Being a responsible corporate citizen and member of the local community is at the core of Control Gap’s daily operations. We believe in making work a rewarding experience by incorporating fun team events within our corporate culture, and supporting cause-related and local organizations.

Blog

WP_Query Object ( [query] => Array ( [post_type] => post [post_status] => publish [cat] => 14, 134, 1 [orderby] => date [order] => desc [posts_per_page] => 3 [paged] => 8 [ignore_sticky_posts] => 1 ) [query_vars] => Array ( [post_type] => post [post_status] => publish [cat] => 14 [orderby] => date [order] => DESC [posts_per_page] => 3 [paged] => 8 [ignore_sticky_posts] => 1 [error] => [m] => [p] => 0 [post_parent] => [subpost] => [subpost_id] => [attachment] => [attachment_id] => 0 [name] => [static] => [pagename] => [page_id] => 0 [second] => [minute] => [hour] => [day] => 0 [monthnum] => 0 [year] => 0 [w] => 0 [category_name] => charity [tag] => [tag_id] => [author] => [author_name] => [feed] => [tb] => [meta_key] => [meta_value] => [preview] => [s] => [sentence] => [title] => [fields] => [menu_order] => [embed] => [category__in] => Array ( ) [category__not_in] => Array ( ) [category__and] => Array ( ) [post__in] => Array ( ) [post__not_in] => Array ( ) [post_name__in] => Array ( ) [tag__in] => Array ( ) [tag__not_in] => Array ( ) [tag__and] => Array ( ) [tag_slug__in] => Array ( ) [tag_slug__and] => Array ( ) [post_parent__in] => Array ( ) [post_parent__not_in] => Array ( ) [author__in] => Array ( ) [author__not_in] => Array ( ) [update_post_term_cache] => 1 [suppress_filters] => [cache_results] => 1 [lazy_load_term_meta] => 1 [update_post_meta_cache] => 1 [nopaging] => [comments_per_page] => 50 [no_found_rows] => ) [tax_query] => WP_Tax_Query Object ( [queries] => Array ( [0] => Array ( [taxonomy] => category [terms] => Array ( [0] => 14 [1] => 134 [2] => 1 ) [field] => term_id [operator] => IN [include_children] => 1 ) ) [relation] => AND [table_aliases:protected] => Array ( [0] => wpcm_term_relationships ) [queried_terms] => Array ( [category] => Array ( [terms] => Array ( [0] => 14 [1] => 134 [2] => 1 ) [field] => term_id ) ) [primary_table] => wpcm_posts [primary_id_column] => ID ) [meta_query] => WP_Meta_Query Object ( [queries] => Array ( ) [relation] => [meta_table] => [meta_id_column] => [primary_table] => [primary_id_column] => [table_aliases:protected] => Array ( ) [clauses:protected] => Array ( ) [has_or_relation:protected] => ) [date_query] => [request] => SELECT SQL_CALC_FOUND_ROWS wpcm_posts.ID FROM wpcm_posts LEFT JOIN wpcm_term_relationships ON (wpcm_posts.ID = wpcm_term_relationships.object_id) WHERE 1=1 AND ( wpcm_term_relationships.term_taxonomy_id IN (1,14,134) ) AND wpcm_posts.post_type = 'post' AND ((wpcm_posts.post_status = 'publish')) GROUP BY wpcm_posts.ID ORDER BY wpcm_posts.menu_order, wpcm_posts.post_date DESC LIMIT 21, 3 [posts] => Array ( [0] => WP_Post Object ( [ID] => 1367 [post_author] => 7 [post_date] => 2017-02-23 13:26:24 [post_date_gmt] => 2017-02-23 13:26:24 [post_content] =>

History

The SHA-1 cryptographic hash function was introduced in 1995. Weaknesses began to be discovered in 2005, and in 2011 NIST deprecated SHA-1. The use of SHA-1 web site certificates has been stopped. And now a practical collision attack against SHA-1 has been demonstrated by researchers who were able to create two different PDF files of the same length that produced an identical SHA-1 hash. The attack while practical is still a bit expensive, but I would expect speed improvements to emerge. Hash functions like SHA-1 are used for validating the integrity of messages, software updates, and as unique signatures for data. The existence of a practical collision attack casts doubt on these applications.

