Hardware, software and expert advice for digital signage and kiosks
 Home Products Solutions Blog Support Company News Contact
Customer Login 
WireSpring Blog SignageWire
Latest Articles Full Article List

SignageWire

New PCI version coming in October

Author: WireSpring on 2008-05-16 14:09:43

As Evan at StoreFront Backtalk tells us:

By this Halloween, the PCI Council will unveil the first major revision of PCI DSS payment card security program in two years. But with the council not releasing any true details about the changes, nervous retailers are truly wondering "Trick or Treat?"

Robert Russo, the general manager of the PCI Council and a man who never met an acronym he didn't like (when we chatted, he tried turning QA into a verb—and he frighteningly got darn close), is trying to play down the significance of the new version, describing the modifications as "minor changes."

"We happen to think that the standard is pretty damn good the way it is right now," Russo said. "It goes to the feedback that we've been getting. It's as good as it is without needing to make a major overhaul."

That said, Russo stressed that the new tweaks they are making will be mostly in three key areas: wireless; application security: and penetration testing.

Some of the changes will involve clarifications on requirements and "there will be some things about the reports and what we are looking for in the reports." In wireless, for example, Russo said current wording about WPA and WPA2 and WEP—which suggests that networks need to use both—will be changed, but he couldn't say what it will be changed to.
Our take:

PCI compliance continues to be a tricky act to master, especially for large retailers with massive investments in decades-old point-of-sale and data warehousing technology.  That having been said, though, it's a huge step in the right direction for many of these same companies, since they sometimes tend to have less-than-optimal security practices and procedures in place.

WireSpring spends a good amount of time keeping our systems compliant and our apps up-to-date with PABP specifications, so we're hoping that the new spec won't be too far away from the current one in terms of implementation requierments and best practices.  One trend we've seen so far is an increase in retailer suspicion towards kiosks, digital signs or any other devices installed inside their networks that need to communicate with the outside world, and we suspect that much of this newfound skepticism is likely due to the difficulties with getting -- and keeping -- these large networks in compliance.


Comments (0)

Subscribe to comments for this article | Trackback

Leave a Comment

Name:
Email Address:
(required but won't be shown)
Website:
Comment:
(max 2000 characters)
Are you a human? If so, uncheck this box:



Digg this! | Del.icio.us


Previous Article: Adcentricity opens NY office
Next Article: ProLink Holdings reports Q1 2008 earnings

Back to the SignageWire front page

LEGAL STUFF: SignageWire is written by the WireSpring staff but may periodically include articles by guest authors. The author of each article is clearly identified at the start of the article. The opinions expressed in each article are solely those of the author, and do not reflect the official opinions of WireSpring Technologies, Inc. All SignageWire articles are copyright © 2008 WireSpring Technologies, Inc. or the guest author, as appropriate. All content besides the actual article text, e.g. surrounding branding and informational content, is copyright © 2000-2008 WireSpring Technologies, Inc. All rights reserved. Except as provided in WireSpring's Republishing and Syndication Policy, no SignageWire content may be reproduced, in whole or in part, without WireSpring's express written consent.

Subscribe via RSS
If you use one of these services, click the button to subscribe to automatic updates:


For advanced users or those with other services, here is the XML link:
Subscribe via XML/RSS/RDF Subscribe via XML/RSS/RDF

What's this blog about?
Whether you're new to digital signs and kiosks or you've been in the business for years, you've probably noticed that nearly every announcement and press release contains a huge amount of hype. Our goal with this blog is to provide coverage of the more interesting happenings, along with commentary to give you a reality-check on what matters and what's just fluff. We post new articles several times a week.

Questions?  Start a live chat • Call us at (800) 989-9269 or +1 (954) 548-3300 • Get pricing and trial info
Copyright © 2000-2008 WireSpring Technologies, Inc. All rights reserved. Except as provided in our Republishing and Syndication Policy, no content on this website may be reproduced, in whole or in part, without our express written consent. View our privacy and legal info.