6 min read
Visa 8-Digit BINs are Just Around the Corner and Many Questions Remain
If your business processes or stores the full-BIN, you need to know if you will be impacted by Visa's Numerics Initiative (i.e., the 8-Digit BIN...
pci (4)
4 min read
PINs, Passwords, and PCI
PINs, Passwords, and PCI What is the difference between Passwords and Passphrases, PINs, and other authentication factors under PCI DSS? Our team was...
1 min read
How Microsoft Support Expiry can Affect Your PCI Compliance
Microsoft support offerings are designed to provide guidance for system administrators and managers. However, details of the Microsoft “Support...
What Is Sensitive Authentication Data in PCI Compliance?
Sensitive authentication data, aka SAD, in PCI compliance is data used by the issuers of cards to authorize transactions. Similar to cardholder data,...
1 min read
CDRThief New VoIP Linux Malware – Can Credit Card Skimmers be Far Behind?
Many organizations have either undergone or are planning migrations or acceleration of call centers, remote working, and online presence exploiting...
5 min read
The ENTITY (a scary PCI monster)
If you're subject to PCI DSS you need to understand "The ENTITY". We aren't talking about a horror movie. Instead we are talking about something...
Control Gap at Vancouver PCI Community Meeting
Control Gap is excited to announce that we will be exhibiting at this year’s @PCISecurityStandardsCouncil Community Meeting on September 17-19. Don’t...
2 min read
What's the minimum I need to do for PCI?
As we complete the 3rd hour of the meeting discussing PCI scope, the customer turns to me and asks, “So what’s the minimum that I need to do to pass...
6 min read
This Week’s [in]Security – Issue 115
Welcome to This Week’s [in]Security. This week: a quiet week for PCI, RDP MFA bypass, make SSNs public, AMCA (Quest, LabCorp, OPKO) breach, Data...