SHA-1 and PCI Compliance Today

Within the realm of PCI compliance, hash functions are used to render cardholder data unreadable (PCI DSS 3.4) and to validate the integrity of software source libraries and updates (PA-DSS and DSS software development). The use of hashes in PCI to render cardholder data unreadable is already subject to a number of restrictions and caveats to prevent attackers correlating truncated (partial) PAN with hashed. How does the Shattered attack impact these uses of SHA-1?
  • Validating the integrity of a vendor’s software updates – clearly at risk
  • Detect changes in source code control systems – unlikely to be at risk as the application is change/error detection and the source is still available
  • Rendering cardholder data unreadable – unlikely to be at risk as the hash is not used for validation
  • Use of HMAC-SHA-1 in TLS cipher suites is not yet considered at risk
If you are using SHA-1, should you be worried about your compliance?  The answer, of course, depends upon how you are using it (see above). I would expect that the PCI Security Standards Council will make some announcements and issue clarifications as a result of this. Organizations relying upon SHA-1 that have not yet switched to a more secure hash like SHA-256 (or better SHA-3 standardized by NIST in 2012)  should be accelerating this process and developing a strategy to address this. One of the first things you should be reaching out to your software vendors to find out what they are doing about this.

Learn More

_______________________________________________________________ Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant. [post_title] => SHA-1 Is Dead! [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => sha-1-is-dead [to_ping] => [pinged] => [post_modified] => 2017-03-28 14:46:26 [post_modified_gmt] => 2017-03-28 14:46:26 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1367 [menu_order] => 139 [post_type] => post [post_mime_type] => [comment_count] => 1 [filter] => raw ) [1] => WP_Post Object ( [ID] => 1352 [post_author] => 7 [post_date] => 2017-02-02 18:49:18 [post_date_gmt] => 2017-02-02 18:49:18 [post_content] =>   This year, Control Gap Inc. has donated $2,500 to The Enbridge Ride to Conquer Cancer which has been supporting the Princess Margaret Cancer Centre over the last 10 years. The fundraiser consists of a 200 kilometer bike ride across the Greater Toronto and Hamilton Area, including Niagara Falls. The ride takes place over the course of two days. You may find out more information about the event and how you can participate and donate here.   [post_title] => 2017 Toronto Ride To Conquer Cancer [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => 2017-toronto-ride-conquer-cancer [to_ping] => [pinged] => [post_modified] => 2017-02-02 18:50:55 [post_modified_gmt] => 2017-02-02 18:50:55 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1352 [menu_order] => 140 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [2] => WP_Post Object ( [ID] => 1084 [post_author] => 2 [post_date] => 2017-01-17 17:30:47 [post_date_gmt] => 2017-01-17 17:30:47 [post_content] => Masking and truncation of cardholder data may seem the same on the surface (eg. 423456XXXXXX7890); however, each implies different functionality. Masking applies to displays and implies the data can be accessed behind the scenes. Truncation applies to storage and implies the permanent and irrecoverable transformation of the original data. For more see the official PCI Compliance glossary. _______________________________________________________________ Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.   [post_title] => What Is The Difference Between Masking And Truncation In PCI Compliance? [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => masking-and-truncation-in-pci-compliance [to_ping] => [pinged] => [post_modified] => 2017-03-02 17:23:41 [post_modified_gmt] => 2017-03-02 17:23:41 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1084 [menu_order] => 141 [post_type] => post [post_mime_type] => [comment_count] => 1 [filter] => raw ) ) [post_count] => 3 [current_post] => -1 [in_the_loop] => [post] => WP_Post Object ( [ID] => 1367 [post_author] => 7 [post_date] => 2017-02-23 13:26:24 [post_date_gmt] => 2017-02-23 13:26:24 [post_content] =>

