technical risk assessments, penetration testing, web application vulnerability analysis and secure coding. Dr. Dawkins is the author of numerous publications and presents at national and international conferences. He holds the following certifications: CISSP, NSA IAM, and CNSS 4011-4015.

More Posts

Not to make light of the gravity of the event, but here we go again – Consumers are subjected to another round of warnings about yet another credit card information breach! Unfortunately, these data breach warnings are in danger of becoming as common as the daily weather report. This time the source of the breach, which affects Visa and MasterCard credit and debit cards, has been laid at the feet of Atlanta-based payment processor Global Payments. Global Payments self-reported that unauthorized access into its processing system had indeed taken place earlier this year.

Read more

Valerie Jacobi

Valerie Jacobi

Valerie Jacobi is a Guest Contributor for True Digital Security and has extensive experience in security policy and procedure development, controls design and testing, auditing, and consulting. Valerie holds CISSP and CISA certifications.

More Posts - Website

Implementing tokenization is much more about understanding how your organization interacts with payments than it is simply rolling out a device that will tokenize payment card data. Many tokenization solutions in the market today are a “silver bullet” and can remove your environment from PCI scope. Beware though, most solutions address only one piece of the tokenization puzzle.Read more

Alex Pezold

Alex Pezold

Alex is the Director of Business Development at True. He is a Certified Information Systems Security Professional (CISSP) and holds Committee on National Security Systems (CNSS) certifications for Designated Approving Authority and Information Security System Professional. Alex has a Masters of Science in Computer Science, with an Information Security emphasis, and has participated in the Federal Service Cyber Corps Program sponsored by the National Science Foundation and Department of Defense.

More Posts

Don’t be fooled. Implementing tokenization may not be as easy as they say. In fact, depending on your environment, implementing tokenization can be quite complex. For instance, if your company is a wholesaler and takes payments through multiple channels, implementing tokenization in all of those channels can be quite challenging.Read more

Alex Pezold

Alex Pezold

Alex is the Director of Business Development at True. He is a Certified Information Systems Security Professional (CISSP) and holds Committee on National Security Systems (CNSS) certifications for Designated Approving Authority and Information Security System Professional. Alex has a Masters of Science in Computer Science, with an Information Security emphasis, and has participated in the Federal Service Cyber Corps Program sponsored by the National Science Foundation and Department of Defense.

More Posts