News & Thoughts from the Axenic Team
Always remember this -> Without ambition, one starts nothing. Without work, one finishes nothing. The prize will not be sent to you. You have to win it – Ralph Waldo Emerson.
If you’re reading this blog, you probably already have some experience with security standards and certifications – maybe you even hold a few yourself. In this blog, I will shed some light on my own journey to gain the QSA qualification and break down the steps I took to make this happen.
We have come across a number of scenarios recently where there seems to be a bit of confusion between masking and truncation and when to use which one. The following update from the Axenic PCI department should help clear things up.
“How does driving a 1,300km journey during the COVID-19 lockdown relate to PCI compliance?” I hear you say…
As those of you who know me, or have seen me present will know, I love a good metaphor.
Over Easter weekend I had the somewhat surreal experience of driving the 1,300km journey from home to Auckland International Airport and back again during New Zealand’s level 4 COVID-19 lockdown. On the trip home I was reflecting and couldn’t help thinking about the similarities between the lockdown, making this a safe compliant trip and PCI DSS compliance.
Verizon has published its 2014 PCI Compliance Report, which can be downloaded from here. Like their Data Breach Investigation Report (DBIR) it is an excellent piece of research and provides insight into the challenges associated with complying with the Payment Card Industry’s Data Security Standard (PCI DSS) v2.0.
On the 30 March Global Payments Inc. announced that it had suffered a data breach that had led to the Track 2 (i.e., the primary account number, expiration date, service code, PIN and CVV number) data of approximately 1.5 million credit cards being “exported” from its North American payment processing system.