History

The SHA-1 cryptographic hash function was introduced in 1995. Weaknesses began to be discovered in 2005, and in 2011 NIST deprecated SHA-1. The use of SHA-1 web site certificates has been stopped. And now a practical collision attack against SHA-1 has been demonstrated by researchers who were able to create two different PDF files of the same length that produced an identical SHA-1 hash. The attack while practical is still a bit expensive, but I would expect speed improvements to emerge. Hash functions like SHA-1 are used for validating the integrity of messages, software updates, and as unique signatures for data. The existence of a practical collision attack casts doubt on these applications.

SHA-1 and PCI Compliance Today

Within the realm of PCI compliance, hash functions are used to render cardholder data unreadable (PCI DSS 3.4) and to validate the integrity of software source libraries and updates (PA-DSS and DSS software development). The use of hashes in PCI to render cardholder data unreadable is already subject to a number of restrictions and caveats to prevent attackers correlating truncated (partial) PAN with hashed. How does the Shattered attack impact these uses of SHA-1?
  • Validating the integrity of a vendor’s software updates – clearly at risk
  • Detect changes in source code control systems – unlikely to be at risk as the application is change/error detection and the source is still available
  • Rendering cardholder data unreadable – unlikely to be at risk as the hash is not used for validation
  • Use of HMAC-SHA-1 in TLS cipher suites is not yet considered at risk
If you are using SHA-1, should you be worried about your compliance?  The answer, of course, depends upon how you are using it (see above). I would expect that the PCI Security Standards Council will make some announcements and issue clarifications as a result of this. Organizations relying upon SHA-1 that have not yet switched to a more secure hash like SHA-256 (or better SHA-3 standardized by NIST in 2012)  should be accelerating this process and developing a strategy to address this. One of the first things you should be reaching out to your software vendors to find out what they are doing about this.

Learn More

_______________________________________________________________ Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant. [post_title] => SHA-1 Is Dead! [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => sha-1-is-dead [to_ping] => [pinged] => [post_modified] => 2017-03-28 14:46:26 [post_modified_gmt] => 2017-03-28 14:46:26 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1367 [menu_order] => 139 [post_type] => post [post_mime_type] => [comment_count] => 1 [filter] => raw ) [comment_count] => 0 [current_comment] => -1 [found_posts] => 51 [max_num_pages] => 17 [max_num_comment_pages] => 0 [is_single] => [is_preview] => [is_page] => [is_archive] => 1 [is_date] => [is_year] => [is_month] => [is_day] => [is_time] => [is_author] => [is_category] => 1 [is_tag] => [is_tax] => [is_search] => [is_feed] => [is_comment_feed] => [is_trackback] => [is_home] => [is_404] => [is_embed] => [is_paged] => 1 [is_admin] => [is_attachment] => [is_singular] => [is_robots] => [is_posts_page] => [is_post_type_archive] => [query_vars_hash:WP_Query:private] => a3a868a3794304d474bc6379faa9b38c [query_vars_changed:WP_Query:private] => 1 [thumbnails_cached] => [stopwords:WP_Query:private] => [compat_fields:WP_Query:private] => Array ( [0] => query_vars_hash [1] => query_vars_changed ) [compat_methods:WP_Query:private] => Array ( [0] => init_query_flags [1] => parse_tax_query ) )
WP_Query Object ( [query] => Array ( [post_type] => post [post_status] => publish [cat] => 14, 134, 1 [orderby] => date [order] => desc [posts_per_page] => 3 [paged] => 8 [ignore_sticky_posts] => 1 ) [query_vars] => Array ( [post_type] => post [post_status] => publish [cat] => 14 [orderby] => date [order] => DESC [posts_per_page] => 3 [paged] => 8 [ignore_sticky_posts] => 1 [error] => [m] => [p] => 0 [post_parent] => [subpost] => [subpost_id] => [attachment] => [attachment_id] => 0 [name] => [static] => [pagename] => [page_id] => 0 [second] => [minute] => [hour] => [day] => 0 [monthnum] => 0 [year] => 0 [w] => 0 [category_name] => charity [tag] => [tag_id] => [author] => [author_name] => [feed] => [tb] => [meta_key] => [meta_value] => [preview] => [s] => [sentence] => [title] => [fields] => [menu_order] => [embed] => [category__in] => Array ( ) [category__not_in] => Array ( ) [category__and] => Array ( ) [post__in] => Array ( ) [post__not_in] => Array ( ) [post_name__in] => Array ( ) [tag__in] => Array ( ) [tag__not_in] => Array ( ) [tag__and] => Array ( ) [tag_slug__in] => Array ( ) [tag_slug__and] => Array ( ) [post_parent__in] => Array ( ) [post_parent__not_in] => Array ( ) [author__in] => Array ( ) [author__not_in] => Array ( ) [update_post_term_cache] => 1 [suppress_filters] => [cache_results] => 1 [lazy_load_term_meta] => 1 [update_post_meta_cache] => 1 [nopaging] => [comments_per_page] => 50 [no_found_rows] => ) [tax_query] => WP_Tax_Query Object ( [queries] => Array ( [0] => Array ( [taxonomy] => category [terms] => Array ( [0] => 14 [1] => 134 [2] => 1 ) [field] => term_id [operator] => IN [include_children] => 1 ) ) [relation] => AND [table_aliases:protected] => Array ( [0] => wpcm_term_relationships ) [queried_terms] => Array ( [category] => Array ( [terms] => Array ( [0] => 14 [1] => 134 [2] => 1 ) [field] => term_id ) ) [primary_table] => wpcm_posts [primary_id_column] => ID ) [meta_query] => WP_Meta_Query Object ( [queries] => Array ( ) [relation] => [meta_table] => [meta_id_column] => [primary_table] => [primary_id_column] => [table_aliases:protected] => Array ( ) [clauses:protected] => Array ( ) [has_or_relation:protected] => ) [date_query] => [request] => SELECT SQL_CALC_FOUND_ROWS wpcm_posts.ID FROM wpcm_posts LEFT JOIN wpcm_term_relationships ON (wpcm_posts.ID = wpcm_term_relationships.object_id) WHERE 1=1 AND ( wpcm_term_relationships.term_taxonomy_id IN (1,14,134) ) AND wpcm_posts.post_type = 'post' AND ((wpcm_posts.post_status = 'publish')) GROUP BY wpcm_posts.ID ORDER BY wpcm_posts.menu_order, wpcm_posts.post_date DESC LIMIT 21, 3 [posts] => Array ( [0] => WP_Post Object ( [ID] => 1367 [post_author] => 7 [post_date] => 2017-02-23 13:26:24 [post_date_gmt] => 2017-02-23 13:26:24 [post_content] =>

History

The SHA-1 cryptographic hash function was introduced in 1995. Weaknesses began to be discovered in 2005, and in 2011 NIST deprecated SHA-1. The use of SHA-1 web site certificates has been stopped. And now a practical collision attack against SHA-1 has been demonstrated by researchers who were able to create two different PDF files of the same length that produced an identical SHA-1 hash. The attack while practical is still a bit expensive, but I would expect speed improvements to emerge. Hash functions like SHA-1 are used for validating the integrity of messages, software updates, and as unique signatures for data. The existence of a practical collision attack casts doubt on these applications.

SHA-1 and PCI Compliance Today

Within the realm of PCI compliance, hash functions are used to render cardholder data unreadable (PCI DSS 3.4) and to validate the integrity of software source libraries and updates (PA-DSS and DSS software development). The use of hashes in PCI to render cardholder data unreadable is already subject to a number of restrictions and caveats to prevent attackers correlating truncated (partial) PAN with hashed. How does the Shattered attack impact these uses of SHA-1?
  • Validating the integrity of a vendor’s software updates – clearly at risk
  • Detect changes in source code control systems – unlikely to be at risk as the application is change/error detection and the source is still available
  • Rendering cardholder data unreadable – unlikely to be at risk as the hash is not used for validation
  • Use of HMAC-SHA-1 in TLS cipher suites is not yet considered at risk
If you are using SHA-1, should you be worried about your compliance?  The answer, of course, depends upon how you are using it (see above). I would expect that the PCI Security Standards Council will make some announcements and issue clarifications as a result of this. Organizations relying upon SHA-1 that have not yet switched to a more secure hash like SHA-256 (or better SHA-3 standardized by NIST in 2012)  should be accelerating this process and developing a strategy to address this. One of the first things you should be reaching out to your software vendors to find out what they are doing about this.

Learn More

_______________________________________________________________ Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant. [post_title] => SHA-1 Is Dead! [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => sha-1-is-dead [to_ping] => [pinged] => [post_modified] => 2017-03-28 14:46:26 [post_modified_gmt] => 2017-03-28 14:46:26 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1367 [menu_order] => 139 [post_type] => post [post_mime_type] => [comment_count] => 1 [filter] => raw ) [1] => WP_Post Object ( [ID] => 1352 [post_author] => 7 [post_date] => 2017-02-02 18:49:18 [post_date_gmt] => 2017-02-02 18:49:18 [post_content] =>   This year, Control Gap Inc. has donated $2,500 to The Enbridge Ride to Conquer Cancer which has been supporting the Princess Margaret Cancer Centre over the last 10 years. The fundraiser consists of a 200 kilometer bike ride across the Greater Toronto and Hamilton Area, including Niagara Falls. The ride takes place over the course of two days. You may find out more information about the event and how you can participate and donate here.   [post_title] => 2017 Toronto Ride To Conquer Cancer [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => 2017-toronto-ride-conquer-cancer [to_ping] => [pinged] => [post_modified] => 2017-02-02 18:50:55 [post_modified_gmt] => 2017-02-02 18:50:55 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1352 [menu_order] => 140 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [2] => WP_Post Object ( [ID] => 1084 [post_author] => 2 [post_date] => 2017-01-17 17:30:47 [post_date_gmt] => 2017-01-17 17:30:47 [post_content] => Masking and truncation of cardholder data may seem the same on the surface (eg. 423456XXXXXX7890); however, each implies different functionality. Masking applies to displays and implies the data can be accessed behind the scenes. Truncation applies to storage and implies the permanent and irrecoverable transformation of the original data. For more see the official PCI Compliance glossary. _______________________________________________________________ Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.   [post_title] => What Is The Difference Between Masking And Truncation In PCI Compliance? [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => masking-and-truncation-in-pci-compliance [to_ping] => [pinged] => [post_modified] => 2017-03-02 17:23:41 [post_modified_gmt] => 2017-03-02 17:23:41 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1084 [menu_order] => 141 [post_type] => post [post_mime_type] => [comment_count] => 1 [filter] => raw ) ) [post_count] => 3 [current_post] => -1 [in_the_loop] => [post] => WP_Post Object ( [ID] => 1367 [post_author] => 7 [post_date] => 2017-02-23 13:26:24 [post_date_gmt] => 2017-02-23 13:26:24 [post_content] =>

History

The SHA-1 cryptographic hash function was introduced in 1995. Weaknesses began to be discovered in 2005, and in 2011 NIST deprecated SHA-1. The use of SHA-1 web site certificates has been stopped. And now a practical collision attack against SHA-1 has been demonstrated by researchers who were able to create two different PDF files of the same length that produced an identical SHA-1 hash. The attack while practical is still a bit expensive, but I would expect speed improvements to emerge. Hash functions like SHA-1 are used for validating the integrity of messages, software updates, and as unique signatures for data. The existence of a practical collision attack casts doubt on these applications.

SHA-1 and PCI Compliance Today

Within the realm of PCI compliance, hash functions are used to render cardholder data unreadable (PCI DSS 3.4) and to validate the integrity of software source libraries and updates (PA-DSS and DSS software development). The use of hashes in PCI to render cardholder data unreadable is already subject to a number of restrictions and caveats to prevent attackers correlating truncated (partial) PAN with hashed. How does the Shattered attack impact these uses of SHA-1?
  • Validating the integrity of a vendor’s software updates – clearly at risk
  • Detect changes in source code control systems – unlikely to be at risk as the application is change/error detection and the source is still available
  • Rendering cardholder data unreadable – unlikely to be at risk as the hash is not used for validation
  • Use of HMAC-SHA-1 in TLS cipher suites is not yet considered at risk
If you are using SHA-1, should you be worried about your compliance?  The answer, of course, depends upon how you are using it (see above). I would expect that the PCI Security Standards Council will make some announcements and issue clarifications as a result of this. Organizations relying upon SHA-1 that have not yet switched to a more secure hash like SHA-256 (or better SHA-3 standardized by NIST in 2012)  should be accelerating this process and developing a strategy to address this. One of the first things you should be reaching out to your software vendors to find out what they are doing about this.

Learn More

_______________________________________________________________ Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant. [post_title] => SHA-1 Is Dead! [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => sha-1-is-dead [to_ping] => [pinged] => [post_modified] => 2017-03-28 14:46:26 [post_modified_gmt] => 2017-03-28 14:46:26 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1367 [menu_order] => 139 [post_type] => post [post_mime_type] => [comment_count] => 1 [filter] => raw ) [comment_count] => 0 [current_comment] => -1 [found_posts] => 51 [max_num_pages] => 17 [max_num_comment_pages] => 0 [is_single] => [is_preview] => [is_page] => [is_archive] => 1 [is_date] => [is_year] => [is_month] => [is_day] => [is_time] => [is_author] => [is_category] => 1 [is_tag] => [is_tax] => [is_search] => [is_feed] => [is_comment_feed] => [is_trackback] => [is_home] => [is_404] => [is_embed] => [is_paged] => 1 [is_admin] => [is_attachment] => [is_singular] => [is_robots] => [is_posts_page] => [is_post_type_archive] => [query_vars_hash:WP_Query:private] => a3a868a3794304d474bc6379faa9b38c [query_vars_changed:WP_Query:private] => 1 [thumbnails_cached] => [stopwords:WP_Query:private] => [compat_fields:WP_Query:private] => Array ( [0] => query_vars_hash [1] => query_vars_changed ) [compat_methods:WP_Query:private] => Array ( [0] => init_query_flags [1] => parse_tax_query ) )
SHA-1 Is Dead!
February 23 2017

History The SHA-1 cryptographic hash function was introduced in 1995. Weaknesses began to be discovered in 2005, and in 2011 NIST deprecated SHA-1. The use of SHA-1 web site certificates has been stopped. And now a practical collision attack against SHA-1 has been demonstrated by researchers who were able to create two different PDF files

Read More
2017 Toronto Ride To Conquer Cancer
February 2 2017

  This year, Control Gap Inc. has donated $2,500 to The Enbridge Ride to Conquer Cancer which has been supporting the Princess Margaret Cancer Centre over the last 10 years. The fundraiser consists of a 200 kilometer bike ride across the Greater Toronto and Hamilton Area, including Niagara Falls. The ride takes place over the

Read More
What Is The Difference Between Masking And Truncation In PCI Compliance?
January 17 2017

Masking and truncation of cardholder data may seem the same on the surface (eg. 423456XXXXXX7890); however, each implies different functionality. Masking applies to displays and implies the data can be accessed behind the scenes. Truncation applies to storage and implies the permanent and irrecoverable transformation of the original data. For more see the official PCI

Read More

e-newsletter

Want important PCI information delivered to you? Sign-up to our e-newsletter and be the first one to know about industry news and trend, offers and promotions.

×

Contact

×

PCI Pilot™ is coming soon!

Our highly-anticipated online tool will be launching very soon to make your PCI SAQ process quick and seamless.

Sign-up today and be among the first to know when PCI Pilot™ is live!